Beware of imitations

A few days ago I received an email accusing me of having perpetrated some unspecified antisocial act on a Web site, presumably a blog. Unfortunately, the writer did not provide an URL and so I was unable to check the facts for myself. The name of the site was given but it meant nothing to me and didn’t seem the sort of site I would visit.

I wrote to the author of the email, expressing my mystification and asking for further details. So far, I have received no reply. Perhaps she does not monitor her email regularly or has realized that she has made a mistake or… There are so many possibilities and I leave you to think up your own.

This does, however, raise a genuine problem. There are so many people online these days looking for names that the likelihood of any name being repeated is very high: “SilverTiger”, in various formats, is itself hardly a rarity. On sites that allow interaction, it is usually sufficient simply to type in a name and there is no verification at all. If someone comments on your blog signing himself “SilverTiger”, you may have no way of knowing whether it is this SilverTiger or someone else who also uses the name legitimately, or someone trying to cause mischief by pretending to be one or other of the real SilverTigers.

In one sense this doesn’t matter because none of us has exclusive rights to a particular name. On the other hand, we do have exclusive rights to our identity, no matter what name we normally attach to it. I do not want to be blamed for mischief perpetrated by others in my name but I also want to be recognized as myself when I present myself in the public sphere.

The problem, then, is: How do I protect myself from people fraudulently assuming my identity and how do I prove my identity?

One context in which this double-barrelled problem is relevant is in blogging. There are blogs I visit regularly and on which I leave comments. What is to prevent someone, out of resentment or simple mischief, going onto those and other sites and behaving badly, using my name, to the detriment of my reputation? Very little, it seems to me.

There is of course OpenID but this is still far from being a complete solution. For one thing, there are many sites where you can register an OpenID name. There isn’t much to prevent someone creating an OpenID on one site that is a passable imitation of your OpenID on another site. This would be enough to fool many people. Secondly, not many sites yet use OpenID to verify people signing in. Finding a site that both uses it and allows use of the particular OpenID you registered is hit and miss, to say the least.

It seems to me that there needs to be a much more rigorous system, perhaps similar to the domain name system, where a single agency, or at least very few agencies, register people’s online identities, making them verifiable and preventing others from impersonating you.

Advertisements

About SilverTiger

I live in Islington with my partner, "Tigger". I blog about our life and our travels, using my own photos for illustration.
This entry was posted in Opinion and tagged , . Bookmark the permalink.

6 Responses to Beware of imitations

  1. emalyse says:

    Identity theft is a big worry these days. I think i-names was a proposal that linked an identity to an ip address and tracked back to an identifiable number of contact sources but never really took off and again unless everyone implements it then it’s just a good idea in the wilderness.Not sure about the single body thing for a distributed system but a more rigid application of an open protocol by varous websites would help.

  2. SilverTiger says:

    I have registered my OpenID with Typekey and that is available on some sites.

    Instead of subscribing to one central agency, each organization tends to set up its own. For example, if you have a blog on WordPress or Blogger, your login is an OpenID supported by those sites. These are unlikely to be used widely, though.

    In my view, rather than egotistically implementing their own, WordPress, Blogger et al. should support a third party.

  3. emalyse says:

    As it’s open nobody owns it. The open ID foundation is the advocate and steward. At the moment we have more providers than sites implementing OpenID as a sign in option (the argument is for neutral providers rather providers of existing blog or website services) and those that do vary in the number of possible features implemented. The open standard needs to evolve and prove itself worthy of adoption. Commercial interests always like to bastardise and corrupt standards to fit their own model for the sake of their own commercial advantage.

  4. SilverTiger says:

    Shades of the “browser wars”.

    I hope OpenID evolves to become a satisfactory system for establishing online identities but at the moment it looks to me like a step on the way rather than the complete solution.

    Time will tell.

  5. athinkingman says:

    I can see the problem of potential ID theft and that a solution would be welcome for some. However, I also sense that there are a number of people for whom anonymous internet activity is important, and I’m not sure if any solution would be able to preserve anonymity. I suspose for some it would be balancing the desire for anonymity with the benefits of the protection that any solution offered.

  6. SilverTiger says:

    By “anonymity”, I assume you mean not revealing your “real” name, i.e. the name by which you are known in the “real world”. I don’t see how this is in any way compromised.

    When I say that there needs to be a way of securing one’s name, I mean whatever name one uses online. So, for example, your “real” name might be Joe Bloggs and online you might present as IggyPiggyPoo. What is required is that every IggyPiggyPoo is uniquely defined so that no one can pretend to be an IggyPiggyPoo that he or she isn’t.

    To labour the point, I am called SilverTiger and there are other SilverTigers online, just as there are many John Smiths in the “real world”. In the real world, each John Smith’s identity is protected and no false John Smith can usurp his identity. I want the same thing to be true for all the SilverTigers online. I don’t mind there being other SilverTigers, as long as I can prove my unique identity and no one (whether called SilverTiger or not) can usurp that unique identity.

Genuine comments are welcome. Spam and comments with commercial URLs will be deleted.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s