The woman writing the article is very clear on the identity “creep” that happened and got to the point of requiring users to use the Real ID account within the system to post on forums and EVEYWHERE they interacted on company websites.

She articulates clearly why this creates an unhealthy climate and a chilled atmosphere for many users.

She articulated why she chose initially to sign up for the service using her “Real Name”

When Real ID came out a few weeks ago, I threw caution to the wind. Although my name is fairly uncommon, I immediately added everyone in my guild. I did this mostly because I like my guildmates, I trust them, and I’m an officer of our guild; it would be strange for me to not use this service. We killed heroic Lich King together, we make all kinds of obscene jokes, and although I’m one of two females in the entire guild of forty or so people, harassment is never an issue. I’m an equal. I’ve been here for over a year, and as such, giving these players my real life name wasn’t an issue.

Listen to her language carefully – she says “in this context” I trusted sharing my real name and my gender which is likely given away by her real name.  She knows her guild mates and they don’t harass her.

there was a smaller problem. The guildmates I’d friended had friends who could see me as well because of this. For some reason, Real ID came with the feature that everyone can view other people’s friends–that is to say if I friend Joe, I can then see Joe’s friends and Joe’s friends can see me.

In the process though her “real name” was leaked beyond this trusted group to their friends.  Some of whom may not have known her gender.

Now their “Real ID” system is being extended farther.

Blizzard announced today that all posts on their forums will be now using Real ID. This is mandatory–if you want to post, you have to post this way….real life names will be next to those who post. This will affect everyone, even Blizzard employees. They are also adding a karma feature that will be a lot like Reddit or Digg.

You think why is this “so bad” we should all just be comfortable being “out” about our gaming life or what we say online.

1st she highlights why anonymity is good:

The internet is largely what it is because of its anonymity–for better and for worse. Many great discussions have been had solely because someone could submit their words without worry of being judged.

She acknowledges ”greifing” happens because of this but that this is mitigated by moderation.

She says those who really do want grief other people are being given more tools to do so with by actually revealing people’s real life names, and addresses (in physical or online space).

by using a full name, players are tied to their real life persona and unable to separate themselves from their online one.

Taking away the freedom to “disaggregate” yourself is where the issue is.  People need to be able to be gamers and NOT have it leak into their real lives where it could affect their livelyhood or standing in a totally different community.

In this system, it becomes linked forever in search engines. This means potential employers could find out if a player was a World of Warcraft fan and even the characters they have with a simple search.

If you don’t think it is an issue perhaps you are not in a minority or in a “target population”

Women might find it harsher with new avenues of harassment opened. Transgendered people could be inadvertently outted when someone sees Sally, the friendly Paladin chick, posting under the name Steve. Someone could have a distinctive name and be disregarded solely because their name sounded like a person of a certain background, race, religion, or otherwise. And if someone’s a minor–or even major–celebrity, having their name exposed could be damaging.

Those in charge of and designing systems need to think twice before making changes.

Like I said, there were options. Unfortunately it seems Blizzard executives chose not to look into them and then turned a blind eye. It’s just a shame that this lack of foresight will probably at the very least result in the harassment of many thousands of individuals–if it doesn’t end up causing something worse for a select few.

As for me, I haven’t forgotten about the person from France who spent over six months to track down and attempt murder on a guy who fragged him in Counter-strike (NY Daily News). Call me pessimistic all you want, but I have to wonder if Blizzard’s marketing department even thought about it.

Related posts:

1. Queer Identities and discrimination online
2. Web Wariness is real
3. Social network suicide a possible response to these Yahoo! plans.

TSA had promised it would only use the limited information about passengers that it had obtained from airlines. Instead, the agency and its contractors compiled files on people using data from commercial brokers and then compared those files with the lists.

The GAO reported that about 100 million records were collected.

The 1974 Privacy Act requires the government to notify the public when it collects information about people. It must say who it’s gathering information about, what kinds of information, why it’s being collected and how the information is stored.

And to protect people from having misinformation about them in their files, the government must also disclose how they can access and correct the data it has collected.

Before it began testing Secure Flight, the TSA published notices in September and November saying that it would collect from airlines information about people who flew commercially in June 2004.

Instead, the agency actually took 43,000 names of passengers and used about 200,000 variations of those names – who turned out to be real people who may not have flown that month, the GAO said. A TSA contractor collected 100 million records on those names.

It brings up some serious concerns about how information collection and validation is done by the TSA for airline passengers. How can we trust governments to collect this much information about us just because we travel.

This week I wonder why care about airlines passengers because security is so tight that airlines do not seem to be a place where the next round of attacks will be. If London is any indication it will be on mass transit. Given the level of police/security presence on the transit systems in the Bay Area this week is certainly seems like there is some concern that mass transit will be attacked. They have started random searching of bags to get on the NYC subway. One wonders if they will start issuing ‘identity passes’ to get on such systems.

On the city subways, which are used by 4.5 million people on the average workday, the inspections started on a small scale Thursday afternoon and were expanded Friday.

The New York Civil Liberties Union opposed the searches, saying they violated the Fourth Amendment. Mayor Michael Bloomberg said he hoped the NYCLU would recognize that the city had struck the right balance between security and protecting constitutional rights. He said the bag-checking program is part of a policy to “constantly change tactics” and “may, or may not, be there tomorrow.”

Related posts:

1. UK to start fingerprinting ALL passengers on domestic flights
2. 2007 a year of Data Breaches
3. Catalyst: Government Adoption of Federated Identity

Tourists visiting Disney theme parks in Central Florida must now provide their index and middle fingers to be scanned before entering the front gates.

The scans were formerly for season pass holders but now everyone must provide their fingers, Local 6 News reported. They have reportedly been phased in for all ticket holders during the past six months, according to a report.

I think it’s a step in the wrong direction,” Civil Liberties Union spokesman George Crossley said. “I think it is a step toward collection personal information on people regardless of what Disney says.

I think this is self explanatory in terms of why it is concerning. It seems to goes along with what is now happening with FastTrack passes (automatic toll readers) that I heard about last night at the Hillside Club CyberSalon where Esther Dyson was speaking. I googled the phenomena and here are some excerpts of what I found.

In New York State, readers have been multiplying ever since September 1997, when the New York Police Department (NYPD) used E-Z Pass toll records to locate and track the movements of a car owned by Nelson G. Gross, a New Jersey millionaire who had been abducted and murdered. The NYPD had neither a subpoena nor a warrant to obtain those records; the police simply asked the Metropolitan Transportation Authority (MTA), and the MTA complied. This set a very bad precedent. Though Gross wasn’t alive to complain about it, his privacy had been violated. Access to those toll records also permitted access to all sorts of sensitive information, including his billing address, his credit card number, his license plate number and his Social Security number.

In February 1998, the MTA announced that — near the Tappan Zee Bridge (the site of the first reader in New York State, installed in 1993) — it had just concluded a successful “experiment” with readers that could detect and extract information from transponders even though the cars to which they were attached didn’t slow down. These “high-speed readers” were only three-feet tall and could be placed just about anywhere. As a result, they permitted the ETC system to do something it was never intended to do: namely, collect truly huge amounts of information about such non-toll related phenomena as traffic flows, speeds, densities and delays (all of which, incidentally, can be videotaped by either flow monitoring or security cameras that have been automatically activated by the readers).

Since then, high-speed readers have been installed along a great many State-owned roads and highways; they’ve also been installed atop many residential buildings in New York City.

Related posts:

1. Web Finger! moving out into world
2. Big Brother coming to NYC
3. TSA data cloud searching – Flights today, Subways tomorrow?

Opening – Sermon on Laws

Laws of Planetary Motion
Kim’s Laws what happens to Identity if you make stupid or subtle mistakes
Newtons Law – gravity
Why things happen
Introduction – Looking Back Digital Signatures

A while back we decided we needed non-repudiation and did digital signatures by issuing certificates.
We forgot to figure out why do signatures work in the real world.
So, we got how they worked wrong in the technical world.
Having signatures not work is bad looking forward having privacy not work is bad.
Body of Talk
Definition:
Identity is a collection of attributes by which a person or thing is generally recognized or known
Identity Relativity
The Identity of X according to Y: The set of attributes believed by Y to be true of X.
Axiom: Utility
An identity attribute has value if and only if knowing that attribute reduces risk for some party
Reducing one party’s risk often creates risks for other parties.
Consequence: Identification is Power
Identity allocates risk.The ability to create or eliminate a risk for another confers power over the other.

Axiom: Contention
Because identity claims allocate risks, they will be disputed.
Identity Attributes

• Commercial Interest – Convenience
• Government Interest – Security
• Individual interest – Privacy

Definition
Privacy: is the ability to lie about yourself and get away with it.

Axiom: Subjectivity
People disagree about one anothers identity attributes
In general, there’s now easy way to tell who’s right and who’s wrong
Axiom: Temporality
The name that can be named is not enduring and unchanging name. All identity attributes change over time.

• Prince -> symbol
• Michael Jackson Black -> Plastified

Axiom: Obscurity
Identity attributes can be

• what you know – you can lie
• what you have – loose / leave
• what you are – alter disguise

Axiom: Publicity
Identity attributes cannot be secret
By definition attributes aren’t observable can’t be used to use attributes
Axiom: Contextually
Identity is inherently subject to effect of scale.
Brandon Mayfield – guy who did not blow up trains
His finger print matched one at Madrid Bombing (it was not an accurate assertion)
Large databases -> not completely reliable
To scale identity information one needs to collect — more information

Consequence: Powerlessness
Identity is in they eye of the beholder – subjectivity.

• You can’t control what other people think or say about you.
• You can’t even know who knows what about you.
• Can control what you tell people but not what people find out

Consequence: Privacy Erosion
Scale requires distinguishing between lots of individuals which requires lots of information.
In a sufficiently large population the commonly agreed to be public attributes will not distinguishing individuals well enough.
So information about sensitive attributes will be collected.

In the UK they are look at putting in scanners (QinetiQ) while entering the subway to detect knives but what about creep in the use of other things identifying tatoos?
People push back against government identification.

Consequence: Due Process
Because identity is subjective, contextually, contention and obscurity and temporality.

IDENTIFICATION REQUIRES DUE PROCESS

But due process undermines the business case for identity. Due process requires transparency. Transparency reveals how identity attributes are collected and synthesized to make judgment. Collection and Synthesis are the only sources of completive value.

They do it because they like costumer intimacy.

Supply and Demand mismatch between favorable and unfavorable information.
Favorable information is easy to get.
The subject is happy to give it to you and the subject is happy to help you authenticate it. Therefore the supply is large and the value is low. But it’s worse: Demand is also low! Because favorable information is less likely to reduce another party’s risk. Especially the case when the other party has lots of potential customers.

The business case fore identity service provider infringes privacy.

The business of identity service providers is risk reduction withholding adverse information decrease the value of business.
Collecting more adverse information makes more.

Identity and Privacy are Incompatible.
Adverse information has positive identity value but negative privacy value.
Favorable information has zero identity value and zero privacy value.

Fable about MARIA

Recent guatemalan immigration
she has AIDS and she doesn’t want anyone to know. The health insurance company wants to know this information because it is a $180,000 not to know this.

Related posts:

1. Catalyst: Government Adoption of Federated Identity
2. Catalyst: SSO Simple Secure and Open – Dick on Identity .20
3. Catalyst Round UP

Homeland security directive 12
“Policy for Common Identification Standard For Federal Employees and Contractors” – August 2004

HSPD 12 Requirements

1. Secure and reliable forms of personal identification that are:

• Based on sound criteria to verify an individual employee’s identity
• Strongly resistant to fraud, tampering, counterfeiting, and terrorist exploitation
• Rapidly verified electronically
• Issued only by providers whose reliability has been established by an official accreditation process

2. Applicable to all government organizations and contractors except National Security Systems
3. Used for access to federally-controlled facilities and logical access to federally-controlled information systems
4. Flexible in selecting appropriate security level – includes graduated criteria from least secure to most secure
5. Implemented in a manner that protects citizens’ privacy

Expanding Electronic Government

Needing Common Authentication Services for

• 280 million Citizens
• Millions of Businesses
• Thousands of Government Entities
• 10+ Million Federal Civilian and Military Personnel

You can learn more on the GSA website – http://www.gsa.gov/aces

Related posts:

1. TSA data cloud searching – Flights today, Subways tomorrow?
2. Catalyst: Logic of Identity – Bob Blakley Chief Scientist IBM
3. Open Identity for Open Government Explained