[Dave Birch] There’s a long running debate going on about whether people should be able to post online without disclosing their “real” identity. This is getting especially heated around online review sites. Remember this row — one of many — about Trip Advisor?
He said he is considering suing the site over what he claims is a “dishonest” review published about one of his hotels and accused the internet giant of trying to “bully” him into silence using threatening letters
Look, review sites aren’t going to go away. And they are a good thing. I happened to be talking about reviews to my wife yesterday. She regularly uses a particular web shop to buy all the usual household stuff that neither of us can be bothered to go to the shops for: in yesterday’s case, a new mop for the kitchen floor. She uses that particular site precisely because it publishes bad reviews as well as good ones. When she last looked for a new mop, the one she looked at had very bad reviews. Yesterday, she looked again and there was a new mop, with good reviews. So she bought it. How can you trust good reviews unless you see the bad ones as well?
We need review sites: they are way to make a market more transparent and improve the quality of goods and services. Therefore, making the reviews work is important. How do you do this?
Here’s a question to get the thinking underway: if you let people post under assumed names, will they post rubbish? Can you trust a review site where you don’t know who anyone is either, whether they are astroturfing for corporate puppet masters or opening up information for the people? I travel a lot, so I post a lot on Trip Advisor. But I don’t post under my “real” name – I don’t see why who I am is material. Consequently, I was most interested to read a thorough corroboration of my theory that a pseudonymous interweb is a better interweb.
The platform, which enables people to comment across multiple websites via the same identity, has just released data showing that pseudonymous participation is actually the healthiest type.
Well, well. I can think of many reasons why this is true (one of the main ones being that people reveal their real likes and dislikes, prejudices and opinions, views and perspectives under pseudonyms whereas they are alway constrained when using their “real” names) and it certainly matches with my experiences in online chat and debate environments.
Personally, whether it’s positing abusive messages about government ministers or arguing about the merits of a return to the gold standard, I always use pseudonyms unless I am posting in a professional capacity, in which case (I sincerely hope) my expertise and experience is relevant to the discussion at hand. In some cases I use the same pseudonym across multiple sites, in other cases I use a specific pseudonym.
Pseudonymous identifiers are random identifiers that change for each relying party (so my identity at relying party A might be 123 while my identity at relying party B might be 345). Good pseudonymous identifiers are large random values (so that they are unpredictable) and are not reused across multiple users (so the same identifier is never used at different relying parties for the same or different users).
Right. So pseudonyms deliver the best online interaction. But, I will hear you say, who can this scale? With interaction through pseudonyms, there will always be people — even if a tiny minority — getting up to no good. What if you are small business and you get a review like this?
The review said: “Robbed My RAM and Touched 9 Year Old What a scam artist, he stole RAM from my computer and replaced it with smaller chips hoping I wouldnt notice and also I later found out touched my 9 year old inappropriately. A Violator and a rogue trader. DO NOT DO TRADE WITH THIS MAN!”
How can you take a civil action against someone for posting a defamation or libel or malicious accusation or whatever? How can you make sure that someone posting a review is actually a customer?
The solution is to institute a simple system of pseudonymous tokens — cryptographic tokens, I mean — so that you the customer can only post a review of something if you have a token showing that you used it, and it should take a court order for the token provider to reveal the person who had the token. This is technologically trivial and can easily be achieved using well-known and well-understood techniques for cryptographic “blinding”. A “blinding” service would work something like this: when you register at the hotel, the hotel chain e-mails you a URL. Later on, you log in to that URL and the system generates a “blinded” token that the hotel chain digitally signs and sends back to you. Whereupon you unblind it. To write a review, you must submit the token. The review site can easily check the digital signature from the hotel chain that proves that you did stay at the hotel during the previous month (or whatever) but doesn’t link to your identity. The hotel can be sure that you were a customer, but neither they nor the review service know who you are. If you post something that is against the law, a court can then order the blinding service to turn over the connection.
It’s not only review sites that might make use of such a service because there are many sites where who you are is material to the discussions and there may be not entirely honest reasons for using a pseudonym.
The chief executive and chairman of cashless payments vendor USA Technologies has resigned over “inappropriate” comments he posted on the Yahoo Finance message board… George Jensen posted approximately 450 comments on the forum, primarily under the alias ‘investor.texas’.
Which reminds me of something. A linguistic clarification to distinguish between pseudonyms (which are identifiers) and personas (which are bundles of attributes around an identifier). Robin Wilton is surely right to insist that there is a difference
However, a persona can also consist of a number of attribute assertions (“I am male, single and over 20”), without containing either a ‘genuine’ identifier (Kal-El) or a pseudonymous one (Clark Kent) – therefore I maintain that personas and pseudonyms as distinct rather than identical.
Personas may use anonyms, pseudonyms or absonyms. But I’m having second thoughts about the word “absonym” that I made up to mean the “real name” of something. It bothers me that the derivation mixes Latin (“absolute”) and Greek (“name”). I’m wondering about going all Greek with “alethnym” (“true name”) or just going for something that mixes more wildly but sounds better (such as “pravdanym” using Russian or “verinym” trimming the Latin “veritas” or “emenym” abusing the Hebrew “meet” and simultaneously evoking the stage name “eminem” to get down with the kids). Suggestions?
Anyway, you get the idea. Technology has a solution to a real societal problem. Perhaps the way to actually get something done would be to put forward that solution, using existing technology, but inside the kind of framework envisaged in the NSTIC. It would be easy for a US newspaper, say, to require commenters to have a digital identity from a US provider. These digital identities should be pseudonymous as a default: thus, I can post political comment or hotel reviews or jokes about celebrities or whatever. If I actually libel someone (under proper libel laws, not the UK’s libel laws) then someone can get a court order to ask the identity provider to reveal the digital identity that they were provided with (this, of course, may in some circumstances be another pseudonym).
Here’s a simple example: let’s say that my mobile operator were to give me the identity “citizendave”. I go around logging in to various web sites as citizendave using the mobile handset as part of a 2FA process. Now suppose I log in somewhere and post a libel. The target goes to court and gets an order: this is delivered to O2 (digitally-signed by the Attorney General, naturally) and O2 will then return my name and billing address. Without the court order, cryptography means that no-one can find out who citizendave is. This seems like a reasonable accommodation.
By the way, this is a serious issue – it’s not all about people writing abusive hotel reviews. A couple of years ago Bob Gourley, the former CTO of the U.S. Defense Intelligence Agency, summed the issue up as fundamental and important question about the future identity infrastructure. He said:
We must have ways to protect anonymity of good people, but not allow anonymity of bad people. This is going to be much harder to do than it is to say. I believe a structure could be put in place, with massive engineering, where all people are given some means to stay anonymous, but when a certain key is applied, their cloak can be peeled back.
What should be done? I saw this in a comment on an article about the internet and anonymity.
If we create a technology that allows one person, in the privacy of his living room, to create multiple identities to ruin a person or business, then we should create a legal mechanism to allow victims with the same ease to stop it.
I think this is, essentially, correct. I was listening BBC Radio 5 yesterday and there was a story about a woman whose life was ruined by an ex-boyfriend impersonating her online (it’s not that difficult to pretend to be someone on IM or whatever) and how hard it was for her (or the police) to stop it. So there is a real need to get on and so something about this but not in the privacy-destroying North Korean-style “you have to show a passport to log on” way that will lead to disaster.
These are personal opinions and should not be misunderstood as representing the opinions of
Consult Hyperion or any of its clients or suppliers