Bill McGeveren on Goals, Fears, and Synthesizing Viewpoints

From Ano/Pseudonymity
Jump to navigation Jump to search

My own output would likely come in articles written in what this proposal calls “law-review style” and will probably focus on at least some of the following: (1) value of anonymity (2) persistent pseudonymity as a substitute for (and indeed, David is right, as distinct from) anonymity and (3) where legal rules would serve useful functions in fostering the values of ano- & psedonymity (as opposed to where the law should merely get out of the way). I'd also like to convert the law review pieces into something shorter and more readable when they are done (op-eds, blog posts, five-page summaries, etc.).

I think the proposal is good but, as others have said, sort of diffuse. I suspect it might be a bit of a Rorschach ink blot – everyone sees in it what they already believe. But for attracting funding, maybe that is a virtue not a vice!

The proposal appears already to have accepted the premise that new systems of ID mgmt will be deployed (and perhaps implicitly that they

  • should*). Yet I think one of the big questions is whether this whole

effort will fizzle, and maybe that possibility should at least be acknowledged.

I think the proposal ought to identify specifically some of the new technological approaches to which we are responding, including but not necessarily limited to the Microsoft InfoCard, the Higgins Project, and Liberty.

It also should make more explicit reference to the differences in the values and purposes of anonymity in more democratic countries vs. nations with bad human rights records (the Chinese activist/blogger problem).

The first paragraph of the meat of the proposal indicates that the key risk is “unwanted uses” of digital identities. That (along with some other references) sounds to me like identity theft. While that’s a real danger -- the idea that by creating a multiple-use digital ID you are creating an attractive target for impostors to hijack for improper purposes -- it is not really the fundamental problem in my view. I think the real danger is erosion of data privacy. If digital IDs become stand-ins for the “real” you, and if the advent of such IDs makes it more convenient for various large institutions to aggregate, analyze, and warehouse more information about you, then ID mgmt systems would erode rather than enhance your privacy – that is, your capacity to control or limit the amount of personal information that others learn.

To be more concrete: my fear is that power laws will drive centralization of digital IDs, and asking for IDs will be very easy. As a result of these two trends, (nearly) every online interaction would begin with a “who are you?” question and the only acceptable answer will be to provide one of a small range of IDs that is linkable to your “real” self. In the worst case, that might include not just banking, but posting a comment on a blog hosted by a big blogging provider (to prevent spam and trace libel, they would surely say). A slightly better scenario is that all these transactions are linked to the same persistent pseudonym, which is not linked to you. Even this starts to have problematic privacy implications as that avatar increasingly becomes your “true” identity, at least in online space.

To be sure, there are references in the draft to a lot of these considerations, but I don’t feel it captures the fear in full concrete terms. To me, *that’s* what a bunch of us are really talking about here. (My sense is at least Wendy, David, Mary, and me are in that camp, all in different ways.)

Finally, I would echo Clippinger that the staffing and structure is absolutely crucial. Ever since “Anonymity Day” it has been clear that many people in this topic area (myself included) talk past each other. There are so many embedded assumptions etc. It will therefore be an enormous job to synthesize the independent work of 6 or 8 people, make it coherent, and serve as the conduit for all that stuff into Berkman World (especially if, as the proposal indicates, it is ultimately turned into a report that recommends best practices). I have no doubt that Mary is hyper-qualified to spearhead it, but given all the other exciting stuff that she and Net Dialogue have going on, I imagine she would need help on the time-consuming aspects of implementation. That’s got to be where some of the money goes, and the right person would have to understand the issues with some depth in order to pull it off.

Does that all make sense?

Retrieved from "http://cyber.harvard.edu/anopseudonymity/?title=Bill_McGeveren_on_Goals,_Fears,_and_Synthesizing_Viewpoints&oldid=1400"