Last month I held a discussion on “names and nyms” within the IDESG Framework. Some highlights worth noting are the suggestions at the end for possible work products related to nyms that could be included in the IDESG Framework when it is released.
The Secret of Nym – April 2015
This month I was honored with an invitation to speak at the IDESG Virtual Plenary. The IDESG is the group designated to create a framework to address Obama’s NSTIC strategy regarding identity issues with online services. My talk was half an introduction to “Nym issues”, such as the Native American Dana Lone Hill being suspended from Facebook, and half a discussion about how these issues can be addressed within the IDESG Framework.
I proposed the following suggestions: that we continue the discussion to develop a robust vocabulary, including sensible definitions for words like “anonymous” and “pseudonymous”; that we craft a suggested “names policy” for organizations considering whether they need to adopt one; and that we introduce suggested transparency and remediation procedures, so that someone using a service like Facebook knows *why* their account has been suspended, and they have a channel to negotiate with the service.
While the IDESG Framework can technically only offer suggestions of guidelines for organizations to follow, I think that the final product will carry enough weight to have really positive influence. If nothing else, these additions could give organizations an informed choice on how to adopt policy.
Nym Factoid of the Month:
The United States does not have any mandatory identity document. While most people assume that the social security number is de facto, you are actually only forced to register for one if you are born in a hospital. In fact, social security cards explicitly say on them that they are not to be used for identification. Over the years, this has changed socially, mostly because of use by the military, medical facilities, and financial institutions, all of whom needed a common unique number to identify someone by. There is also no way to opt out of paying into social security, short of expatriation.
Foebud Photo ID: For only 15 EUR, you can purchase a very realistic looking ID card from this German company. If you don’t have an address in Germany, you can pick one up at their booth at the Chaos Communications Congress event.
The Secret of Nym – March 2015
A combination of events has begun to make the last few months feel a bit like Nymwars 2.0. For those new to this topic, Nymwars was the era in the summer of 2011 when Google Plus suspended people for using names they didn’t think were “name-shaped.” This lead to lots of discussion, including the creation of NymRights. This past summer, after a change in management, Google wound up retracting their policy in full. Facebook seems to have taken the lead on this now, suspending lots of people, including members of the LGBT community and Native American tribes, but also people who have names that apparently look funny.
Incidentally, a lot of the same arguments from 2011 are being rehashed. One of the more common ones is the assertion that Facebook is a private company and can basically do whatever they want. This is true to some extent, in that they legally *do* own all the data, and can set the terms of service to their own system. However, it becomes tricky when we start to consider what the public expectations for these services are. It’s clear that a lot of people are treating Facebook (and Twitter, and other places) like a public forum, even though they are not, and Facebook is not doing much to correct this misunderstanding.
My next favorite argument is the “terms of service” one. It states that, because you agreed to the terms of service, the burden is on you to understand your relationship with the company. On an initial view, this is a very logical argument: you agree to terms, and if you don’t keep them, you can leave the service. There are a few challenges with this though. First, do we think it is safe to assume that a reasonable person would 1. bother to read these terms, some of which are dozens of pages long, and 2. understand them with the same clarity that a lawyer does? Second, if you have an issue or a question about anything within the terms, is there a way to negotiate, or at least ask about it? And finally, if you want to disregard the terms, is there anywhere else you can take your business?
The last challenge is very interesting because it reveals a semi-monopolistic nature of Facebook. There are two reasons I can see immediately why it’s difficult to apply the monopoly term: first, a Facebook user is not a customer, so you have no “business” you can take elsewhere; second, its unclear what domain Facebook occupies, and who their competition is. The first issue hits home the realization that a Facebook user is simple a resource for them to collect data to sell to data brokers, similar to how a coal mining company has coal mines. The second issue is interesting because if you think about it, what space does Facebook occupy? One could argue that there’s an informal agreement where you give them your data in exchange for access to their network. Does that make them a quasi-public space? If I sell things through a Facebook page, does that turn it into a marketplace?
There are many more thing to unpack, but this is a basic entry level analysis of it all. There are a few things in the works that might enable people to have more power in these discussions, so it will be important to watch what happens in the next few months.
Nym Factoid of the Month:
In 1983, a naming law was passed in Sweden requiring new parents to submit their babies name to the government within three months of birth. It was primarily created to prevent non-noble families from giving their babies noble names. Failure to register could result in penalties like fines. In 1991, Elisabeth Hallin and Lasse Diding gave their newborn baby the name
“Brfxxccxxmnpcccclllmmnprxvclmnckssqlbb11116” to protest this law. In 2007, another couple ran into issues with the court when they tried to name their child “Metallica,” although the issues were dropped when it turned out someone already had “Metallica” as their middle name.
Papers, Please!: originally started to document John Gilmore’s lawsuit against the TSA for their secret ID requirement laws, this site has become an interesting resource for information regarding the right to travel, right to free speech and association, and the issues surrounding things like RealID.
The Secret of Nym – February 2015
Facebook is at it again. This time, they are after Native Americans. Among others, Lakota woman Dana Lone Hill was suspended because her name wasn’t “name-shaped.” It’s not solely targeted at them, though. A user named “Bob O’Bob” was suspended, as well as a user named “Jay Smooth.” In both of those cases, the name they were using was well established within their friends and family circles. Given that Facebook has been on a suspension spree since they started suspending drag queens back in September, these stories are not likely to stop anytime soon. The EFF and the ACLU are currently in talks with Facebook in an attempt to improve he situation.
Nym Factoid of the Month:
The Machiguenga people from the Amazon Basin jungle regions of southeastern Peru lack personal names. Members of the same tribe refer to each other using kin terminology, while they refer to different tribes using their Spanish names.
Abine: this company is interesting because their tech goes a step beyond the typical remailer idea; they also act as a shield for your credit cards to help reduce your risk of identity fraud.
Zooko’s Triangle: a useful diagram showing the difficulty of names within systems. It’s analogous to the saying “Fast, cheap, and good. Pick two.”
As you can glean from the video below, I will be speaking about NymRights at Haaaaarvard’s Berkman Center. Here’s the link for more info on the talk, which will happen on September 30: https://cyber.law.harvard.edu/events/luncheon/2014/09/aestetix
And it’s time for what seems to be a quarterly update!
In early June, Kaliya and I spoke at Computers, Freedom, and Privacy, a conference that took place within earshot of DC. I introduced some new research I’ve been playing around with, and we covered a lot of what has gone on in NSTIC over the past few years. One interesting note from the conference was that there is not a legal definition for “anonymity” or “pseudonymity.” There seem to be different reasons for this, but I view it as an avenue for exploration.
Then in July, we co-spoke (again!) at the HOPE X conference. Because the keynote, featuring Ed Snowden, wound up understandably running an hour over time, our talk started at midnight, which turned it from a professorial lecture into a small group discussion that I think went quite well. Although you glean some things from the talk abstract, you should probably listen to the audio recording for the full picture, forgiving some of my late night snarkiness. Be warned– our talk was the last of the night, and with permission from AV we wound up running until nearly 2am.
I have a few more things in the pipeline, so maybe at this rate there will be a useful update in January :)
It’s been a while, and we’ve been busy! I recently spoke at the Critical Themes conference at the New School in New York City. The talk wasn’t recorded, but you can read the paper I wrote for the conference. The paper is a sort of introduction to what I’m calling “identity theory”, and there will be a lot more where that came from.
Beyond that, I also hosted a “Birds of a Feather” session at the April IDESG plenary, where we had a really interesting conversation about the intricacies of pseudonymity/etc within enterprise systems. You can watch the conversation here: