Identity on the Internet
Anonymity is valuable to the structure of the Internet, but as the identity of a person becomes fluid, the reputations and identifiability of someone’s online presence becomes increasingly valuable. While jobs rely on user-submitted references, as do academic applications, many also turn to your social media presence or to your search results to gauge reputation. Privacy by obscurity, as records are digitized and indexed, is no longer as viable. But, there is no consistent form of identification across the web. Each service relies on its own username as identifier, with character limits abound, and your ability to hold the same username across services relies on both the uniqueness of your username as well as the date you joined the online service. But are usernames outdated? A self-selected identifier, varying from service to service and format to format? As Mat Honan puts it, "“One of the best things about the online world is how it lets us be whoever we want to be. We shouldn’t have to sacrifice that just because someone else got there first."
The advantage of a username is that, at least within a service, it “refers unambiguously to a particular person”. That works fine if you know the username of the person, but often you may only know their name. Luckily, with services like Facebook, a person’s unique identifier is their name, provided they haven’t pseudonymized it. Once you have connected with that person, you expect (within the relevant online service) when you type in their name, you will be returned with precisely the person you were expecting to find. The difficulty with this system is finding out the username of another person, and confirming that the person with their name online is really the person you’re looking for.
Names and usernames online don’t always align with the identity of the person you expect them to be tied to. To link an identifier such as a username to a person, you must gather attributes about the person behind the username to confirm them against the facts that you know about the person you’re trying to locate. You assess the photos, mutual friends, and locations of the Facebook search results for John Smith to find your friend. You conduct the same operation when you look someone up in a phone book, confirming that the John Smith in the phone book is the same John Smith that you are looking for, because he lives on Alphabet Street.
Online identities allow us to be semi-anonymous through this need of attribute verification, but there is a limit to any anonymity granted online. As privacy by obscurity fades in capability as records are digitized and indexed, many are choosing to reclaim their names as identifiers, to build their own reputation instead of the one the internet builds for them. We select usernames as an extension of how we choose to be identified. Pseudonyms, subtle homages to the things we care about, our nicknames, and eventually, some variation on our actual names. Whitney Erin Boesel describes this transition well in Cyborgology, concluding with her decision to change her username on Twitter to a variation on her name. “Identity online should take a cue from the physical world. You are more than your name; your face, your birthday, your location, and the company you keep all help others figure out who you are.”
As our personal identity becomes increasingly fluid–less tied to our locations and our jobs, and more tied to our self-representation on the internet, how we are identified is immensely important:
Digital identity is a valuable and curated thing. Nearly a brand, and as one becomes more famous or well-known, it must be protected against impersonators As Choire points out, even governmentally the only proof we have that someone is who they say they are is their Social Security Number:
Many people who I spoke with alternated between using their real names and pseudonyms based on the service–mostly due to privacy reasons. Pseudonyms based on site context (dating, personal social media), and also to add an extra layer of “discovery fatigue” so to speak–if you make it harder to find, fewer people will try. Others use their real name, because it keeps them honest or because it’s “what I got to trade on”. It is difficult to craft a reputation for your online identity if no one knows who you are.
Most often, a username is more pseudonymous yet transparent than a name, as it allows the machine to be sure that it has located precisely the requested person. A username functions as a publicly known unique identifier for the databases that house our information:
“our data has to attach to unique identifiers to live on a server, but only the machines need to see those. They’re just like the Social Security numbers we use in meatspace to differentiate people with the same name. Ultimately we’re all just numbers to computers anyway. It’s kind of counterÂintuitive, but the best way to be whoever you want to be is to be nothing more than a number to everyone but your friends."
Numbers are one way to bridge the information gap–no attributes to verify about someone if they always align with the same string of numbers. So perhaps it’s time to turn to biometrics as the definitive source of online identity. After all, while biometrics are widely touted as a good replacement for a password, once a biometric password is stolen, it can’t be changed. Your retinal makeup or fingerprints cannot be (easily) altered. Thus, biometrics would work far better for usernames, with a large caveat being that anonymity would be difficult (if not impossible) to maintain. How could one avoid the tying together of work and personal and private social accounts, if they are all linked by your thumbprint?
Fortunately, “Biometrics can be use used as a lightweight, convenient mechanism to establish identity, but they cannot authenticate a person or a thing alone." This is true because fingerprints are not private information, like passwords are (or at least should be). Fingerprints are known to the government and something that we leave all around us, whenever we touch something. Much like our names and usernames, they are uniquely identifiable as belonging to us, but without requiring a second layer verification of attributes. Match John Smith’s fingerprints and you no longer wonder if he is the one that lives on Alphabet street.
Using fingerprints or other forms of biometrics as online identifiers would also work on the computer side, as this data is encoded as a unique set of identifiers, as well as on the user side, with a simple thumb or fingerprint and a password (+ two factor token) easily used to log in to a service.
Of course, biometrics are more difficult to use on the social web. How do you know that the person you’re emailing is your friend? You don’t have their fingerprint. Perhaps they would be used in tandem with usernames, voluntarily. To tie a username to my “true identity” I would add a layer of biometric identification to lend authenticity and verification of my identity to the service. However, for social media endeavors where I might prefer to remain semi-anonymous, I could leave that service un-authenticated–preferably through an opt-out box that would prevent others from authenticating themselves against my own service.
This sort of relative simplicity could avoid some of the protracted and desperate steps that others have had to take, such as selecting a name for their child based on domain name availability, and then registering that domain name and a variety of social media services based on that future name. No one could impersonate you without your fingerprint credentials, password, and tokencode.
While you may not be able to choose the username that you wanted, your friends would always know that they were contacting the correct version of you online, as the fingerprint of that service would match your own. An issue with this is that once a harasser or stalker has access to your username or fingerprint, they could have access to all of your verified accounts. Of course, using a single point of verification across many services could also allow blocking of someone else’s fingerprint from accessing anything associated with yours. You would then be able to ensure relative privacy across your social media universe.
The idea of using biometrics as the unique identifier behind your digital identity aligns with public key cryptography, which uses the PGP system. PGP, or pretty good privacy, uses a combination of a public key (in my example, your biometric identifier) and a private key that only the person receiving the message holds (in this case, a password or something of the sort that only you know). This is also combined with a session key that is tied to the particular message itself. If “we can bring the idea of cryptography like PGP to a user’s identity – this is a verified way of proving I am me – if that was bound indefinitely to me, that offers a tremendous amount of value to individuals and companies.””
Online identity protocols which use unique identifiers to identify each user, provided by identity providers (IdPs) ranging from social media services (Google, Facebook, Yahoo, Twitter) to educational organizations (InCommon, other higher education institutions) that verify the identity of the user, and allow a trusted connection between the identity provider and the service that the user is attempting to access. In OpenID the user is typically identified by a URL, but that doesn’t work that well because [“ordinary human beings apparently don’t think of themselves as Resources that need Uniform Identifiers, or some such."](https://www.tbray.org/ongoing/When/201x/2014/03/01/OpenID-Connect " href=“https://www.tbray.org/ongoing/When/201x/2014/03/01/OpenID-Connect""). OpenID Connect, a newer identity protocol, uses email addresses–which can, again, provide many of the same issues that we’ve discussed about false identity. This would also likely entail using whitelists, wherein “apps will explicitly specify which IDPs they’re interested in relying on." so as to provide some sort of consistency and verification as to who is accessing the service.
Each of those services relies on walled gardens of identity which keep us cloistered in each service. Cross-platform and cross-service interactions are incredibly more valuable than individual services, each of which require their own sign-on or a central IdP to grant sign-on privileges to the service providers which allow it (such as with social ids. Why can we not sow our own gardens, and be our own IdPs? The information being provided by each IdP would need to be consistent and able to be consumed by the service providers, and with biometric identifiers that would be possible. Have different encodings for different kinds of identifiers, and each person could use whichever one they preferred or were able to use.
To further allow for pseudonymity, Stoya comments that:
There is a necessary incompleteness to online identity, and yet while the relative completeness is controlled by ourselves, the identifications associated are not. A localized and personally owned identity provider with a relatively static identifier such as a thumbprint (with concessions made for those without thumbs or which choose to use other biometric identifiers) would still allow us to select our own usernames. But further, we’d be granted the permission to choose which of our own attributes to share with certain services–even none, if we want to verify our identity yet continue to remain anonymous. Your online identity is not your whole self, but what is shared and what is revealed to others should be up to you to release.
Edit 3/11/14: A friend told me about the new site https://keybase.io/ which achieves much of what I discuss in this post, most notably the ability to sign or verify your identities as being owned by you (and not impersonators). Additionally, it makes PGP encryption relatively simple and easy to use for the average person. They’re accepting requests to join their beta list. It will certainly be interesting to see how well and how widely cryptography and encryption can and will spread in the mainstream. My guess is that either some very large companies will need to start doing it by default, or it privacy will remain a luxury good--available only to those with both the time and money needed to invest in setting up these processes.