From: jim@bilbo.suite.com (Jim Miller)
Date: Sun, 10 Apr 94 19:49:27 PDT
To: cypherpunks@toad.com
Subject: Re: identity, privacy, & anonymity in cyberspace
Message-ID: <9404110242.AA04774@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain



tmp@netcom.com writes/asks:


> yes, remailers solve the problem of trying to post
> messages without identity, but are we sure this is a
> `problem' we want to `solve'?

If this problem is not solved then all posts must contain a reference  
to the poster's true identity.  Is that what you want,  
tmp@netcom.com?  How would it be enforced?  Government approved  
public-key pairs issued at birth?  Random identity checkpoints on the  
Infobahn?  A ban on all un-approved cryptography?  Peer pressure?


> hal argues below that there is `no line dividing the clean
> from the unclean' (real name vs. pseudonymous vs.
> anonymous etc.).  to the contrary it seems to me to be the
> case that  either `i know who you are' or i don't. what does
> it mean for me to `know who you are'? i admit there is no
> basic definition, but it does seem to me that should not
> prevent us from trying to find one.

Instead of asking "who are you?", ask "what are you like?".  I don't  
usually need to know who you are, but in certain contexts it is  
important to know what you are like.  Further, I don't need to know  
what you are like in all contexts.

Identity-based systems approach the "what are you like" question by  
demanding to know "who you are", and then determining "what you are  
like" by accessing various and sundry databases.  These various and  
sundry databases are rapidly condensing into a few logical  
mega-databases.  The problem with identity-based systems in which  
everyone has only a single identity is that it soon becomes very easy  
for someone to learn more about you than is necessary or desirable.

Cross-referencing is the root of all evil!  :-)

I think much of the technology advocated on this mailing list can  
enable people to answer the important "what are you like" questions  
without creating systems that can also be used to pry into your  
entire life history.



> the important goal is `defining what privacy really
> means'

I agree it is an important goal.


> and cypherpunks seem to take the position, `it
> means that nobody knows anything about me'.

I disagree.  I think cypherpunks want to retain (or re-acquire) the  
ability to control who knows what about them and when and under what  
contexts.  This is a bit different from "nobody knows anything about  
me".  However, I can't speak for all cypherpunks.


> our society simply cannot function under this constraint.

If by "our society" you mean the society in which we currently live,  
I'd have to agree.  That does *not* mean I believe all possible  
societies become impossible under this constraint.  Actually, I  
believe "under this constraint" is a strawman (see previous  
paragraph).


> if you continue to insist that `nobody should know who i
> am' i fear you will be bypassed by more sophisticated [?]
> groups that have a less polarized view of issues of
> identity and privacy. and it will ultimately be the least
> controversial proposals that will shape the future we
> live in.

Being a pessimist, I'll have to agree with you here, although for  
slightly different reasons.  I believe that as long as there are  
income and property taxes, the government will find ways to justify  
prying into our personal lives.


Jim_Miller@suite.com