Filed Under: Identity, Social Media and Organisations

Fixing the “Twitter problem” isn’t that hard

There’s a problem with social media generally and Twitter in particular. The problem is abuse. 

I posted a screenshot of the email, and a few lines about how I would not be using Twitter until they figured out how to stop making incidents like this one (gross, but comparatively benign) a less constant component of my Twitter experience.

From Twitter Has Become a Park Filled With Bats — Following: How We Live Online

What can be done about it? A British example of this was in the press recently when the MP Jess Phillips reported hundreds of Twitter messages containing the depressingly usual sort of rape threats that are sent to women in the public sphere. Twitter said, essentially, tough.

“We reviewed the content and determined that it was not in violation of the Twitter rules.”

From By ignoring the thousands of rape threats sent to me, Twitter is colluding with my abusers

I don’t want to get into the free speech vs. hate speech debate but I will note that a variety of social media platforms have signed up to rules (in Europe) to try to cut down on hate speech.

Google, Facebook, Twitter and Microsoft have signed up to new EU rules on taking down illegal hate speech as lawmakers and internet giants try to cope with violent racist abuse and technically savvy terrorists online. The “code of conduct” will require companies to “review the majority” of flagged hate speech within 24 hours — and remove it, if necessary

From Web giants sign up to EU hate speech rules – FT.com

I couldn’t tell from the article what hate speech is, or what illegal hate speech is, but I imagine it is going to be pretty difficult to automate this. I mean we all know hate speech when we see it, but I don’t know if we’d be able to explain it to a computer and I don’t think it is realistic to expect Twitter or anyone else to have to sort through thousands, millions of boring, derivative and repellent messages in order to determine whether to ban of these pseudonyms (at which point they will simply log in under another pseudonym and continue). The solution is, as I set out a while back, is to give users the option to automatically block messages that do not come from an authenticated account. An authenticated account is an account that is pseudonymous but has been attested to by an acceptable third-party. By attested to, I mean that someone acceptable to the second party has attested that they know the real identity associated with the account.

What we need is a working identity infrastructure that allows for strongly-authenticated pseudonyms so that bullies can be blocked and revealed but public space can remain open for discussion and debate. Then you can default Facebook and Twitter and whatever to block unauthenticated pseudonyms

From We can contribute to childhood e-safety | Consult Hyperion

Here’s an example as to how this might work. I go to Twitter to create an account, @angrywhitemale or whatever. Twitter asks me if would like to authenticate my account. I say yes. Twitter asks me who will attest to my identity. I say Waitrose. Twitter says that Waitrose is not on its list of acceptable authenticators. I say Barclays. Twitter bounces me off to Barclays. At Barclays I use two-factor authentication to strongly authenticate myself and log in. Barclays then send a unique number back to Twitter. Twitter now know that Barclays knows who I am. The account is authenticated.

Jess Phillips has set her account to ignore all but authenticated accounts.

I tweet illegal hate speech to Jess Phillips. She passes it to the police. The police get the unique number from Twitter and go to Barclays with a warrant (all of these processes can be automated) and Barclays tell them that @angrywhitemale is actually Dave Birch and the police come round and arrest me.

Now, of course, I can delete the account @angrywhitemail and create a new identity @victimofsociety. But when I attempt to authenticate it, Barclays will notice that they had a warrant issued against my account and so will refuse to authenticate me until I get out of jail (or maybe never). So now I have to go and get another bank account in order to create another Twitter account in order to create another hate speech outrage in order to be arrested.

Most people in the public eye would, I’m sure, set their accounts to receive tweets from authenticated users only. Tweets from unauthenticated users to authenticated-only accounts would simply be discarded. The bullies could post away as much as they liked. Perhaps it is therapeutic for them

From Anonymity – privilege or right? | Consult Hyperion

Now, none of this infrastructure exists, of course. But suppose one group of authenticators — let’s say the banks, for example — came together to create it. It would generate immediate benefit for relatively little expenditure, since the Strong Customer Authentication (SCA) is already mandated (well, sort of, in the UK) and the kind of APIs that would be need to make this work are going to be in place shortly because of PSD2 (well, sort of, as PSD2 does not mandate any non-payments APIs). And while the infrastructure might become familiar to people because of social media, they might find many other places to use it. Dating web sites, for example. These are good example of meeting places that benefit from strongly-authenticated pseudonymity. When I interact with you on a dating website, I don’t need to know your real name, but I do need to know that you exist and are over 18, and these are both facts about me that are known by my bank.

Would Twitter or Ashley Madison or whoever be prepared to pay the bank 10p for every authentication? I think this might be a reasonable price to pay for maintaining civilised spaces where people come to meet and mingle (and look at advertisements).

Tags: ,