Anonymity and identity

Anonymity and identity

Summary: In the very near wake of a foiled terrorist plot, I find myself waking up, planning to write about the topic of anonymity and identity.

TOPICS: Browser

In the very near wake of a foiled terrorist plot, I find myself waking up, planning to write about the topic of anonymity and identity. The original impetus for my post is a recent article by David Weinberger. In that article, David argues for anonymity as a "default" in the online world by saying: "personal anonymity is the default in the real world -- if you live in a large town, not only don't you know everyone you see, but you're not allowed randomly to demand ID from them -- and it ought to be the default on line."

Its not so much that I disagree with David, as I think he's framing the problem incorrectly. Framing the "online anonymity" issue in the context of being a default makes it a binary issue -- a simple on/off switch; either anonymity is the default, or something else (from pseudonymity up to strongly authenticated identity) is the default. But online identity is *not* a binary issue. Identity (be it authentication, access, authorization, federation or any other component) operates on a spectrum. Further, every "user-centric" system I know of doesn't seek to make "identity" a default, so much as it seeks to make "choice" (including the choice of anonymity) a default. Whether the system is SXIP, CardSpace, or OpenID, they all begin by having the user choose how they will present themselves.

In the context of choice being the identity default, we're finding that the bulk of online users are choosing to place huge chunks of their identity online. My evidence: MySpace, YouTube, Facebook, etc. The heaviest generational component of the online community (the kids) rushes to identity themselves online. They flock to it so fast and so easily that its making federal lawmakers (and many parents) uneasy. Do these kids think that anonymity is or should be the online default? Apparently not.

My semi-joking explanation of this lies in "Norlin's Maxim." I first posited "norlin's maxim" as a joke, but I've since found it to actually be at least partially true -- thus its semi-joking nature. Norlin's maxim is simple: The internet inexorably pulls information from the private domain into the public domain. The proof: Google your name today and google it again in 90 days (more will be known about you over time).

So, rather than arguing about whether or not anonymity is the default in the "real-world" (its not), I would simply assert that while location may have been a proxy for identity in the original architecture of the internet, the nature of the network itself *forces* identity information from the private to the public domains. That forcing function leaves users open to losing control over their own personal information, and *that* problem demands a digital identity network infrastructure.

Topic: Browser

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • defaults

    Eric, defaults are not binary. They are a way of talking about a baseline expectation (and what requires justification) in a highly non-binary world. So, let me take it out of sw lingo.

    In the real world, and currently on line, you need a special reason to demand ID from someone, but you don't need a special reason to not demand ID. Obviously, there are special circumstances online and in the RW where ID is demanded of everyone: Airports (especially on this dismal day!), porn shops, etc. And it's almost always ok for someone to choose to reveal her identity. The <u>default</u>, though, is not being required to show ID. One only talks about defaults when the situation is complex and not binary.

    You and I don't disagree about the need for ID schemes to permit maximum user control. Of course. But we do disagree, I think, about the likely real-life outcome of moving from having particular solutions to particular ID problems (a site needs to know your name and credit card number, a site needs to confirm you're over 21, etc.) to having a generalized solution to the general problem. The latter is a platform, and the widespread adoption of an identity platform will, imo, create an expectation that users will identify themselves so often that it will become the default. Why wouldn't every vendor require strong ID if it's a platform so widely available?

    In short, the creation of a generalized platform will kick Norlin's Law into overdrive. And since I there are important social and political benefits to keeping anonymity the default - the state that usually requires no explanation or justification - I am unhappy about the progress the ID platform is making.

    - David Weinberger
  • Reputation vs. Fantasy

    There are many people who are afraid of asserting their identity on the Internet. For some, it's a fear of identity theft (or fraud). For others, it's because they're doing things that may prove embarassing for them if someone knew their name.

    I believe in asserting my identity and I want an infrastructure to support it. That also means I need to be cautious about the things I say, as Google and other engines will keep my statements forever tied to my identity.

    So what does a respected, PTA mommy do when she signs onto a chat room as "NaughtyGirl" to discuss adult things? She wants a pseudonym that won't tie back to her real identity. How does that work so she protects her fantasy life from her public reputation?
  • Anonymity and identity

    Your personal diary is supposed to be a very private place where you record your most intimate thoughts and it is meant for you and you alone unless you chose to share it.

    Just a reminder,You should never write things in your personal diary that you wouldn't want your parents to read or the world to know.