About the Institute

The Hybrid Vigor Institute is dedicated to interdisciplinary and collaborative problem solving. We seek out and connect experts from a range of fields to work together toward common goals.
Principals | Advisors | What We Offer

 

hybridvigor.net

hybridvigor.net houses the work of a growing network of researchers and practitioners who conduct cross-sector and cross-disciplinary explorations and collaborations.
Blog | Contributors | Topics

 

Disclosure

Privacy | Funding

 

Contact Us

 


 

Intervention by Denise Caruso Read Intervention by Denise Caruso, Executive Director of the Hybrid Vigor Silver Award Winner, 2007 Independent Publisher Book Awards; Best Business Books 2007, Strategy+Business Magazine

THIS WEEK IN TRUST: IDENTITY PILFERING

by Mike Neuenschwander ~ February 15, 2008.
Permalink | Filed under: Hybrid Vigor, 21st Century Risk, Social Trust Online.

The juxtaposition of two events in the last week exemplified the growing tension of social trust on the Internet. First, the OpenID Foundation announced the additions of Google, IBM, Microsoft, VeriSign, and Yahoo! to their board. A few days later, the New York Times reported on people’s frustrated attempts to delete their Facebook accounts.

It seems identity theft is officially passé: now you have to worry about “soft” identity theft by social sites that play keep-away with the information you provide. Thankfully, some users have reportedly succeeded in getting their accounts permanently excised from Facebook (for example, see this post on the 2,504 steps to closing your Facebook account).

But their Pyrrhic victories do little to stem the deluge of personally identifying information pouring into and being captured on the Internet.
For example, how do I delete my profile from Spock, when I didn’t even set it up in the first place? Can I instruct Google not to index information about me?

So, last week while technologists were building out the apparatus for connecting people’s information across sites, real people confronted an Internet that neither forgives nor forgets.

Of course, the OpenID folks are convinced that their approach — a decentralized, single sign-on system — will improve privacy by reducing the number of accounts people need. Control of one’s personal data is a tenant of the “user-centric identity” movement that OpenID represents. But OpenID is an identification system, not a trust system (in either the technical/cryptographic or the social sense), by the designers’ own admission. So while I’m encouraged to see an impressive list of tech companies working together on identification systems, it’s unfortunate that they’ve wholly missed the point. It’s not the ID system that needs fixing.

Sure we’re all bugged to have to remember 57 passwords, but it’s a nuisance, not a betrayal of trust. The announcement I’d like to see is that the same list of companies is collaborating on an apparatus for improving social trust online. For those of you frustrated with the eternal stickiness of social sites, I recommend never using your actual identity—create a persona instead. Unfortunately, personas aren’t that easy to create and maintain at the moment, but it’s something we’re working on here at Hybrid Vigor.

3 Responses to THIS WEEK IN TRUST: IDENTITY PILFERING

  1. Judy Shapiro

    Creating trust online is not only the tagline of Comodo - but our mission. As the world’s second largest certification authority, we agree that the need is not about managing id’s but about how to decide who to trust online. To create this level of trust is a function of creating the means for end users to verify who is at the other end of an interaction and vice versa. We’re not just talking about it — but we are delivering it to the market. We offer lots of free tools to manage PC security, passwords and email. We provide revolutionary content verification to help end users avoid man-in-the-middle attacks. Again for free. Creating trust online is about authentication - of people, sites, content. Creating trust online is about creating the authentication layer of the Internet.

  2. Denise Caruso

    Yikes, Judy! Shameless plug! Aside from that, I think you have oversimplified the issue a bit in order to promote what your company does. I think online trust entails a LOT more than just verifying who is on the other end of a transaction. At least it does for me.

    I know exactly who is on the other end with Facebook, for example. It’s what they’re doing with the data they have that makes me not trust them.

  3. Mike Neuenschwander

    Hi Judy, thanks for reading the post.

    The word “trust” is of course a loaded term. I use the phrase “social trust” to distinguish the concept from cryptographic trust, which is largely what your company offers.

    In the physical world, social trust relies on instinctual, highly evolved ceremonies, social emotions, queues, signals, shared memory, social status, connection, and demonstrations of ability. Such things are largely missing from today’s technologies. I’ve written a bit about “laws of relation” on the Burton Group blog. I’ll be talking a lot more about these issues on this blog, so stay tuned!

Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word