1994-05-19 - Identity, anonymity and reputations

Header Data

From: rishab@dxm.ernet.in
To: cypherpunks@toad.com
Message Hash: b672560f3ca6637e21679b179f5b8d71d8dd720b090ff9c62db193a264108466
Message ID: <gate.X4qJmc1w165w@dxm.ernet.in>
Reply To: N/A
UTC Datetime: 1994-05-19 15:04:28 UTC
Raw Date: Thu, 19 May 94 08:04:28 PDT

Raw message

From: rishab@dxm.ernet.in
Date: Thu, 19 May 94 08:04:28 PDT
To: cypherpunks@toad.com
Subject: Identity, anonymity and reputations
Message-ID: <gate.X4qJmc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


I'll bother you all yet again with an episode of my column. This one's
on identity, anonymity and reputations. I haven't seen any article on 
this for the lay reader; I'd appreciate info on any such articles.


Electric Dreams
Weekly column for The Asian Age by Rishab Aiyer Ghosh
#12, 16/May/1994: I e-mail, therefore I am


When you read what I write, do you know whether I exist? Do you
know who I am? Do I know who I am?

Well, you know my name. You assume that I am a real person of
that name, and that someone at this newspaper has contact with
me. (In fact I file my column electronically, though I admit to
have been seen on occasion!) Despite technological advances,
people still start professional (or other) relationships after
acquiring verifiable identification -- an address, a bank
account, a face. What would happen in cyberspace, where people
may be far apart geographically, and identities less rigid and
secure?

Electronic identities as widely used, are limited to e-mail
addresses. As with a physical address, an e-mail address provides
a way to contact an individual. Like the postmark stamped on tree-
murdering paper envelopes, e-mail headers generally indicate that
a message has, indeed, come from a particular address and hence a
particular person. Unfortunately these headers are easily forged.
Not only can someone pretend to be me, I can pretend to be
someone who doesn't exist!

Cybernauts see two issues here. The inherent insecurity of
cyberspace, which makes normal interactions unreliable, is a
lapse that demands attention. On the other hand, the amorphous
nature of identity that the Net encourages is actually a Good
Thing, balancing the ease with which privacy can be violated, and
making the advantages of an information society apparent.

There are a number of ways to ensure distinct identities. That
is, to ensure that Rishab Ghosh who writes this column is the
author of the previous episode. Digital signatures are secure,
backed by the arcane mathematics that proves the difficulty of
factoring large numbers. A digital signature is a very large
number, correlating the signed data with other publicly available
numbers that define an individual's identity. Though these
identifying numbers are public, a signature cannot be forged, as
it also depends on a private key kept secret by the individual.
Similar methods can be used by anyone to send encrypted messages
that can be read only by the intended recipient.

There -- now I have an electronic identity. You might have
noticed, though, that there is no link at all between an identity
in cyberspace and any physical (real?) one. I could plausibly
have multiple identities, for different purposes, conducting
public arguments with each other. Which brings us to the Good
Thing. There's no reason why I shouldn't write columns as Rishab
Ghosh and poetry as Alfred Prufrock, while living the rest of my
life as John Doe. I might have to, lest evil marketing managers
monitor all my public actions and learn more about me than I do.

To formalize this separation of identities, cybernauts have
created services known as anonymous remailers, which accept
conventional e-mail and repost them, shorn of all their direct
identifying marks -- addresses, names and so on. It is up to the
poster to create pseudonymous identities using signatures and
other methods. There are varying degrees of anonymity provided;
with many services it is even possible to reply to anonymous mail
without knowing a 'real' e-mail address.

This sort of anonymity might primarily be used for privacy --
from consumer surveys, cloak-and-dagger maniacs, and other
assorted net pests. In an ideal world, we would be free to say
what we like; till we are, anonymity allows us some freedom to
express without reprisal. This freedom is already being taken
advantage of; in Internet news groups such as
alt.sexual.abuse.recovery, for instance, victims can comfort each
other in public electronic gatherings without the risk of public
exposure.

As with any technological advance, anonymity can be abused. While
'whistle blowing' might be the right thing to do sometimes, there
is no way to be compensated for anonymous defamation. Attempts
are being made towards a system of reputations, where people
would gradually build (or ruin) a reputation for their
identities, as their posts are tested by time. A totally
anonymous accusation will of course have a very low reputation.

Reputation systems will not end identity abuse. Hopefully, as
people depend on them to be taken seriously, and unsubstantiated
accusations are taken with large helpings of salt, we will enter
a more tolerant society, that concentrates on the expressions
rather than the expressor.

Rishab Aiyer Ghosh is a freelance technology consultant and
writer. You can reach him through voice mail (+91 11 3760335) or
e-mail (rishab@dxm.ernet.in).

--------------------------------------------------------------------------
Rishab Aiyer Ghosh                                     rishab@dxm.ernet.in
Voicemail +91 11 3760335; Vox/Fax/Data 6853410
H-34C Saket New Delhi 110017 INDIA

The National Short-Sleeved Shirt Association says:
                                          Support your right to bare arms!
--------------------------------------------------------------------------





Thread