I’ve thrown together a little plugin which sorta anonymises the comments your WordPress blog receives. As you probably know, WordPress stores your commenters’ IP addresses to help you fight spam and other forms of abuse. Obviously, this also helps authorities in tracking down people for saying things that are forbidden in your society. If you believe in freedom of speech as vehemently as I do, you wouldn’t want them to be able to do that, and you certainly wouldn’t want to provide them with such unintended assistance in their hunt for people exercising freedom of expression.
This is where IP Address Eraser may help. It replaces the commenter’s IP address with a static address (by default, 127.0.0.1), so in order to track down the commenter, you would have to have access to your ISP’s web server logs. Note that through this route, your commenters might and probably will still be exposed, depending on your local laws regarding data retention by ISPs. That’s why I wouldn’t recommend that you advertise the fact that you’re using this plugin to your commenters, as they might be left with a false sense of security. If you want them to be truly safe (or at least, as safe as they can be), I suggest you recommend that they use Tor.
Also note that, again, depending on your local legislation, you might yourself be held accountable for your commenters’ opinions. Unfortunately, this is equally true even without the use of this plugin.
A technical note: Akismet, the default spam-fighting plugin employed by WordPress, takes a precedence in the order of filters employed to comments. I’ve not verified this, but I suspect that makes it use the comment poster’s IP address prior to it being erased
by IP Address Eraser. I haven’t come across any tangible compatibility problems, so I’m hoping there are none, but please don’t take my word for it. I’m publishing this in the hopes that it’ll be useful, but there’s absolutely no warranty of any kind associated with this software.
Another, final techical note: What I’d really hope to have is the best of both worlds. It would be a plugin which wouldn’t erase the IP addresses right away, but after a set delay (say, 24 hours). This would put you in charge: to be able to use the data to tackle abuse when you deem necessary, yet leave you unworried about storing privacy-compromising data for far too long (forever, which is the WordPress default). Unfortunately my WordPress hacking skills are too lame to come up with such a plugin. If anybody takes a crack at it, I’d be interested to know. Please, feel free to use/abuse my plugin in doing so.