In everyday speech, I talk of my identity as my soul, my essence, the totality of everything I believe most important about myself. Of course, this holistic identity has nothing to do with online identity.
Or does it?
Do we really feel satisfied with the compartmentalized identity offered to us by well-meaning privacy advocates? An approach to identity where, for instance:
- I join a work-related forum sharing nothing but my academic credentials and career achievements.
- I join a political forum sharing some of my beliefs and practical skills, but nothing about my spiritual life or personal needs.
- I visit a commercial site sharing absolutely nothing at all--here I am just a name with a credit card and a shipping address.
How many of us want to deny so stringently so many parts of ourselves, so much of the time? Isn't this privacy ideal just a parody of the online "consumers without agendas" that mass marketers would like us to be? Esther Dyson, a prominent consultant and journalist, asked, "Do we want privacy or do we want attention?"
We go online not only because we have something to buy, but because we have something to say. This doesn't mean we sneer at privacy; sometimes we desperately need its protection in order to be able to say something. However, the holistic and compartmentalized aspects of identity have to exist together. Journalist David Berlind gave the notion of identity the broadest possible meaning when he said, "Everything you put on the internet is an expression of your identity."
The value of the holistic approach came forcefully to me during the most astonishing session of the conference, a break-out session titled "Human Hybrids: Creating a Global Identity." Derrick Ashong, a political activist and facilitator for the arts, organized this session to show that it is not enough to bring internet access to underdeveloped areas; one must simultaneously give people a chance to express themselves. Otherwise, they are prey to the images thrust on them from outside, and cannot healthily combine the parts of their identities formed online with the more traditional identities that come from their communities. Ashong calls this combination a hybrid identity, and the tools we give people could make its emergence either positive or negative.
Ashong saw his personal history--he grew up in a home without running water, eventually making it into a Ph.D. program at Harvard and onto the boards of political organizations--as an example of the resulting risk. First, a lot of people in developing areas who are lucky enough to get training end up leaving their areas instead of furthering their neighbors' development. Even if they don't leave physically, they risk a greater and greater disconnect from their culture and peers.
Technology can also be a tremendous boost to development. According to Ashong, one reason for that is that internet access can show people a bigger world that puts immediate, impoverished environments into a more optimistic context. The point of a digital identity is "so we can hear them too, so they can contribute to the global good."
To demonstrate the positive use of technology and the internet, Ashong patched in an audio and video feed of a teacher named Marvin Hall from Kingston, Jamaica. Hall started a Lego robotics project among school children and eventually brought a team to San Jose, California, where they won an award. It made them feel good to accomplish something in the midst of a neighborhood that Hall described as dominated by hopelessness and violence. His next project is to start a robotics learning lab for children aged 8 to 14--ages just before and during the period of greatest risk for gang recruitment.
The entire session, which was attended by only about 20 people, centered on questions of how to help people who are outside the world of material privilege and instant information. There was considerable mistrust of the One Laptop Per Child program (which was celebrated with great excitement at a recent conference in Brazil, as reported in my weblog on Brazil's Free Software Forum). Participants felt that it was a gigantic intervention into isolated areas with no guarantee of support and guidance to deal with the social changes it might cause. I pointed to the decades-long efforts of Dave Hughes as evidence that networking can be brought to remote areas with sensitivity to culture and local needs.
To crown the discussion, Ashong said, "Beyond a digital identity, we are creating a global and human identity."
Some privacy purists would like each exchange of goods to be isolated, with the seller knowing nothing about you except your ability to pay. In fact, digital cash was a hot research area in the 1990s. Such systems would give you digital tokens you could provide to a vendor without leaving behind any trail of the purchase; the seller would know only what bank to go to for payment.
Privacy expert Stefan Brands--who did much of the research on digital cash--pointed out that its potential collapsed with the advent of PayPal, which provides a quick solution for online purchasing but is careless of privacy and other common problems, such as phishing.
Some people like to share information with companies in order to speed up transactions and get advice. Such information--called preferences by the identity community, which goes along with vendors in portraying the consumer as being in control--could range from your favorite colors to your geographic location or even what medical conditions you suffer from. All these "preferences" can help vendors display the most appropriate goods or services for you.
Think, for a minute, about how much businesses would love to see your calendar. A restaurant, for instance, would love to know that you've scheduled an appointment in the same office building for 1:00 in the afternoon.
You're not about to enter your calendar information for the benefit of businesses, but you might enter it for your own benefit and then be willing to share it. This is perhaps why ten million people have created a model of their bodies or homes with My Virtual Model, which offered some demos at the conference.
Where your body is concerned, My Virtual Model acts like the most recent version of the Sims game. You can stretch and mold an image to look like you, try on clothing virtually, and then make a purchase. Debbie Pazlar (Best Buy), Paul Trevithick (Parity Communications), and Gregory Saumier-Finch (My Virtual Model) collaborated at the conference on a futuristic demo that showed how a user could store preferences, including a model kitchen, and then remodel the kitchen using 3D graphics and appliances from Best Buy.
Louise Guay, president and founder of My Virtual Model, said some businesses were afraid of it at first--so afraid, they got angry when she proposed signing up for it. These businesses recognized that My Virtual Model removed friction from the process of comparing sites and products, and thus would make it harder for them to own their customers.
For the same reasons, according to business analyst John Sviokla, My Virtual Model can promote more purchases. He went so far as to call it "an enormous wealth creation mechanism." And journalist Doc Searls, who has promoted identity technology for years, believes it could replace the advertising industry with an "intention economy" that puts online users in control of their own attention, and finds things that interest them.
I want to come down from the airy heights of holistic identity to consider the benefits of acting a bit like turtles in the pond, who come out only on a need-to-know basis.
Why does the Veterans Administration have to know our social security numbers (and then let them slip into the hands of criminals from a stolen laptop)? Why can't the VA just know whether we've served in the armed forces?
As Christine Varney, former commissioner at the Federal Trade Commission, pointed out, we have acclimated over the past couple centuries to having different identities "in the city and on the farm." Digital technology alters the equation but still provides options.
Technology can theoretically provide strong online identity while distributing risk. You and your correspondents would choose which authority you trust to authenticate you. You could further store sensitive data in other repositories and encrypt it so it is never known to anyone but you and the person to whom you reveal it. Even the authority storing the repository wouldn't have to know the data. To meet a criterion known as minimal disclosure, data exchanges could be fashioned such that the question "Are you over 21?" could be answered with "yes" or "no" in an authenticated way, without providing your exact age.
John S. Bliss of IBM touted a system at the conference that could solve the current air flight impasse between the United States and the European Union. The U.S. would like to see all the information that airlines have on passengers in order to compare it to watch lists (which are none too accurate). The EU insists that the request violates many privacy tenets, including minimal disclosure and preventing unauthorized reuse. IBM's solution would hide the information on both sides by mathematically reducing them to meaningless but identifiable numbers (a process called hashing). Conference attendees questioned the application of the solution, but the idea demonstrated one form of compartmentalization.
The bugaboo that unites the identity and privacy communities is the threat of a single identifier. In many countries, a national ID or social security number plays that role, and it's open to abuse in countless ways. These include forgery, identity theft, intrusive government tracking, and the kind of catastrophic information leaks we've seen in recent cases of stolen data.
Nobody who has studied the situation likes a single, centralized ID--not even Jeremy Warren, the deputy Chief Technology officer at the U.S. Department of Justice. Yet we may be unable to avoid such IDs. Governments seem convinced that they solve law enforcement problems, and don't respond when the experts try to explain the difficulties of the systems.
Compartmentalized identities don't necessarily make it safe to store data. Data mining can still put together a composite portrait of you from many sources, and governments can force different repositories to relinquish information.
Warren thought the Department of Justice would have no problem with distributed identity information, and even with having reasonable barriers to gathering such information, so it could be done only when necessary. But he expressed some anxiety about the possibility that the information could be stored outside the U.S. so that international cooperation would be required to trace routine crimes.
The kinds of governments most people at the conference worried about were well-known repressive regimes (journalist Rebecca MacKinnon warned us to look out for China), but few countries can be considered exempt. Marc Rotenberg, director of the noted Electronic Privacy Information Center advocacy organization, said that the U.S. government can force a resident to give up financial data in some circumstances. Caspar Bowden, Chief Privacy Adviser of Microsoft Europe, pointed out that even Britain's official privacy regulator, the Information Commissioner, had described the UK as "sleepwalking into a Surveillance Society."
Berkman Center professor William McGeveran listed three risks of putting identity information online:
- People exercising free speech rights could be identified by repressive regimes.
- The user-friendly tools promoted by companies in the identity space will encourage users to send out more data without thinking adequately about the risks.
- The authorities responsible for passing the data between users can track it, if it's not adequately protected by technical measures.