Anonymity is a buffer against permanent judgment
PP Senator Rafael Hernando argues mandatory DNI verification would hold platforms accountable while maintaining pseudonymity, citing outdated 2002 legislation and sophisticated abuse tools. Users and digital rights advocates oppose the measure, citing privacy risks, data breach vulnerabilities, and concerns that identification would chill free expression and self-protection.
- Senator Rafael Hernando (PP) proposed requiring national ID verification to create social media accounts in 2017; revived as formal Senate bill in 2021
- No country has implemented such a requirement for major social platforms like Twitter
- Spain's Digital Rights Charter (July 2021) explicitly protects the right to pseudonymity and requires court order for reidentification
Spain's Popular Party proposes requiring national ID verification to create social media accounts, reigniting debate over anonymity rights versus combating harassment and misinformation online.
Eva, a secondary school teacher, logs into Twitter under a pseudonym most afternoons. She writes about reality television and her hobbies, careful to keep that world separate from her professional life. Her students are curious, she says, and their parents even more so. The anonymity isn't about hiding wrongdoing—it's about protecting the boundary between her two selves. She is not alone in this calculation. Millions of social media users construct their online identities this way, treating pseudonymity as a form of freedom: the ability to speak without the weight of professional consequence, social judgment, or the permanent record that a real name creates.
But Spain's Popular Party sees a problem in that freedom. Senator Rafael Hernando has spent years pushing a proposal that would require users to provide their national ID number when creating a social media account, even if they choose to post under a false name. The platform would know who they really are; the public would not. Hernando first introduced the idea in 2017 as a non-binding resolution that went nowhere. This year, he revived it as a formal bill in the Senate. His argument is straightforward: Spain's internet laws date to 2002, written before most social platforms existed. Misinformation spreads faster now. Coordinated harassment campaigns use fake accounts. Bots amplify divisive content. Sophisticated tools enable abuse at scale. Platforms profit from the traffic but bear little responsibility for what happens on their networks. Requiring ID verification, Hernando contends, would create accountability without eliminating the privacy that a pseudonym provides. When courts need to identify someone behind a harmful account, he says, platforms currently drag their feet or claim they cannot help. A verified ID on file would change that calculus.
The proposal has split the online world. Eva supports it. So does @FootNes, a 25-year-old who tweets about football and Real Madrid under a pseudonym. He acknowledges the privacy concern but notes that creating new accounts after being banned for harassment is currently free and frictionless. If ID verification were the price of entry, he says, he would pay it. Others recoil. Juan, another pseudonymous user in his mid-twenties, worries that knowing his real name is attached to his account would fundamentally change how he uses the platform. He would self-censor. He would tweet less. He would lose the space where he can think out loud without fear that a careless comment today becomes a permanent liability tomorrow. His values have shifted since adolescence; he has read old tweets from his teenage years and cringed. Twitter, he argues, is a platform of passing moods and temporary contexts. Opinions expressed in one moment can seem retrograde months later. Anonymity is a buffer against that permanence.
Ofelia Tejerina, president of the Internet Users Association, argues that Hernando's proposal is both unnecessary and dangerous. Authorities already have the tools to identify users when investigating serious crimes—hate speech, threats, harassment. They need only a phone number or a name to trace an account. Requiring a national ID adds no investigative advantage but creates a massive security liability. What happens when that database of IDs is breached? What happens when platforms, lacking expertise in document verification, accept forged IDs? Tejerina also notes that users could circumvent the requirement entirely using VPN services or other technical workarounds, making the whole system performative. Frances Haugen, the Facebook whistleblower who testified before the European Parliament in November, echoed this skepticism. Any identification requirement, she said, would fail because users have easy access to tools that mask their location and identity.
Hernando dismisses these objections as defeatism. "It's like saying we shouldn't criminalize murder because murderers exist," he told El País. Yes, some people will find ways around the rule. That doesn't mean the rule shouldn't exist. Platforms have a social responsibility. Users deserve a guarantee of safety. The bill remains untramited in the Senate, and political support is uncertain. In 2018, the party then called Unidos Podemos condemned similar proposals as attacks on free expression and fundamental rights. Spain's Digital Rights Charter, approved by the government in July, explicitly protects the right to pseudonymity—the ability to access digital spaces under a false name, provided that identification isn't necessary for the service itself. The charter also stipulates that only a court order can force reidentification.
What emerges from this debate is not a simple clash between safety and freedom, but a deeper tension about what social media is for and who controls the terms. For users like Eva and Juan, the platform is a space of experimentation, a place to be someone other than the self they present to employers and neighbors. For Hernando and those who share his concerns, it is a public square that has grown lawless, where bad actors hide behind false names to spread lies and abuse others. Neither side is wrong about what they observe. The question is whether requiring ID verification actually solves the problem or simply shifts the risk—from platforms to users, from the abstract threat of misinformation to the concrete danger of a compromised database containing millions of national identification numbers. No country has implemented such a requirement for Twitter or other major platforms. Spain may be about to test whether it should.
Citas Notables
It's like saying we shouldn't criminalize murder because murderers exist. Platforms have a social responsibility and users deserve a guarantee of safety.— Senator Rafael Hernando, on why ID verification should be required despite potential workarounds
The greater risk to which we would be exposed exceeds the benefit achieved, especially if those data were leaked after a cyberattack.— Ofelia Tejerina, president of the Internet Users Association, on the dangers of ID databases
La Conversación del Hearth Otra perspectiva de la historia
Why does anonymity matter so much to these users? It seems like they're just trying to avoid consequences.
Some are. But most of the people in this story aren't planning to harass anyone. They're teachers worried their students will see their personal opinions. They're people whose views have evolved and don't want a permanent record of who they used to be. They're trying to think out loud in a space where thinking out loud has become dangerous.
Dangerous how?
Because everything you write is archived, searchable, attributable. A joke from 2015 can be weaponized in 2024. A sincere question about a controversial topic can be used to prove you're a bad person. Anonymity is a buffer against that kind of permanent judgment.
But doesn't that same anonymity let harassers hide?
Absolutely. That's the real tension. The same tool that protects a teacher from her students' parents also protects someone coordinating a harassment campaign. The question is whether requiring ID verification actually stops the harassment or just creates a new vulnerability—a giant database of IDs that becomes a target for hackers.
What does Hernando say to that?
He says it's a false choice. You can require ID verification while keeping the pseudonym public. The platform knows who you are; everyone else sees your fake name. It's like how medical researchers can link data to a person while keeping that person's identity hidden from the public.
Does that actually work?
In theory, maybe. In practice, it depends on whether platforms can securely store and verify millions of ID documents without getting hacked. And whether users trust them to do so. Right now, most don't.