Future Of Identity on the Web

Blizzard’s announcement earlier this month of a “Real ID” program, forcing its players to use their real names on forums, was met with a fierce public outcry. True/Slant’s Paul Tassi wrote an excellent piece on the tensions inherent in the proposal:

“I have to be honest, my first, initial, unadulterated reaction to this news was glee. Why? For years now, I’ve been writing with my real name for the various media outlets I work for including this one, and in return for expressing my ideas and having them attached to my own name (in on True/Slant, face), I’ve been endlessly flamed with personal insults from commenters hiding under the veil of a fake username and e-mail address,” he wrote. “It doesn’t seem fair that I put myself out there every day with my writing, only to routinely be torn down by anonymous idiots who I have no recourse against. I’ve long dreamed of an internet utopia where everyone is responsible for what they say, leading to a much more civilized discourse overall.”

But then he goes on to outline all of the potential problems of real identities in the fanatical, emotionally-charged world of online gaming, primarily focusing on real world consequences of gaming conflicts and obsessions, and the stigma attached to gaming (‘no job offer for you, weird, obsessive WoW player!’). Tassi came out against Real ID, as did most people on the Web. One anonymous player went so far as to create a blog, A Snowstorm By Any Other Name, to protest the program by posting personal details about Blizzard executives and employees, gathered from online forums:

This is purely to say: Hey, this guy (who can afford to pay professionals to keep his personal information private) says that we have nothing to worry about with people knowing our real names. Well, here’s what is available on him even after a good internet scrubbing. Here’s what’s available on just a couple of his employees. There are people out there in much worse situations (witness protection, former abusive relationships, BEING FEMALE ON WORLD OF WARCRAFT, people who don’t want to risk losing a job because it’s public that they play WoW, etc) that would be utterly fucked if there was a slip-up and their names were revealed

via What’s in a name?.

The anti-Real IDers won. Blizzard backed down, though it will implement a program that suggests people connect with their real world friends — it sounds a lot like Facebook’s Friend Suggestions. The World of Warcraft just wasn’t up to fighting the battle against anonymity online.

The U.S. Cyberczar may have a bit more firepower though. The Department of Homeland Security recently released a draft National Strategy for Trusted Identities in Cyberspace. The plan is not “fully baked;” public comments are due today, though some privacy groups have begged for an extension.

It’s a big deal. The U.S. government is trying to find a way to make commercial transactions safer online, and to ensure that people are who they say they are before accessing financial data and medical records. The government, though, is sensitive to that which torpedoed the Blizzard plan — the call for privacy. This is an even more sensitive issue when Big Brother is involved. The idea of a government tracking chip attached to one’s online identity would freak out even non-conspiracy theorists.

The plan dances around that concern throughout the 40 page document [PDF] describing a happier, safer online world, called “The Identity Ecosystem.” (Blogger Identity Woman has a nice read-through and comment on the plan here.) It’s been deemed an “ecosystem” because it would not be a government-run one-stop Internet shop. The plan envisions an online world with various layers of identity, authenticated by private actors and corporations. The Gov wants to push for a better protection for our personal information against cybercriminals.

From the idyllic draft:

There are various causes of the online fraud and identity theft identified in the statistics above. Out- of-date software, unsafe web browsing habits, or lack of appropriate anti-virus systems can all lead to the compromise of computer systems. Criminals and other adversaries often exploit weak identity solutions for individuals, websites, email, and the infrastructure that the Internet utilizes. The poor identification, authentication, and authorization practices associated with these identity solutions are the focus of this Strategy.

Further, the online environment today is not user-centric; individuals tend to have little control over their own personal information. They have limited ability to utilize a single digital identity across multiple applications. Individuals also face the increasing complexity and inconvenience associated with managing the large number of user accounts, passwords, and other identity credentials required to conduct services online with disparate organizations. The collection of identity-related information across multiple providers and accounts, coupled with the sharing of personal information through the growth of social media, increases opportunities for data compromise. For example, personal data used to recover lost passwords (e.g., mother’s maiden name, the name of your first pet, etc.) is often publicly available.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s