1997-12-15 - Identity, Persistence, Anonymity, and Accountability–Part II ofII

Header Data

From: Tim May <tcmay@got.net>
To: cypherpunks@Algebra.COM
Message Hash: a885b2a399f0ebc6e1c1c2aaaf90ba3cdf85536fe21e951bb7c72a5b25d9444f
Message ID: <v03102805b0ba22c79077@[207.167.93.63]>
Reply To: N/A
UTC Datetime: 1997-12-15 01:02:28 UTC
Raw Date: Mon, 15 Dec 1997 09:02:28 +0800

Raw message

From: Tim May <tcmay@got.net>
Date: Mon, 15 Dec 1997 09:02:28 +0800
To: cypherpunks@Algebra.COM
Subject: Identity, Persistence, Anonymity, and Accountability--Part II ofII
Message-ID: <v03102805b0ba22c79077@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain





As promised, here is Part II, with a more graphical analysis of the issues
of identity, anonymity, traceability, accountability, and the correlations
between them.

Consider two principles axes:

-- identity

-- accountability


A "0" on the identity axis means a complete lack of any identity, with no
assurance whatsoever in the nickname, casual name, and certainly not in the
True Name, of an entity. The canonical "Anonymous," with not even any clues
as to identity.

A "1" on the identity axis means a complete certainty as to whom someone
is, with extensive credentials, perhaps even voiceprint, blood tests, etc.
An appearance by Bill Clinton probably rates a "0.999" on this scale, as
various input vectors are summed...most of my posts might be rated at
"0.95," and so on.

There are some meta-issues about what true names really are. Was Bill
Clinton switched at birth? Did the Trilateral Commission actually kill the
real Bill Clinton when he was at Oxford and replace him with a KGB
lookalike? Do his footprints match that on the birth certificate on file in
the Arkansas hospital? Is that stuff even what we mean by "that guy is Bill
Clinton"?

I won't get into these meta-issues here, but they are eventual
boundary-value problems for any "is-a-person" formal system.

On the "accountability" axis, a "0" means an entity cannot be held
accountable. Cannot be reached, cannot be hauled into court, etc. This
could be because the entity is outside a jurisdiction. Marc Rich, resident
of Zug, Switizerland, is about a "0.1" on the accoutability scale.

A "1" obviously represents full accountability.

Clearly it is possible for someone to be high on the identity scale (like
Marc Rich), but low on the accountability scale. Or, more interestingly, it
is possible for a participant in a transaction to be essentially anonymous,
but very accountable. This is what digital cash and anonymous escrow
systems provide.

Chaum's "credentials without identity" makes this clear. It is possible to
present some credential for some property, such as age, without identity.
(An easy to see example being admissions to bars...as ID scanning
technology spreads, we would like to see methods for checking an age
credential without also creating a computer record of all bars visited,
number of drinks consumed, etc.)

(Crime and illegal markets often work this way, too. That is, with identity
not necessarily known ("Vinnie the Nose"), but with other mechanisms for
ensuring accountability. The usual, but important, stuff about reputation
capital. Ditto for primitve markets, with goods left in
clearings...absolutely no "identity," but various mechanisms for
enforcement of trading protocols (including "no future business if you
screw me," which is how many markets have worked, a la the Law Merchant for
international trade, which evovled into the Uniform Commercial Code.)

OK, here's a diagram. Notice that the central diagonal, the "main sequence"
( a la Hertzsprung-Russell diagrams) is the correlation between "identity"
and "accountability." To those who argue that accountability IS identity,
this is there line. But there are many other place in this space.

For ease (to me) in making this diagram, I've had to just use letters, with
the legend below the diagram.

		^ CASH				TOTAL
	      1	| CHAUM
		| ESCROW
	^	|				BRIN
	|	|		DIGNYM
	|	|             CORP
Accountability	|
		|
		|				MRICH
		|
		|  ANON
	        0	|_  _  _  _  _  _  _  _  _  _  _  _  _  _  _  _  _

		0					1
				Identity -->

CASH = immediate clearing, but no identity

CHAUM = Chaumian "credentials without identity" (in many forms)

ESCROW = leaving a deposit, or linking to another payer
 (an anonymous VISA card, with a deposit, works this way. Or a corporate
account, card, etc., where the company backs the transaction, but identity
of the participant is unknown, or poorly known)

BRIN = David Brin's "accountability means identity" mapping (no doubt there
are nuances to his view, but I believe this fairly characterizes the
position he has described here recently)

TOTAL = The total state. Eveyone in their place, every transaction logged,
everyone held accountable by the State

DIGNYM = Digital pseudonyms, or signed messages. Identity may be variable,
from almost completely anonymous (e.g., Pr0duct Cypher) to known to some
(e.g., Black Unicorn). Accountability also varies, depending on factors
like jurisdiction.

CORP = corporate, or collective, accounts, where identity of actual
participants is poorly known, but accountability is high

MRICH = identity known to high certainty, but "judgment proof" (note that
this applies to many other persons, such as poor persons, who may say all
kinds of libelous or actionable things, but who are not worth going after)

ANON = the canonical "anonymous" message, with no identity, no accountability.

Of course, there are many other examples. And each examples has "scatter."
Each is a "blob," not just a point. And they can move around, as laws
change. (For example, Marc Rich could quickly become "accountable" were
Switzerland to change its laws about extradition.)

The structure of this identity-accountability space is itself interesting,
with peaks and valleys (suggesting a third axis, that of "cost" to live in
these spaces....).

And so on. I hope this helps clarify for you some of my thinking on these
issues.

i find that simplistic arguments, whether, "accountability requires
identity," or "anonymity is a basic right," are not very helpful.

There are clearly times when participants in a voluntary transaction want
some kind of "identity credential" (especially to the extent they think
identity = accountability). There may even be times when the State has a
legitimate interest in compelling identity (though many of us would quibble
with most such demands, and look for ways to satisfy these "is-a-person"
needs less invasively than by requiring national I.D. cards and tattooes on
forearms).

Again, I hope this has helped.

--Tim May




Voluntary Mandatory Self-Rating of this Article
(U.S. Statute 43-666-970719).
Warning: Failure to Correctly and Completely Label any Article or Utterance
is a Felony under the "Children's Internet Safety Act of 1997," punishable
by 6 months for the first offense, two years for each additional offense,
and a $100,000 fine per offense. Reminder: The PICS/RSACi label must itself
not contain material in violation of the Act.

** PICS/RSACi Voluntary Self-Rating (Text Form) ** :

Suitable for Children: yes  Age Rating: 5 years and up.
Suitable for Christians: No Suitable for Moslems: No  Hindus: Yes
Pacifists: No  Government Officials: No  Nihilists: Yes  Anarchists: Yes
Vegetarians: Yes  Vegans: No  Homosexuals: No  Atheists: Yes
Caucasoids: Yes  Negroids: No  Mongoloids: Yes
Bipolar Disorder: No  MPD: Yes and No  Attention Deficit Disorder:Huh?

--Contains discussions of sexuality, rebellion, anarchy, chaos,torture,
regicide, presicide, suicide, aptical foddering.
--Contains references hurtful to persons of poundage and people of
color.Sensitive persons are advised to skip this article.

**SUMMARY**
Estimated number of readers qualified to read this: 1
Composite Age Rating: 45 years







Thread