O.K. I've hit a gold mine. It's called Tiara.org. Who or what is Tiara? “A PhD student in the Department of Culture and Communication at NYU, studying social technology from a feminist perspective.” Go to her “About me” page and it has everything except… a name – at least in a form straightforward enough to come up in a search engine. So for me she's just Tiara.
Tiara has assembled a spectacular identity bibliography. I'm going to ask if she'll let me put it up on identityblog – with credit to her, of course.
It turns out Tiara had blogged about the Times’ Facebook story over the weekend. Somehow through the miracles of ping-backs this floated past my desktop:
Kim Cameron, the architect of MSâ€™ Infocard Identity Metasystem, which Iâ€™m not at all a fan of, writes a great post on Facebook and the globalization of identity, based on the NYT article I blogged over the weekend.
Wow. Such a smart person is not a fan of the identity metasystem. I need to find out more about this. None the less, we seem to agree when it comes to some of the issues raised in the Facebook article. After quoting my piece, she continues:
Beautiful point: Facebook (& MySpace) are extremely performative communities, where the values being espousedâ€“ being cool, being â€œhardâ€, being sexy, being transgressive, being resistantâ€“ are those of mythical teenage worlds. Thereâ€™s not just a generation gap between teens/young adults and their future possible bosses, thereâ€™s a culture gap between the â€œprofessional worldâ€, where weâ€™re not really supposed to have any sort of interesting personal lives (witness the furor over academic blogging), and the â€œonline worldâ€, where weâ€™re supposed to be larger-than-life (microcelebrity again!).
I also like Cameronâ€™s point about companies not being â€œinvitedâ€ into these worlds. I definitely feel that Facebook is a private community, and I donâ€™t go poke around looking for my undergraduate students, because itâ€™s none of my business what they do in their private lives. But, again, as I said the other day, there are no regulations about searching social networking sites (or even just Google) , and there arenâ€™t likely to be. The justification that itâ€™s public information trumps the contextualization argument.
I talked to someone else recently who said that their local sheriffâ€™s office uses MySpace as a first resource whenever they are looking for something or bringing someone in â€” of course itâ€™s a young receptionist who does the searching. And universities like UC Santa Barbara are formulating specific policies to discipline students based on their Facebook information. So although I agree with Cameron, itâ€™s really irrelevant. As long as sites like MySpace and Facebook are viewed as public information, they will not enjoy any type of protection from authorities or employers.
It's not really irrelevant. There are a lot of issues buried here, and I'm not about to give up the ghost on them.
One question I have is whether it is possible for an operator to provide access to a site for specific reasons – and prevent it for others. In other words, is it possible to require those entering a site to sign a binding statement of use? Can liability be associated with breaking such an agreement?
Let's go further. Is it possible to prevent usage of a site for commercial purposes, or purposes of employment, or in the interests of an employer?
I'm going to be at the identity mashup hosted by Berkman Center for Internet and Society at the Harvard Law School next week. I'll should probably be able to find a few (hundred) lawyers there. I'll try to find out more about these issues.
But as Tiara says in her own interesting post on the matter:
So whatâ€™s â€œthe solutionâ€? Iâ€™ve heard three:
1. Young people should stop putting content online.
2. Recruiters and employers shouldnâ€™t use Google or Facebook to research potential candidates (donâ€™t hear this one very often, although youâ€™d think in a country where itâ€™s illegal to ask people to include a snapshot with their resume, there might be potential room for legislation here).
3. We just have to wait until thereâ€™s no longer a divide between your â€œworkâ€ persona and your â€œlifeâ€ persona. I know this sounds stupid, but I heard it from the CEO of Facebook. (Tiara heard it from the CEO of Facebook??? – Kim)
And hereâ€™s whatâ€™s actually happening: People are obfuscating personal data by using pseudonyms that can only be identified within situated, contextual networks, or by using services which allow them to restrict who can view their personal information. This is really the only one of these solutions which makes any sense.
O.K. So we totally agree. Contextual separation is one of the main concepts behind the identity metasystem. I suspect she has impressions of what we are trying to do that just aren't accurate.
In truth, InfoCards and the metasystem have been designed to enable privacy while still being able to make provable assumptions. For example, the system can be used to allow you to limit access to your site to full-time students – and recognize them when they return – without actually knowing their names or exposing their identities to the digital grim reaper. The very problems Tiara worries are not solvable, are actually some of those addressed by this system.
And in truth, they have to be addressed if the resulting infrastructure is to be consistent with the “third law of identity”. Identity information should only be available to relevant parties. As an industry we need to think about how the virtual fabric will work and offer people separation of context – or there will be a further and terrible erosion of confidence in cyberspace by those who constitute its future inhabitants.