When thinking about anonymity, direct identifiers are the first thing to check.
A direct identifier is information that can easily identify a person or someone connected to them by itself.
Names, email addresses, phone numbers, addresses, face photos, latitude and longitude, social media handles, employee numbers, student numbers, and similar information fall into this category.
Even if you "hid the IP address," "used a ," or "created a pseudonymous account," anonymity breaks if direct identifiers remain in the text or files.
This article organizes what direct identifiers are, where they tend to remain, and how to check them before publication.
What are direct identifiers?
Direct identifiers are information that tends to point directly to a person or someone connected to them.
Type
Example
Anonymity caution
Name
Legal name, former name, nickname connected to a real name
Leads close to the person by itself
Contact information
Email, phone number, social media ID
Connects with accounts and past information
Address and coordinates
Address, latitude and longitude, building name
Directly shows activity area or location
Face and voice
Face photo, voice, video
Recognizable by acquaintances or matching
Number
Employee number, student number, reservation number
Connects with an organization or application information
Direct identifiers are stronger information than other clues.
They can identify a person by themselves, and they become even stronger when combined with other information.
Direct identifiers remain outside the text too
Direct identifiers are not always only in the text.
They can remain in filenames, images, PDFs, Office documents, URLs, metadata, screenshots, and audio.
Location
Information that remains
Text
Name, address, email, phone number
Image
Face, name tag, shipping label, documents
Filename
Real name, department name, case name
Metadata
Creator name, device name, GPS
URL
Values such as email, name, user, token
Audio
The person's voice, surrounding conversations, someone calling a name
Even if you remove a name from the text, anonymity is greatly weakened if it remains on a name tag in an image or in the creator name of a PDF.
Look for direct identifiers across the entire material being published.
Mixing anonymous names and real names
Anonymous activity sometimes uses pseudonyms or role names.
This can be effective, but it is dangerous when it mixes with a real name.
For example, even if an anonymous account profile uses a different name, the two can be linked if the contact email is one used for real-name activity.
Even if you post under an anonymous name, the two can be linked if a real name is included in an image filename.
Mixing
What happens
Anonymous name + real-name email
The account can be linked more closely to the person
Anonymous post + real-name filename
The person is visible from the file
Anonymous profile + past handle
Connects with an old account
Anonymous contact + real-name phone number
The person is visible from the contact information
Anonymous material + creator name
The source of the document is visible
If you use an anonymous name, separate contact information, files, browsers, and post content too.
Changing only the name does little to protect anonymity if the surrounding information remains part of the real-name environment.
Cautions when removing direct identifiers
In some cases, direct identifiers can simply be deleted.
However, depending on context, how they are replaced also matters.
Original information
Replacement example
Caution
Taro Yamada
Person A, the person in charge, a person
Avoid making the role too obvious
Shibuya Ward, XX
Tokyo area, Kanto region
Lower the precision
Company name
A company, affiliated organization
Avoid narrowing it by combining industry and scale
Phone number
Delete
It is better to remove it rather than replace it
Latitude and longitude
Regional expression
Do not show the exact location
The expression after replacement can also become another clue.
Wording such as "the only accounting person at a small medical startup in Tokyo" narrows the candidate set even if the real name has been removed.
Pre-publication check
When checking direct identifiers, look in the following order.
Order
What to check
Reason
1
Read the text
Look for names, addresses, and contact information
2
Look at images and videos
Check faces, name tags, documents, and reflections
3
Look at filenames
Check whether real names or case names remain
4
Look at metadata
Check creator, GPS, and device name
5
Look at URLs
Check whether search terms, email, or individual IDs remain
6
Listen to audio
Check for names being called or conversations
If a direct identifier remains in even one place, it becomes a strong clue.
Before publication, check beyond the text.
High-risk situations
For source protection, whistleblowing, activist contact, and consultations related to family or workplace matters, direct identifiers require particular care.
It is necessary to protect not only the person, but also names, faces, voices, affiliations, and contact information of related people.
Even if you think direct identifiers have been removed, related people may be inferred from timelines or job duties.
In high-risk situations, do not decide from an article alone. Consider consulting a trusted support organization or specialist.
Common oversights
Direct identifiers do not always remain only where the person typed them.
Oversight
What happens
Screenshot notifications
Email, contacts, or account names appear
Image background
Name tags, shipping labels, or school names appear
PDF creator
A real name remains in document properties
URL parameters
Values such as email, user, or token remain
Name called in audio
People nearby call someone's name
Direct identifiers that remain through things captured in an image or saved automatically can be more dangerous than information intentionally written.
Do not check only "I did not write it in the text." Check whether it remains anywhere in the entire material being published.
Difference between deletion and replacement
Some direct identifiers should be deleted, while others should be replaced.
Phone numbers and email addresses should generally be deleted.
On the other hand, if a person is needed to preserve the meaning of the writing, replace them with a role name.
However, a role name also becomes an identifier if it is too narrow.
"The person in charge who was there at the time" may preserve more context than "Person A," but if few people were involved, even that narrows the candidate set.
Check how the text after replacement would look to someone who knows the circumstances.
Check identifiers of related people too
Direct identifiers are not only your own.
Check names, faces, voices, and contact information of family members, friends, colleagues, sources, and participants.
Even if you intend to be anonymous, if an identifier of a related person remains, someone may approach you through that person.
Anonymity is not just a matter of hiding yourself.
To avoid involving related people, review one last time whether direct identifiers of others remain in the published material.
Summary
Direct identifiers are information that easily connects directly to a person or related person.
They include names, email addresses, phone numbers, addresses, faces, voices, coordinates, employee numbers, student numbers, social media handles, and similar information.
Direct identifiers remain not only in text, but also in images, filenames, metadata, URLs, and audio.
In situations where anonymity is needed, removing only the name is not enough.
Look across the entire material being published and check whether the real-name environment and anonymous environment are mixed.
If direct identifiers remain, choose deletion, generalization, delaying publication, or not publishing.
Related tools
Breach check
Have I Been Pwned
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.