{"id":498,"date":"2026-04-28T12:13:32","date_gmt":"2026-04-28T10:13:32","guid":{"rendered":"https:\/\/www.nikostotz.de\/blog\/?p=498"},"modified":"2026-04-28T12:54:47","modified_gmt":"2026-04-28T10:54:47","slug":"ai-will-end-anonymity-on-the-internet","status":"publish","type":"post","link":"https:\/\/www.nikostotz.de\/blog\/ai-will-end-anonymity-on-the-internet\/","title":{"rendered":"AI will end anonymity on the Internet"},"content":{"rendered":"\n

tl;dr<\/strong> AI slop is here to stay. We cannot detect<\/em> AI content, thus we must mark<\/em> human content. This requires to identify the human to a varying degree. The fundamental technology is there, and will be integrated in browsers.<\/p>\n\n\n\n\n\n\n\n

AI slop is here to stay<\/h2>\n\n\n\n
\"\"<\/a><\/figure>\n\n\n\n

I tried to search for C6 envelope templates on the web \u2013 hardly a topic to bring forth the next billionaire. Nonetheless, two-thirds of the webpages were clearly AI generated. (Current research estimates \u2153 of new websites to be AI slop<\/a>.)<\/p>\n\n\n\n

My ad-blocker saved me, but seemingly even slop sites for such a benign topic are economically viable. This won\u2019t stop once Claude et al. charge profitable fees<\/a> (read: > $ 1000 per user per month) for their service. Such a slop site is there for the long game. The economical incentive doesn\u2019t change if it takes a local model on a tiny machine a week to create the site.<\/p>\n\n\n\n

Detecting AI content is impossible<\/h2>\n\n\n\n

AI can create content at superhuman speed, overwhelming any manual review system. Therefore, we would need to rely on automated detection systems. The only realistic chance are AI systems that detect AI content<\/a>. We can only lose this arms race: While creating the slop site, the “author” can run it against AI detectors and fine-tune until it passes.<\/p>\n\n\n\n

Watermarking does work technically for higher bandwidth content (images, audio, video), but the “authors” easily can use custom AI systems that don\u2019t create watermarks.<\/p>\n\n\n\n

We need to recognize genuine human content<\/h2>\n\n\n\n

We can\u2019t detect AI content, but still want to enjoy human-made content. But why?<\/p>\n\n\n\n

In the C6 envelope example above, none of the AI slop sites hosted actual<\/em> templates. They contained lots of generic text on the topic, and linked to templates on, or stole templates from, other sites. They made it harder to find what I was actually looking for.<\/p>\n\n\n\n

Skimming a site for downloadable templates at least doesn\u2019t take too much mental effort. But for a lot of slop sites, we can only determine their uselessness after reading for some time. They consume our mental resources without providing value.<\/p>\n\n\n\n

At least such slop sites are only after our money (via ads). Others want<\/em> to misinform us. Recognizing such attempts could very well prove to be vital for our societies.<\/p>\n\n\n\n

Future progress on AI also needs to recognize human-written texts, as LLMs trained on generated output collapse<\/a>.<\/p>\n\n\n\n

Current AI crawlers overload lots of websites by bombarding them with thousands of requests. These crawlers ignore the website\u2019s rules (robots.txt) about the part of the website they should leave alone. A website can terminate any connection to non-human counterparts.<\/p>\n\n\n\n

If you can\u2019t detect the enemy, identify the allies<\/h2>\n\n\n\n

If we can\u2019t detect the bad apples, we need to identify the good ones. We can\u2019t rely on “I\u2019m a human, pinky swear” promises, as any AI can forge such statements. We need a (mostly) tamper-proof system of identification.<\/p>\n\n\n\n

Thankfully, we don\u2019t need to invent such a system from scratch: the public key infrastructure maintained and enforced by CA\/Browser forum<\/a> serves a similar purpose. It makes sure that visiting https<\/strong>:\/\/www.wikipedia.org\/<\/a> shows us the contents of Wikipedia, without anybody tampering with the contents. It is fully integrated in the browser, we don\u2019t need to do anything special.<\/p>\n\n\n\n

It is a very complex, but mostly working system, that avoids all-powerful gatekeepers: the “trust roots” are called certificate authorities<\/em>, and we can have lots of them; any website can participate; and all browsers support the standard.<\/p>\n\n\n\n

https gives us users the trust that we see the genuine website \u2013 but how can the website trust the user? We also have existing technology for this: the Web Authentication API<\/a> standard defines how a website can trust a browser to identify the user in front of it, e.g. by user presence<\/a>, meaning pressing a physical button.<\/p>\n\n\n\n

These technologies are building blocks for a future standard that reliably identifies humans. To fight AI slop this standard doesn\u2019t need to be bullet-proof; it must only make AI slop more expensive than troll farms<\/a> and scam centers<\/a>. (Such a standard might even help against the latter exploitations, if it included revocation of misused anonymous identities.)<\/p>\n\n\n\n

This would not stop humans from using<\/em> AI to create their content, and that\u2019s ok: Use cases like translation, grammar fixes, and picture touch-up, are legitimate and helpful AI applications. As long as a human is involved, and takes responsibility for the result, this doesn\u2019t turn the tide of AI slop.<\/p>\n\n\n\n

All your identity are belong to us?<\/h2>\n\n\n\n

Does this mean every website will know everything about every visitor? Thankfully, no. Standards like ISO 18013-5<\/a> (also used in the European age verification app<\/a>) allow for different levels of attestation. Similar technology will be part of every web browser, the same as https is now. The “trust root” will be countries, the same as for official documents like driver\u2019s license or passport.<\/p>\n\n\n\n

Each website can choose the level of attestation it requires:<\/p>\n\n\n\n

\n
unknown<\/dt>\n\n\n\n
No attestation at all \u2013 same as today\u2019s public websites.This will be the Internet\u2019s 4chan<\/em>. It exists, some may visit it for specific use-cases, but it will generally be ignored. Search engines will not show content from such sites (at least by default).<\/dd>\n\n\n\n
anonymous<\/dt>\n\n\n\n
The website only asks that the user is<\/em> a human, it doesn\u2019t care who<\/em> the user is, and never gets this information.This will be the default for most websites, akin to a reliable version of today\u2019s “I\u2019m not a bot” checkboxes. The aforementioned standards ensure that only serious<\/em> collusion between browsers, internet providers, website owners, and countries might lead to the actual identity of the visitor.<\/dd>\n\n\n\n
pseudonymous<\/dt>\n\n\n\n
The website asks for an\u00a0alias<\/em>\u00a0(or username<\/em>) of the human user. The\u00a0same<\/em>\u00a0website always gets the same alias for the same user, but a\u00a0different<\/em>\u00a0website will get a different alias.
This will be for websites like forums that in general don\u2019t care\u00a0who<\/em>\u00a0the user is, but want to prevent the\u00a0same<\/em>\u00a0user to create multiple accounts. Depending on the implementation, the website together with the originating country might reveal the actual identity of the visitor.<\/dd>\n\n\n\n
identified<\/dt>\n\n\n\n
The website asks for a proven identity of the human user.This is already used today for websites like banks, company-internal systems, or government agencies. The website owner already knows the user\u2019s identity. The user also expects<\/em> to be identified \u2013 nobody wants anonymous logins to their bank account!<\/dd>\n<\/dl>\n\n\n\n
<\/dl>\n\n\n\n

The end of free Internet?!<\/h2>\n\n\n\n

Lots of people consider anonymous Internet usage as standard. This might not be warranted \u2013 most countries (including countries that claim to value freedom<\/a>) have technical abilities to identify users via their IP address. Actual<\/em> anonymity requires serious effort<\/a> and constant vigilance on any potentially identifying information.<\/p>\n\n\n\n

I\u2019m not saying I like<\/em> this trajectory. I argue we won\u2019t have a good choice \u2013 either drown in AI slop or give up some level of anonymity. Done right, we might win at least a bit of consolation: actual anonymity<\/em> would still be possible with the right tools; anonymous<\/em> websites could be really anonymous, also towards governments; pseudonymous<\/em> forum access could be sufficient to catch CSAM<\/a> offenders and prevent governments from enforcing more stringent surveillance measures; and identifying<\/em> to banks and government websites could become a lot less of a hassle.<\/p>\n","protected":false},"excerpt":{"rendered":"

tl;dr AI slop is here to stay. We cannot detect AI content, thus we must mark human content. This requires to identify the human to a varying degree. The fundamental technology is there, and will be integrated in browsers.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[38,39],"class_list":["post-498","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-ai","tag-anonymity"],"_links":{"self":[{"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/posts\/498","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/comments?post=498"}],"version-history":[{"count":5,"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/posts\/498\/revisions"}],"predecessor-version":[{"id":504,"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/posts\/498\/revisions\/504"}],"wp:attachment":[{"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/media?parent=498"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/categories?post=498"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.nikostotz.de\/blog\/wp-json\/wp\/v2\/tags?post=498"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}