Anonymity and the internet may appear to go hand in hand, but, according to International Telecommunications Union (ITU) head of corporate strategy Alexander Ntoko, it wasn't always that way, and shouldn't be in the future.
(Credit: Michael Lee/ZDNet Australia)
Although many fight for the right to total anonymity on the internet, Ntoko has a different point of view. Speaking to ZDNet Australia at the Kaspersky Lab Cyber Conference 2012 in Cancun, Mexico, he believes that certain elements of personal information should be available online, since in person, this information is easily obtained. Information, such as knowing whether you're speaking to an adult or a child, whether they're in the same geographical location as you are and even what their physical features are, such as height and build, are examples of publicly obtainable information.
Ntoko said that this is how the internet actually started, and that it was never built with anonymity as a goal.
"When the internet started, it was a network which connected people who knew each other. There was no need for you to be anonymous, because in any case, the few people who were using this ARPAnet knew each other. You could tell from the IP address who was talking to you."
Now that the internet has been adopted as a core infrastructure that will likely be critical for future socio-economic development, Ntoko said that if certain measures like online identity are not established, users' rights could be eroded.
"Some governments will just make blanket decisions, and chop off a whole bunch of services because there is no way that they can identify who is behind them."
Ntoko said that while IP addresses used to provide some ability to identify a person, today this approach wouldn't be effective, since, unlike identities, IP addresses are almost bound to a physical location.
"Behind [a domain], there is some kind of an IP address, which ties you to a particular location," he said. "Your ID should be de-coupled from your physical location."
Ntoko said that this unfortunately meant that the transition to IPv6 — where, conceivably, every person could have an IP address — would complicate matters.
If or when IPv6 is fully implemented, IPv6 addresses wouldn't be able to be used for identity, as they continue to be bound to location, and can also be assigned to devices.
"We will be connecting devices — things — and, at a certain point, we need to make a distinction between people and things. Without any form of ID, we would have difficulties making that distinction. There are services that we would not be able to tell if we were providing to an application or to us."
Ntoko said that it may be possible for a company like Facebook to someday become a provider for online personal identification, but there would also be further challenges to overcome. These would include limited global use, due to governments being unwilling to trust Facebook or other organisations with the task, and, depending on where the company is based, whether an identity provider would comply with foreign data-protection laws.
Michael Lee travelled to the Cyber Conference 2012 as a guest of Kaspersky Lab.