Reader's Digest feels compelled to explain ID theft to its readers, mainly born before the time of computers (1). From prime printer brand, Hewlett-Packard morphs into master of snoop in a snap (see 09/12 and 09/19 fillips). Meanwhile no day comes without a tale of tainted truth (2). Verily the Information Age is proving to be the Misinformation Age.
In answer to this threat, we started to examine recommendation practices in our 8/22 fillip, and have already looked at Google, the biggest recommending mechanism of them all. We feel it essential to continue today with another type, online identity verification services, following Jessica E. Vascellaro's report(*).
Before we dig into details though, readers must remember that deceit is not a modern invention. The Patriarchs of Genesis might have had difficulties to grasp the concept of a printer but they would have felt right at home at an HP board meeting.
Isaac is an old blind man who wishes to confer God's blessing on Esau, his preferred son. Isaac's wife, Rebekah, favors Esau's twin, Jacob, and plots to have him receive God's blessing instead of his brother. Now this is premeditated ID theft on a biblical scale. But Isaac is no fool. He may be blind and unable to distinguish between the voices of the twins, as fact-deprived as we when facing a correspondent over the Internet. But he can rely on the equivalent of a recommendation certificate and check skin hairs, for really Esau has lots of them to Jacob's none. So Rebekah forges the recommendation certificate and covers Jacob with kid skin.
While the reader may ponder Who was kidding whom at the time, we can see that Internet simply magnifies a rather old problem: how can one trust a recommendation?
The principle of an online verification service is simple. A user in need of a recommendation interacts with a site over the Internet, to which he or she reveals profile elements, such as name, address, social security number etc... The profile, whose exact nature depends on the verification service, is checked against existing data bases such as credit reporting agencies and public records. Once accredited, the user receives an id from the recommender which can be requested and verified by interested but suspicious online correspondents. In a nutshell such correspondents are offered the possibility to outsource their own identity verification process.
When the correspondent is an individual, such as for online dating purposes, or a small business, an eBay dealer for example, such a service may be quite cost effective. For bigger sites, there exist services which perform a similar function in the background without letting the user in need of a recommendation know he or she is investigated (3).
Imagine for example that YouTube's entries were graced with such recommendations. Readers would no longer be titillated by art masquerading as truth and lonelygirl15 would have indeed remained lonely. Instead her true identity was only revealed after Tom Foremsky's teenager son decided to dig beyond the appearances (**). In the same vein, authors would be prevented to write self flattering comments under a name other than the one used to publish the original content and Lee Siegel on Culture blog would still exist, as reported by Tom Zeller Jr. (***).
As Tom Zeller Jr. records too, anonymity can still have its use to protect one's right to air one's opinions without undue hardship. I concur. Anonymity of public sources is a great way to create jobs. Tom Foremsky's son should consider sending his resumé to HP now.
More seriously the possibility to establish bona fide identities online would perhaps check the tendency to charge Internet service providers for the sins of their users. eBay is being sued by luxury goods companies because eBay clients sell fakes as reported by Adam Jones (****). Where has individual responsibility gone? Of course eBay is partly to blame for its misery by putting forward a recommendation mechanism based on feedback. I will gladly examine this type in a coming fillip. Let it be said for now that someone who fakes Tiffany jewels can fake eBay feedback too.
Let us proceed then and examine identity verification services according to our criteria on recommendation mechanisms:
First we see that these online services provide a somewhat decentralized approach since there are quite a few competitors on the market. The problem though is twofold:
- degree of centralization
- protest process
In practice then, we have here a nursery of aspiring big brothers busily building a giant database of user profiles. Beware bigger brotherly love.
- each company thinks of itself in terms of a universal, and of course totally centralized service
- no value is created unless such a company is used by both the user who seeks the recommendation and the correspondent who wants to see the recommendation
On account of responsibility, an online verification service is a legitimate business, with a physical corporate presence, name, address, phone number. It is often found through a known Internet service, such as a dating site or a seller of age-restricted goods, likely to have a physical presence as well.
But what good can come from a clear point of responsibility when the protest process is, here again, inexistent or at least obscure. After a look at a sample of verification services, I have yet to see a section on a protest process. A naive observer would think errors must therefore never occur.
Any reader ready to bet there is no more Rebekah out there today?
- (*).......New Ways to Prove You Are Who You Say You Are Online, by Jessica E. Vascellaro (Wall Street Journal) - August 3, 2006
- (**)....How the identity of LonelyGirl15 was found, by Tom Foremsky (SilliconValleyWatcher) - September 12, 2006
- (***)..Writers on the Web, Deprived of Masks but Not Their Pride, by Tom Zeller Jr. (New York Times) - September 11, 2006
- (****) eBay sued over sales of fakes, by Adam Jones (Financial Times) - September 21, 2006