September 6, 2011

"The fact that "strong identity" should not be embedded into the fabric of the internet need not prevent individual enterprises from trying to cultivate it". There is much to recommend in this statement from John Gapper (*). This makes it all the more important to expose its one flaw.

Before looking for the flaw though, one ought to understand why John Gapper is right to begin with. Think of his column as a vivid illustration of my motto "Privacy, Identity, Responsibility".

First it affirms the link between Identity and Responsibility. "Anonymity increases the incentives to behave badly". We would be blind to pretend otherwise as Polyphemous learnt it the hard way. When it's Nobody's fault, Justice is impotent indeed.

Second it makes clear the link between Identity and Privacy. "[Facebook and Google] have self-interested reasons to [take a stance on anonymity], since the more data their users give them, the more valuable their networks become to advertisers". Aren't pseudo users from data slave dealers potentially as bad a product as a pound of ground beef past the sell-by date?

Third it distinguishes absolute identities, with which the police hunts down a wanted man, from relative ones, which confirm a person is the same individual dealt with in a prior encounter. John Gapper calls these relative identities "avatars and pseudonyms". While better protecting privacy, they enable a social site to track a behavior and "weed out persistent mischief-makers" and a reader to "gain a sense of [a] personality".

These simple concepts are but a base for further analysis. Concerned with the case of online opinions, John Gapper makes two such observations. One is obvious. Under certain circumstances, freedom of speech needs the mantle of anonymity.

This is why the media should be weary of the behavior of Wikileaks. It may not be responsible for stolen data deposited at its doorsteps. But having acquired "confidential State Department documents", it is under its watch that "newly disclosed cables reveal the names of more than 100 people in foreign countries whom diplomats had marked for special protection", as Scott Shane tells us (**). If an organization which bills itself as a new kind of media casually names the sources of the US government, is it believable media will allways respect the anonymity of their competitors' sources?

John Gapper's second observation seems to run counter to the first. "Jaff Jarvis, a journalism professor has argued for favoring [signed] comments". Besides the terminally naive, who nowadays believe user-produced online recommendations, the spontaneous kind companies routinely pay for? This is why, five years ago, Amazon.com introduced special badges to signal reviewers ready to put their good names on the line.

Yet together, these two opposite facts explain the nature of the public service pledged by the so-called Fourth Estate. By marrying the value of responsible sources whose identities it has vetted with the privacy which it confers to them through anonymity, it truly promotes democracy.

Pity the media feels therefore entitled to such freedom it be made accountable to no one but itself. Known to be partisan, shown to host liars and spies, often unwillingly but also quite willingly, do they deserve to be the only watchers trusted to watch themselves?

In view of what precedes, Internet itself appears as a simple communication tool which one is free to use or abuse. "Strong identity" should be available as a separate addition whenever called for but only when called for. This is the clean layered architecture advocated by Tim Berners-Lee.

So much agreement may leave readers uneasy. Am I perchance in shameless receipt of the five dollars said to be the going rate for online applause?

Still we are not yet ready to examine John Gapper's flaw as promised. We need to dig deeper in the issue intrinsic to absolute identities. Surely Nandan M. Nilekani has given much thought to it. According to Lydia Polgreen, he has been asked by the Indian government "to register all 1.2 billion Indians, [...] collect[ing] 12 billion fingerprints and scan[ning] 2.4 billion irises" (***) (1).

There is no denying he has a point. I have often insisted recommendations are better done by local human recommenders than by global automated systems. But what if "local officials who are now the main gatekeepers of goverment services" are flawed by generalized corruption? What if local recognition "ends up trapping the poor in villages" outside of which, lacking a widely accepted recommendation, their local identitiws lose currency?

For "Ram Sevak Sharma, the director general of the identity program", "one cannot improve human beings [...] but one can certainly improve systems". Unfortunately this is not true unless such systems become independent of human beings (2). Central databases though centralize not only data but also power over people into the hands of the data administrators, their employees, their superiors, corrupt ministers (3) at the top.

Still Nandan M. Nilekani's project may not be as threatening as it seems. "The database has been designed to contain as little information as possible - only a name, data of birth, sex and address", plus it goes without saying all the biometrics. Isn't it no more than a rather "strong identity"?

Beyond "a centralized identity database as a dystopian nightmare", lies an even greater danger. A working absolute identity is the quickest way to establish a relative identity. Whenever you open an account, aren't you asked your name? And even though each such may tag a very narrow slice of an individual's activities, electricity consumption, driving record or online opinion, all can now be linked into a profile Big Brother would approve.

Without a privacy law establishing the fiduciary responsibility of each organization towards those whose personal data they hold, the more widely a strong identity scheme is adopted, the more inherently dangerous it becomes by enabling data aggregation.

And there lies the flaw in John Gapper's statement. It gives a pass to companies such as Google and Facebook. They have acquired so many users and aggregated so much of their confidential data already that "crack[ing] down on people trying to use pseudonyms rather than full identities" realizes the worst possible outcome one can expect from a government ID initiative. Yet with neither citizen oversight nor effective privacy laws, to whom are they accountable? As an entrepreneur, Rupert Murdoch too thought he had "every right to set [his] own rules".

Identity is necessary to establish responsibility. Scale and influence are sufficient to require public accountability.

Philippe Coueignoux

• (*) ..... It is right to curtail web anonymity, by John Gapper (Financial Times) - Sept 1, 2011
• (**) ... WikiLeaks Prompts New Found Round of Diplomatic Uproar, by Scott Shane (New York Times) - Sept 1, 2011
• (***) . Scanning 2.4 Billion Eyes, India Tries to Connect Poor to Growth, by Lydia Polgreen (New York Times) - Sept 2, 2011
• (1) I am relieved to learn on Lydia Polgreen's authority that in India losing an eye or even a finger is as rare an occurence as elsewhere
• (2) this is the originality of the ePrio technology, which replaces human promises of confidentiality with a certifiable mechanism
• (3) for example, see Andimuthu Raja and the Indian 2G spectrum scam in the wikipedia