Obsessive about Real Identity?

What, I'm not real enough?!I had started to write this in mid-October but never finished it… and the database crashed at some point while I was in the middle of writing it, losing almost all of the article 🙁 In the mean time, the recent interest in this topic, as well as M Linden’s announcement that they would allow people to register avatars with their real life names, as well as Wallace Linden’s strange article on linking real life data to your avatar, seemed to make everybody write what they thought about this subject, even my dearest friend, Extropia DaSilva. At the same time, the world apparently is moving towards having all your life posted to the public at large with Facebook leading the way, and this is seen as a Good Thing... with only the Alphaville Herald disagreeing. To make things even more interesting, Linden Lab just bought the social networking tool Avatar United, a Facebook clone where you’re not forced to use real names to register and which supposedly will (one day, perhaps) link your profile with your avatar name.

So, well, I recovered what I could from that 3-month article and rewrote the rest… enjoy 🙂 (or not!)

The recent subtle push to increase enterprise and academic acceptance of Second Life® (even though we have to be honest here and remember that SL is 99% residential use, and will very likely always remain like that) has pushed the focus again on identity and privacy; more recently, M Linden’s comments that 2010 would allow people to register avatars with their real name, Wallace Linden’s strange article on real life identity, some SL forum polls, and Linden Lab buying Avatar United, pushed the whole issue back into the foreground — again. It looks and feels like 2007, when Linden lab started to introduce third-party age validation.

Not surprisingly, the stance taken by Facebook on “revealing your real self” might have been a strong incentive for Linden Lab to re-evaluate their policies. Or… perhaps there is more?

One of those reasons has been the push to validate Second Life merchants, in order to turn content theft into the much more serious crime of identity theft or credit card fraud, which — hopefully — will be a stronger deterrent and limit piracy.

The other reason, however, has been for long the “need” for businesses to have an idea with whom they’re dealing with. Also, a few have expressed the idea that relationships can only be formed if you know who’s on the other side of the computer screen. The latter, as said, is not limited to Second Life.

And there is a third reason, which is a bit more obscure and will probably happen “under the hood”. Again, we can point at Facebook and see what it entails.

The Anonymous Internet

Consider the early days of the Internet. You can still notice who are veteran Internauts (do people still remember that stupid name?) by their email addresses. They usually have just three letters before the @ symbol. This was an ancient tradition, before AOL joined up their email systems with the Internet (so, yes, a long time ago!), and people just used the initials of their (real) names to create their email addresses. In those days, there was little thinking about who was who. People — human beings all! — were just three-letter acronyms. You wouldn’t expect to meet most of them anyway: the Internet was global and widespread, and it was far more likely to exchange emails with a colleague in Honolulu than with your roomie — just because that colleague would have access to the Internet, while your roomie was more worried about what to dress for the next party, or watched TV.

The corporate world sort of limited the choices you had in “business emails”. It was felt that email addresses ought to better reflect an employee’s real name. Common abbreviations (when usernames were supposed to have 8 characters or less) was an initial and the last name, or the first name and the initial of the last one, truncated to just 8 characters. Once system administrators finally managed to add more than 8 characters, the trend changed again to the more common format [email protected], which is still popular today.

But at the same time, phone numbers (even personal, mobile numbers) remained an arbitrary sequence of numbers. Why? The idea is that you’re supposed to only give your phone number to people you know/trust, and that nobody is supposed to “guess” your phone number unless you wish to do so. It’s not a “technological” limitation: nowadays, there is simply no reason to use “numbers” instead of an acronym or an email address for your phone number. After all, over 4 billion phone numbers are on mobile phones, and all of them are really pocket computers. All of them could use different ways of calling people over the phone. Skype certainly works fine without phone numbers. Yes, we can argue about “legacy compatibility”, but really, “telephoning” seems to try to be compatible with something developed 130 or so years ago… how many 130-year-old telephones are still connected to the telephone network? 🙂

To find a person’s phone number, you have to use a directory/index. Most people will be willingly listed on those. Most will also place their phone numbers (and email addresses of course) on business cards, either physical or virtual ones, specially if they’re in business and wish to be “in touch”. Thus, people voluntarily use “nicknames” for the “telephone network” and publish them as part of their “corporate identity”.

All this is deliberately placed between quotes because, well, we don’t usually think about phone numbers that way. The interesting aspect is that, until very recently, you could not make reverse searches on telephone numbers: this means that if you randomly got a phone number out of thin air, you cannot easily find the person it belongs to. Of course, with people voluntarily placing their phone numbers on web sites and social networking tools, it’s highly likely that, sooner or later, Google will indeed index it. But the point still remains: phone numbers do not represent uniquely an “identity”. E-mail addresses — although the recent trends (at least in the corporate world; in the academic world, e-mail addresses like st[email protected] are still popular) are to put the name as part of the address — in a sense are also a “personal” choice, in the privacy sense of the word: most people will only “reveal” their e-mail addresses to people they know or that they have a personal or professional interest in, and it will not always be “obvious” what your e-mail address is if you don’t give it to others. Similarly, except for professional use, if you receive an e-mail out of the blue, it might not be obvious whom it belongs to: [email protected] may be anyone, even someone not called “John Smith” — although it’s quite certain that someone like [email protected] is, indeed, Microsoft’s Bill Gates. Why is that so? It’s actually a notion of trust transferral. Due to the way the Internet e-mail system actually works, only people inside their own domain are able to set up their e-mail addresses, and it’s highly likely that a company will not create “fake” e-mail addresses for their employees (or at least that’s what we expect not to happen). Granted, although under the .com domain anyone can register any domain name, in practice, due to the threat of litigation, it’s often hard to get another company’s name and use it for illegitimate purposes. (Some countries will not allow anyone but the legitimate trademark owner or company name owner to register for a domain name, and may require formal proof of intellectual property rights over that domain name before it is set up at a country’s registrar.)

So once you trust that a company’s domain name is, indeed, legitimate, you will also trust that an e-mail address from that company will, indeed, be assigned to a legitimate employee of that company. This is a concept that doesn’t exist, say, for phone numbers, which are quasi-randomly assigned (or even if they aren’t, the relationship between the company name with its telephone number is not clear). Personal e-mail addresses, however, have absolutely no relationship with someone’s identity. Nevertheless, we’re prepared to accept an e-mail address as a legitimate identification of a person — often even legally binding. Which might be surprising, since it’s quite easy to forge an e-mail address, or a message coming from a forged e-mail address — it happens every day with the billions of messages sent by spammers.

Similarly, nicknames on IRC and other more primitive forms of online communication, started by being pretty random and anonymous, “funny” monikers. The whole concept of “using your real name” for an IRC nickname was simply ludicrous. What would be the point — except potentially to laugh at a colleague if they just typed something pretty stupid (because, say, they were drunk 🙂 ) and made a sad figure of themselves? Practical jokesters might be curious about who was behind a nickname, but there was little point beyond that. Unless, of course, we were talking with a criminal (or potential criminal) under surveillance…

The Web curiously was the first place where things started to get a bit blurred. The notion of the “home page” — a place where you put your personal pictures and rant about yourself in narcissistic hedonism — slowly caught on. In the very early days, it was probably the place for your academic resumée (CV), but soon it became the space where you placed what you were interested in. The early Web, being mostly a geek-controlled environment, soon had lots of pages saying what episode of “Star Trek” you liked best, or lists of cheat codes for your favourite game, or how to rewire your computer to get some extra performance from your motherboard.

But parallel to this, companies started to advertise their services on the Web too. And asking you to give them their credit card numbers. Up to that time, people gladly gave their credit cards to complete strangers on shops, but also on phone calls, faxes, or letters. The Web, however, made people still think twice. What if the page I’m seeing is not what I believe it is? Is this “microsoft.com” address really the page for Microsoft? How do I know who is behind that page?

Granted, digital certificates validated by reputable third parties gave people an extra sense of security, meaning that the page they’re seeing is really from the company it claims to be. But obviously just because you have a digital certificate and a page starting with https:// it doesn’t mean that the company is not a fraud. They might be an established company selling fake goods, or double-charging your credit card, or engaging in any kind of illegal business. How could you know? On the Internet, nobody knows you’re a dog — and even if you show proof you’re a dog, how do I know you’re an honest dog?

(As a side note, this old 1993 cartoon is the reason why most people in my country routinely get credit cards but wouldn’t dream of ever using them on a web site. Such is the power of a cartoon!)

The social web means… exchanging information about yourself

With the dawn of the “social web”, the humble web page turned into a blog, but also… into a RSS feed. Now people would not even tell their friends about the pictures they took when they were drunk on the dorm after a wild party, but all their friends would get notifications on the “news”. At the other end of the spectrum, matchmaking agencies thought that their services could not only be successfully offered through the Web (like FriendFinder, a dating service active on the Web since 1996), but marketed much more successfully that way, by enacting monthly subscriptions from their users. The idea was that if you wanted to meet someone, you’d be allowed to place your profile with an ad there for free. If someone wished to contact you, they had to subscribe to the service and pay for it. This is still a popular business model. Since placing ads is for free, these services quickly get tons and tons of “free profiles” from users eager to be found by their prospective mates. But to access that information, you have to pay for it.

So in a sense your privacy was guaranteed on those sites, since the business model was based on selling access to all those profiles. Sure, any client of the service could take a peek at all profiles. But the people posting their profiles did want to be found! Needless to say, they posted as much information as possible — even linking to their own personal blogs. Now a link was forged, a link that would only multiply over the years, binding “real data” to “online information”.

There was an “unwritten code of ethics” (probably dating from the time of the Netiquette) where people self-checked the amount of data they were willing to share. You never knew who was going to find you on a matchmaking service: so you kept your pictures to a reasonable level of decency. After all, who knows, you might be secretly planning a divorce and looking for a future partner, and your husband might log in to the same service and get valuable data for his lawyer to speed up the divorce process… or, well, the teenager that subscribed to such a service might just find out that their mom might be shocked at the kind of pictures you post there! Similarly, BDSMers might not be too happy to have their employers look up your profile on a BDSM matchmaking site and, well, fire you — notwithstanding the non-discrimination acts on most countries in the world. Or at least making your life in the office unbearable.

Matchmaking services also tried to screen the content submitted — not necessarily because they were prudes or suddenly got paranoid about their clients. No, they just wished to give their paying clients high quality profiles, to make clients would get good value for their money. A “fake” profile that just had a few pictures from a 55-year-old mom posing as a teenager supermodel (preferably one from a distant country) would just elicit strong complaints by the clients paying for the service and actually not getting what they had paid for — namely, real information about real persons. (Yes, I’ve seen dating sites posting pictures of models and actresses on their registration page in order to lure unsuspecting males to log in — who soon found out that that there was nobody listed in the profiles with those pictures.) Sites that were able to check their user’s profiles as much as possible would ensure a good quality of service, and thus become more popular; word-of-mouth from happy customers would spread quickly on forums, mailing lists, Usenet news and similar venues.

Still, the idea is that in a limited environment, for a specific purpose, the amount of real data published online would give the idea that the service had a higher quality. While this was limited to dating services, people were fine in publishing their data that way.

After the collapse of the dot-com bubble, Web 2.0 started pushing this notion to the limits. Why should only people with the specific need for finding a partner have their own profiles? Early social networking sites like hi5 or Friendster (both still active!) started to pass the message that everybody should post their pictures online. This is an interesting development, worth analysing from an anthropological point of view. Our society has slowly become more and more hedonistic, turned to narcissistic self-pleasure. “Slowly” is the keyword here: if it were too abrupt, we might have noticed it sooner. But it becomes pervasive and ubiquitous in a very gradual way.

I would place the start of this perhaps in the relatively early years of TV contests. They gave people this notion that just with a bit of luck, you could have your moment of glory, and be broadcasted live to an audience of millions. The pull from “fame & glory” would make people do sad figures of themselves just to get a few minutes of fame. You might never be part of the jet-set that gets invited by Oprah, but you could have a few minutes on Jeopardy. TV is just TV, after all. With the explosion of new contests, new channels, new reality shows in the past 20 years, this of course increased. “Being on TV and be seen by millions”, a mere dream in the 1950s, became ever so easier these days. I remember as a teenager thinking that it would be highly likely that I would never be on TV in my lifetime, not even for a second; I have no special talents or skills, I don’t know the right people, a lifetime of hard work and labour would never give me fame, glory, or glamour — and I’m too unlucky to be picked for a TV contest, even if I applied (which I never did). Since the 1990s, I think I was on TV a dozen times or so. I did absolutely nothing to be worth that “honour”: it’s just that “being on TV” is simply not as “special” as it used to be.

Still, that idea that you suffer for being part of the anonymous crowd of billions that never went on TV yet has driven people to the new media. You might not be on TV, but you could be… on YouTube. Or, well, on Flickr, on your own blog, on your MySpace page. Due to the way the snowball effect works on social media, if you get 50 friends linking to your “virtual presence”, these 50 friends might also have some other 50 friends, and so on — until, well, you could potentially get millions of people “watching you” — just like on TV. But it is far more easier to do so on the Web (or so it seems). All it takes is to fill a profile, paste a picture, and invite a few friends.

Granted, it’s not that easy to get an audience of millions on YouTube — you have to have something that interests people, and this “special something”, sadly, is not widespread. But that doesn’t really matter. Geeks, for instance, will have millions of geeks to follow them — the GeekWorld™ is not popular on TV anyway, but a geek can be a prima donna on any social website for geeks. Replace “geek” by any other label that fits your self, and it’ll work out for you, too. The Web is too vast, with too many people, too many interests — it’s so easy to find “a million people just like you” with relatively little effort. You can be famous among your peers, even if your interest is in doing Lego machinimas.

What social networkers found out — like bloggers before them; like Usenet posters even before that; like mailing list/BBC users even before that — is that the lack of quality of content can often be compensated with an increase of quantity. Thus, someone with a profile that gets few updates and has no pictures in it might be completely overlooked. Post a picture every day — or write something on your profile every day — and people will start to see new, fresh content. They will be dragged to something that updates frequently (one of the oldest recipes for success on the Web). No wonder, of course, that Twitter and Facebook, where people usually do hundreds of updates per day (if not more!!), quickly became the hub of Web activity. No wonder, either, that the first “updates” that people did on Twitter (and later on Facebook as well!) were just stupid, irrelevant things like saying “I’m in the bathroom washing my teeth.” or “I’m waiting for the bus to take me to school”. (I’ve done it too, so I’m as stupid as everybody else 🙂 … and I still occasionally do it as well 🙂 )

When we get to this point of sharing information to the utmost detail, there is simply no privacy at all, because people are voluntarily telling everything about themselves, even the most sordid details of their private lives.

Act III: Enter business

Now once you had all that information voluntarily on the ‘net, what would be the next step? Well, data about consumers’ habits is valuable. If you could, say, gather all people on an area that have tweeted about the Coke they just drank, wouldn’t it be nice for Coca-Cola to stage a promotional event in that neighbourhood? Now that we can link what people think and say about themselves to their location and the date they did something, the profiling data at the disposal of marketing agencies increased tremendously.

We’re all being profiled every day. Most of it can happen anonymously. If you shop regularly at a supermarket, you might soon find out that they will carry the majority of the products you like, and the ones you bought just once but found unappealing will quickly leave the shelves, never to appear. This is true for the average shopper (while, on the other hand, if you happen have an extreme tastes, you might find your local supermarket to get worse and worse over time, as your favourite products will never go back to the shelves). Supermarkets — and all sorts of retail shops, really — manipulate petabytes of data every day, from all locations in the world where they operate, to provide you with the best shopping experience possible, by measuring trends, product placement and its success, and consuming habits over the year. Some might see this as a form of enhanced service: on average, the products you like most will always be in stock and easily available.

Some of that data might not be so anonymous, namely, if you’re using a credit card, for instance. That way, the supermarket chain might be able to tag your shopping habits to a single person. Your experience might be different, but I always find it amusing that a local chain always gives me discounts on the products I like most. After a few years, they know exactly what I like and what I usually buy. If I always shopped for food at the same place (I don’t), they could probably pre-stock everything on the exact day I enter the premises, and the attendant could just hand over a personalised bag with my groceries. We’re not at that point, but… close, very close. The point is, this isn’t “new”, but something that for long has been taken for granted.

Similarly, you might have noticed that most ads you see on my blog are related to things you like — and while virtual worlds might be quite high on the top of the list, it might not be the only thing listed there. Google first indexes my blog before it places ads on it. But it also checks my Google AdSense profile, where I give tips and hints on the kind of adverts I’m happy about, and which types I don’t like. But on top of that, if you’re logged in with your Google Account (because, say, you might have just checked your Gmail), Google will personalise your ads further. While my blog is not the best example — I do filter out a lot of ad types — you can make this experiment on a more generic website, like on a news site.

How does this work? Every time an email is delivered on your mailbox, Google scans it for keywords. Over time, Google will know who your friends are and what kind of information you exchange on your emails, about, for instance, shopping preferences. Google will know where you work (if you get some business-related emails on your Gmail account) and what kind of work you do. It will also have a good clue on the kind of activities you participate. If you use GTalk, it’ll also know what interests you have in common with your most close friends. Put that all into a profile, and everytime an ad is shown you by Google’s AdSense network, it will be as personalised to your tastes as possible.

Scary, isn’t it? You bet!

Facebook, with Microsoft’s ad technology, is actually even better (sorry, Google 🙂 ). I was actually fascinated how they always placed ads for promotions to win new boots (and what gorgeous pictures I got!). It was such an uncanny coincidence until I found out what triggered it: on some place of my profile, it says something about “fashion”. It’s not easy to find, but it was possibly enough for Microsoft’s ad engine. And probably (who knows?) they found out about my profile on Stylefeeder — which shares at least the name and the email address with Facebook 🙂

Well, and it might be a coincidence. Perhaps it is, for 2010. But the technology is here, and it’s quite powerful to find those things and present them in the form of a profile. A personalised ad experience is far more effective than random spamming (in fact, I surely hope that the sheer stupidity of mass spamming disappears soon, as it’s way far easier to get a return on Google AdSense or Facebook ads than through “blind spamming”). If you have to live with ads, at least I’m sure you’ll prefer to see ads for products and services that at least have some marginal interest to you…

Now the perversity of this whole system is that to make sure that it works well — for the ad buyers and the ad networks — the information people present online about themselves has to be as accurate as possible. The more information you post about yourself, the better; but the more accurate it is, the more “valuable” your profile becomes. And the more valuable profiles a company is able to sell, the more money they can make, as ad placers will naturally gravitate towards the companies offering the best profiles.

It is quite clear to see that this trend is not going to stop. Companies offering user-generated content on their web-based services will try to extract as much possible information from their users. Profiles these days are still “basic” (people don’t want to type so much…), but you can infer a lot from relationships, groups you join, or the location where you are. Thanks to GPS tweeting, Twitter can now even give their profile clients an overall idea on the movements of their users. Facebook has turned part of their profiles public and changed their Terms of Service to make sure that at least some indexing data falls in the hands of the profiling companies — but additionally they have pushed for “only real identities” to create profiles in their service (which will give them a huge advantage over Twitter, since many of the most interesting services to follow on Twitter are not “people”, but bots… like, well, SLGridStatus). This has raised a controversy as Facebook became more and more aggressive in implementing their policy.

The controversy, however, might just be an overreaction by the ones that are not happy with the end of privacy. We all know that it’s only people who care that are vocal about what they think. Most people simply don’t care. Of those, only a very small part are actually vocal — they don’t care enough to talk about it. Oh, sure, they might comment about something they dislike with their friends over a cup of tea, but they won’t bother even to write on their Facebook timeline. And to be very truthful, most people really don’t bother about their “privacy”. In fact, they might be against all sorts of privacy: this is specially true if they had a bad experience online, for instance, like buying something on eBay that didn’t look like what was announced on the picture, but found it would be next-to-impossible to effectively complain.

At some point in our history — and some claim that 9/11 was the turning point — we became artificially “security-conscious” and the tide turned. From a world where privacy and revealing as little as possible about your identity, we found out that the world out there is full of creeps — from terrorists, to scammers, to paedophiles. We got scared; a different kind of “war on terror”, which has little to do with sending ICBMs and Marines to distant countries with exotic-sounding names, has been growing, by attacking one of our hard-worn rights: the right to privacy. To the old argument that we ought to read “1984” to understand what it means to live under a regime where privacy doesn’t exist, the counter-argument is usually “George Orwell was not alive in 2001”. The world changed, and it changed to the worst: we’re now aware of all the worst criminals lurking under the pretence of anonymity, and we want to get rid of them, even if it means tagging everybody in the world with a RFID chip which would also be used to log in to your computer. While we would laugh at such an insane idea in, say, 2000, we’re actually building that dystopia by 2010 — one step at the time.

Second Life’s counter-culture of privacy

In the deepest corner of the Internet, hidden on co-located facilities in Gibraltar, Malta, or even Russia, popular culture imagines the Undernet: a network outside the civilised world, populated by the denizens of pornography sites, where crackers exchange software freely, where nobody uses a real name, money is laundered on online casinos, and paedophiles routinely exchange pictures on IRC.

In a sense, while this all was away on dubious websites in even more dubious locations, it was not “threatening”, because there was a feeling that, at a click of a button, you might get rid of all that.

In reality, of course, there is no “difference” between that mythical “Undernet” and, well, the Internet we use every day. Your peaceful co-worker might be a good Christian which you meet every day going to Sunday School with her kids, but during the night, she’ll be posting bondage pictures of herself on SmutVibes — while at the same time tweeting about her favourite shoe shop downtown, and talking on the “Christian Moms” group on Facebook. 🙂 Of course nothing is ever so extreme, but the point is, there are obviously some things that you’re not so keen to have revealed in public. It might just be an embarrassing picture of your cat puking on the carpet that your mother-in-law just gave you as a gift. It could be a video you made with your sweetheart last summer — but since the relation broke, you have no interest that anyone still watches the video. It might be an article you wrote about one radical leader of a left-wing organisation that you admired in your youth, but that you have long since figured out that he was actually being backed by a big megacorp. We cannot erase our pasts (or even what we do in our present!), but at least we can opt to reveal as much as we wish about it.

Even the present is not supposed to be open to public scrutiny. Imagine that you have posted a lot about your latest shopping spree and now complain to your friends on Facebook that you’re worried that you might have hit the credit card limit and need to take a second mortgage on your home — how would you feel if your bank actually gets that information delivered to your bank account manager through a profiling company? Or imagine that you’re seeking online advice from your friends regarding a failing marriage, but definitely don’t wish your kids to know about what you’re discussing — but since your timeline is open to the public, and Twitter can be accessed by anyone, your kids quickly find out about it? You can think of several examples on how some information, which might be directly relevant to a group of friends, shouldn’t be available to the public — not even a profiling company which “promises” you not to reveal any of your data to third parties. How can you trust companies like Twitter and Facebook not to do so, if their business is all about profiling data? (and of course they’re not the only ones; Google is probably even better than them, just a bit more quiet — except when it comes to explain to customers how Google AdSense works).

It is true that “if you have nothing to hide, you have nothing to fear” — but that’s a typical conservative, right-wing approach to security, privacy, and identity. In such an Orwellian dystopia, honest people can be watched by webcams in their own homes. But it will also mean that perfectly legitimate and honest activity — like, say, grumbling out loud that your employer is a pain in the ass — might be overheard by someone who simply ought not to have the right to that private information. If you have freedom of expression, you ought to be allowed to complain about your employer, even in public, but most definitely in private — without fearing a libel suit.

If you have guaranteed anonymity, you might even go a step further: even in a country without freedom of expression, you will be able to talk about whatever you wish — the most recent example being the case of Iran protesters, but history has shown us, with millions of examples, how important it is to be able to protect your identity in order to be “protected” from your own Government as well. This is even a fundamental human right (Article 12 of the Universal Declaration of Human Rights, 1948).

You cannot say that any of these websites are actually committing a crime against human rights by violating your privacy and forcing you to reveal your identity in public. You’re not forced to use any of those services. And this is an interesting paradox. For instance, right now, it’s next-to-impossible, over most of the Western world, to get a skilled job without an e-mail address (unskilled jobs are still fine). At some point you really will need to have an email address. Even some Governments, while not ostracising citizens without email addresses, will seriously encourage you to get one, so that you can, for instance, pay your taxes online and get a receipt by email.

Now imagine that these social websites become even more widespread. Already a sixth of the Internet population has a Facebook account; a fifth has a Gmail account. It is not impossible to imagine a date in the future that “having a Facebook account” is mandatory. It’ll start with companies recruiting people — they will frown upon someone who hasn’t a Facebook account, since they will find them “revolutionaries” or “non-comformists” or simply too weird, and not worth of being hired. We’re still a long way before that actually happens, but the way is definitely paved for that. Or perhaps not? Wallace Linden already publicly claims:

Both Google (via Friend Connect) and Facebook (via Facebook Connect) already offer services designed to take the place of your Social Security Number or national ID in the new century, and the competition among them and other players to control who you are is only due to heat up.

So while you can always say, “sorry, I don’t have a Facebook account, because they don’t allow me the level of privacy I require”, but won’t that sound pathetic in an era where nobody cares about privacy any longer? If I were writing this article in 1990, I’d be called out as merely attempting to write a bad pastiche of Orwell’s “1984” and laughed at. In 2000, I’d be seen as a pessimist. After 9/11, I’d be labelled as someone encouraging terrorists to become widespread by defending the rights of people to stay anonymous on the ‘net. In 2010, the battle is lost; we can only speculate about how long it takes. Probably as long as the RIAA to disappear, e.g., not very much.

It’s at this point where Second Life almost seems an anachronism. From all the changes sweeping through the net, encouraging people to share more and more about their real lives, virtual worlds, by contrast, still have a strong position regarding privacy. It’s like they are the last bastion of privacy, an isolated island, but slowly sinking in the ocean. Both business and academia are strongly pushing for privacy to end in Second Life — mostly because they have this delusion that fighting privacy means “more honesty” (and having as a side-effect the end of adult content and illegal gambling in SL). And while LL has not abandoned privacy altogether, M Linden seems to be giving out signals that the end might be near. Wallace Linden’s article only reinforces that position. Hamlet Au on New World Notes claims on a poll that “over a third publicly associate their First Life identity and name with their Second Life activity” (the fact that two-thirds don’t have anything to do with that is grossly misrepresented…).

But the notion that “less privacy” means “more honesty” is a stupid fallacy, that can only be believed by very naive people — which, sadly, are by far in the majority.

Reputation and identity

The whole question of “privacy vs. public information” is naturally more important in at least two areas. One is for personal relationships — it’s very hard to fully trust your beloved partner if you don’t know much about them — and the other for business relationships. The first case is a more complex one. Obviously that if all you’re looking for is a friend you wish to talk to, there will be limits to what information each will reveal to the other. I remember that I didn’t know that my best friend from college was a swinger for over 15 years of a very close relationship. Some things don’t need to be “revealed” to maintain a stable friendship; what happens in your intimacy is not really needed to be shown in public. On the other hand, it is considered that to do successful business transactions, one has to prove their reputation with — documentation mostly. I might be wrong on this, but the whole point of “incorporation” is to establish the legitimacy of your company with a registration authority.

The problem here, as usual, is the subtle play on words coming from personal interpretations of what “identity” and “reputation” mean — not to mention “legitimacy” or, even more vaguely, “trust”. I find Robin Harper’s (ex-Linden) words quite interesting:

Trust is the foundation of any community. And one cornerstone of trust is identity. You’ve got to know something about the person you are dealing with before you can trust them.

Let’s tackle the easiest aspect first, personal relationships. Again, we have to separate two areas: the first is merely an “acquaintance”, someone you met, but don’t plan to hang around with for long. You might share a common background: hobbies or special interests. The way you convey this information to establish the “trust” part of the relationship can wildly vary. Traditionally, we would talk about it: “oh, I love to watch movies”. These days, we might put that on our Facebook profile, or chat about movies on MSN. Then we have to validate those claims, to establish reputation: we’ll go out with them to a movie and see their reaction. Will they behave in a way that shows that they’re pleased with the experience, or were they just bragging about it, but misrepresented themselves for any kind of personal advantage? In real life, we’re usually good at detecting lies. It’s not perfect — unless someone claims being able to read minds 🙂 — but we’re actually quite good at “reading” body language. We can see if someone is comfortable in a movie. We can watch their reaction after the movie. A good, talented actor might be able to mimic the reactions of a movie-lover for quite a long time; but how many among us are truly able to keep that pretence for so long? Some studies show that actually lying is not so easy as many people might imagine it is; that’s why for a given population, the number of liars vs. honest people is low, even if you take in account this study that claims that 1 in 25 adults are liars or even sociopaths. I wouldn’t be much surprised if we could assume that 96% of the human population, on average, is honest — this would be consistent with the article “What the Bagel Man saw: mankind may be more honest than we think” by the authors of Freakonomics. If you haven’t read the book, you should; it gives you a huge insight on what really motivates people to behave like they do.

So we can very loosely define that establishing reputation on a personal “casual” relationship is just screening the facts to see if they confirm the claims made by an individual. In essence, figuring out if this person is part of the 96% of humankind that is honest and doesn’t lie. We have several ways to assert that, but body language is quite a good way to figure it out. Among those 4% of liars, only a tiny fraction is able to conceal their body language and be able to maintain a “fake reputation” for a long time. And among those that are “perfect” liars (in the sense that they can maintain the illusion for a long, long time), only the tiniest percentage will actually use those “powers” to become criminals.

Nevertheless, we’re taught from a tender age that the reverse seems to be the norm, and that honest people are the exception. We know from experience how easy it is to lie about simple things; we might even know, also from experience, that some lies can go a long way. However, unless you have a religious/moral background, qualifying lies might not be so easy. Let’s imagine that your new friend claims to love movies, but in practice, he just likes blockbusters. You go with him on a date to an intellectual French movie, and you can read from his body language that he’s bored and disappointed. You might then confront him with the reality of the facts: did you lie to me when you said you loved movies? If not, why didn’t you like this one? A small breach on the armour of honesty has opened up, but how will that person react? Very likely by minimising the whole episode by saying, “I like movies, but not this kind of movies”.

So did he lie in the first place — or wasn’t clear enough (deliberately so, to catch a date with you) — or simply didn’t have enough information (he assumed that everybody equated “movies” with “blockbusters”; or wasn’t even aware that “intellectual French movies” were something that people could watch on theatres)? You see the degree of fuzziness that this simple example incorporates. Reality, as we should by now start to realise, is never black and white.

Now imagine that the same scenario would be played on online conversations. Would it be easier or harder to spot the “lie” (if there was a lie)? We tend to immediately think that it would be harder, since body language is not conveyed over an online communication. Well, I won’t repeat myself; we have that argument for over 120 years with telephone communications. The phone doesn’t convey any body language, but you can still detect most lies over the phone. Why? Because your brain is a fantastically adapting machine: it can make up for the loss of information quite dramatically, and work with partial data quite effectively. Biologists argue that this is a strong evolutionary trait that we have mastered to perfection: if I see the bushes moving, if I hear the growl of a large feline, if I notice birds flying away from trees… I don’t need to see the tiger to know that one is hiding behind the bushes. Quickly reaching to conclusions (and correct ones, most of the time) in face of partial data is a major human ability that we have honed to near perfection.

That’s why we can spot liars on the phone too, even if we don’t “read” their body language. It might be harder, but we’re so used to phones these days, that we will see little difference. Voice is a high-bandwidth medium, too, and a lot of subtle emotions are “encoded” in a voice communication, that more than compensates for the lack of visual feedback. Like on the example of the tiger, you don’t need to see it to feel fear and run away; just listening to its steps is enough to trigger the adrenalin shot that will allow you to run to safety.

Now, online non-vocal communication is yet a step removed; it is also quite recent. While we have 4 or 5 generations of telephone users, we just have one generation of online communications, and the second one is being brought up with those as being a natural extension of people-to-people interaction — like the phone was for our parents, but less so to our grandparents or great-grandparents. This means spotting the tiger while you just watch the birds flying away from the top of the tree — but you neither see nor even hear the tiger. You will still run away from it, though. We’ve evolved to detect those tiny signs and correlate them in our brains.

Ironically, it’s pretty much this area of “hunting skills in the wild” that is believed to have evolved into text processing: the area in the brain that processes written language is apparently the very same that is used by a hunter to detect tiny tracks on the ground or “read” trees and the environment in search for clues, for prey and predators. Allegedly, again, this is one of the most sophisticated data-processing areas of our brain, and one that is intensely related to deal with partial data. A typical example is showing how you can read almost as fast a phrase where all words only have the first and last letters in the right place, e.g.:

Aoccdrnig to rseearch at an Elingsh uinervtisy, it deosn’t mttaer in waht oredr the ltteers in a wrod are, the olny iprmoatnt tihng is that the frist and lsat ltteer is at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae we do not raed ervey lteter by it slef but the wrod as a wlohe.

See how you can read this perfectly? (and yes, that explains why we all are perfectly fluent in Typonese 😉 )

Back to the point, what is important is to recognise the power of extracting meaning from partial information. For me, one of the hardest challenges to replicate the workings of the human brain is not the intense pattern-matching that we constantly do; it’s dealing with partial information and still get a correct interpretation.

This is naturally important to establish trust. You don’t need to have someone recite all their deeds in the past since the day they have been born to get an idea if they’re honest or not. A few scattered examples — sometimes even wildly unrelated, like the example with birds flying away from trees meaning “a tiger is lurking in the underbrush” — are usually enough to know if you can trust this person or not. In fact, the major difficulty of constantly keeping up a good lie is this very same issue: you might get “caught” by moving to a totally unrelated field, which will trigger the warning that this person has lied before. Let’s take the movie example again. You might have some doubts after watching the French intellectual movie with your new friend, and are prepared to accept that he only meant “blockbusters”, but let’s assume, in the middle of the conversation during dinner, that the waiter brings you a strange-looking dish which you don’t recognise. “I have a bad feeling about this”, you might say, and giggle at the common reference. If your date goes “huh?” that’s a very bad sign. Any blockbuster fan would immediately recognise the reference to Han Solo in Star Wars. But if your date was lying about being a movie fan, when the conversation is completely unrelated to movies (but food!), the connection is lost. Even a very good liar would never recognise this connection (you would really need to be a fan of blockbusters to know the reference). A good liar might be able to “recover” from that situation and say: “oh, oh, of course, Star Wars, gosh, I watched that so long ago, I don’t remember any lines any more, I really need to watch it again to remember the plot”. Convincingly said, this might persuade you that this guy just has a bad memory. A bad liar would be stumped at this point.

So one might establish that at this level, reputation is the ability to prove facts related to a certain field or area of conversation/expertise that is claimed to be mastered, even on subtle relationships which might not bear much relevance in a discussion. That’s why we usually have reputation “in a field” and not “reputation” as merely having a vague “good reputation”. It’s also more usual to employ the word “reputation” when speaking about your (claimed) area of expertise, be it professional, or a hobby.

Now we have to examine how this reputation is “measured”. In normal conversation, on a daily basis, it means connecting with people in the same area or field of expertise, and see what experiences they have relating with this person. If someone claims to be a Terry Pratchett fan, and you talk to other Pratchett fans, you can ask them: “did this person correctly quote Lord Vetinari’s views on democracy?” If a sufficiently large number answers “yes”, you can be assured of this person’s claim to being an expert Pratchitte. You don’t even need to ask the person yourself! And here comes a crucial point: the mere network of connections will establish that reputation, even if the person claiming to be an expert is not able to answer. Thus we come to a point where direct interaction with the person is not necessary. In fact, when you think about the meaning of the word “reputation”, you’re much likely to think in terms of this network and much less on the individual.

In fact, the Wikipedia defines reputation in the following way:

Reputation is the opinion (more technically, a social evaluation) of the public toward a person, a group of people, or an organization. It is an important in many fields, such as education, business, online communities or social status.

So you can see reputation as an emerging characteristic of the social space which applies to the person. The individual can be “honest” or not, or not even aware of their reputation; what matters is what the public says. And how does reputation emerge?

We can go into very deep thinking on this:

Working toward such a definition, reputation as a socially transmitted (meta-) belief (i.e., belief about belief) concerns properties of agents, namely their attitudes toward some socially desirable behaviour, be it cooperation, reciprocity, or norm-compliance. Reputation plays a crucial role in the evolution of these behaviours: reputation transmission allows socially desirable behaviour to spread. Rather than concentrating on the property only, the cognitive model of reputation accounts also for the transmissibility and therefore for the propagation of reputation.

Whew! So this is quite complex. On one hand, evolution is at work here: as we’re gregarious (e.g. social animals), we tend to evolve behaviours that benefit groups at a whole. A good reputation is a measure of an acceptable behaviour for that group; thus, since we’re also cognitive, sentient beings, we tend to spread information about “good” or “bad” reputation (in the sense of having more benefits inside the group, or damaging the group’s cohesion), and that’s how this “reputation”, attached to an individual, is “spread”. On the other hand, it’s also a cognitive faculty. We are exchangers of information, and one of the many kinds of information we exchange is our “meta-beliefs” about other people. But it’s also an ethical value: if you conform to a social group’s norms and conducts, that means you’re a valid member that benefits the group, and this information gets widespread inside that group (and, conversely, if you behave outside the group’s acceptable norms, that information will be spread as well).

The major point to be made here is that ironically reputation is less linked to the individual than we might think it is, but it’s linked to what the group thinks/believes about the individual. I hope this makes you suddenly go “oh, wow, I never thought of it this way”. In reality, it’s a fallacy to think that one individual, in isolation, can “magically create” out of nowehere a “good reputation”. They can claim to have that reputation — usually because this is how people think about what reputation means, e.g. that someone with a good reputation would be honest and not lie about their own reputation — but that’s not really the same as “having a good reputation”. You cannot “have a reputation” outside the group where that reputation applies.

Here is now a more breathtaking concept. Suppose that you wish to know if this guy you’re going on a date with is, indeed, a movie fan — before you go out with him. So you ask a group of movie fans about this guy. The group’s answer might be: “well, he loves to watch recent blockbusters, but is not really familiar with anything produced before 1995”. In that case, it’s most likely this guy would never see the reference to Han Solo; also, going out to watch a French intellectual movie is very likely a very bad idea.

So far so good, but… this also means something more. In fact, by establishing this guy’s reputation — through what the group says — you’re going to project that reputation on top of this guy’s personality. So well before you go on a date with him, you already know what to expect from his personality: he likes recent movies, but not French movies. This will make him fit into a little box with a label in your mind; and you will react to him accordingly. Now all this happens well before you have met him! So you can infer someone’s personality from their reputation, and this is mind-boggling. In fact, Wikipedia even claims:

Reputation can be considered as a component of the identity as defined by others.

We’re now using a completely new approach to what it means to trust someone. If you have a way to ask a social group what they believe about a certain person, you can define their identity (or at least, part of it, namely, the part you have an interest in). That’s all you need.

But we can argue that this might be very interesting in philosophical terms, but, in the real world, that’s not how it works. In the real world, we have ID cards, social security numbers, college diplomas, all sorts of certificates, a plethora of documents to “prove” that we are whom we say we are, and that we have the skills/knowledge/competence we claim to have. Philosophy is very nice, but that’s not how the world works.

How short are our memories!… in fact, the notion that a piece of paper printed by Government gives someone their “reputation” — and thus establishes their “identity” — is a rather novel idea. I would claim that it’s something that only started to be addressed during WWII, and, strangely enough, it’s at the root of totalitarian regimes (be they left or right; that hardly matters, both behave similarly). So we have barely three generations that have spread this “belief” that a bit of paper establishes “reputation” and “identity”; all generations before these have developed rather complex civilisations without that need.

Nevertheless, this didn’t suddenly pop up into existence from one day to the next. “Government seals”, for instance, are millenia old. The idea is that in the absence of a group that validates your reputation or your identity, you rely on proxies to establish both. So a messenger would bear a message from the King which would be accepted because it exhibited the King’s seal, which was reputed not to be easily forgeable. Governments would emit credentials for diplomats (the origins of our passports!) because you might not be able to establish the reputation of the diplomat directly, but you might be able to use the government’s own reputation as a proxy. If reputation is the free exchange of meta-beliefs over an individual inside a group, and you trust a member of that group, you will rely on that group’s word to establish reputation — you don’t need to ask the whole group. When a Government is part of the group that establishes reputation (and identity!), you trust what this Government says about the individual.

We might not go that far, of course, and see things at a lower level. For instance, while examining a doctor’s reputation, you might be unable to ask all fellow doctors about their opinion (you might not even know which ones are in touch with your doctor!). So you’ll have to rely either on an association of medical professionals to emit a certificate saying that this particular doctor has a good reputation in the field, or read the university’s diploma to validate the claim that this doctor has actually studied there. Thus, reputation-by-proxy is a more abstract level of establishing reputation, one that allows our complex society to work.

In fact, and going to the original examples in this chapter, you might now understand the need of “incorporating” a company. Incorporation will mean that this particular company has been validated by Government and is complying with all regulations and laws. Again, we have the two elements establishing reputation — the group (in this case, a nation) and the norms of social conduct (the nation’s laws). You rely on a proxy (Government) to establish that this particular company complies to the norms of social conduct inside the group (the nation, in this case). You don’t need to ask all other companies to know if this particular company complies to laws or not; the proxy is enough to establish reputation.

Here is where things get tricky.

Assuming the whole for the part

We humans are interesting beings, since we’re both irrational and rational in equal parts (even if most of us deny that!). Again, this is an evolutionary trait, and we cannot dismiss the utility. We have already seen how important it is to work under the assumption that we don’t have all the data, and still manage to get the correct result, which used to be a survival trait. Thus, working with partial data is quite common for us; we talk about people who are “highly intuitive” because they don’t seem to need to reason much about something to come to a result. And often this result is purely irrational — in the sense that it doesn’t follow formal logic to reach conclusions — but nevertheless correct.

Let’s take our stupid examples again. Suppose you have talked to that group of movie fans an now have a good idea on the identity of the guy you’re dating, based on the reputation that this group has established for him. So instead of going to the French intellectual movie, you go to watch with him “Avatar”. After the movie, you comment that “Avatar” is already “the highest-grossing film of all time worldwide, surpassing Titanic, which had held the record for the previous 12 years” (see Wikipedia). Your date just comments: “I never watched Titanic“.

Now you’re baffled. Here’s someone who is a self-proclaimed blockbuster fan. His group of movie fans claim that he has seen every blockbuster since 1995. But he hasn’t seen Titanic. Something is surely wrong!

You might infer two things from this. One is that this guy is lying — either lying to you (he watched Titanic but for some strange reason he doesn’t want to assume that) or to the whole movie fan group (he is nowhere near the blockbuster expert he claimed to be and just managed to create a fake reputation by lying). The other is that the group you’ve consulted are absolute morons (they failed to establish a correct reputation for this guy) and not worth consulting any longer (in fact, their own reputation as a group has been severely diminished!). You might infer either or even both of them.

Statistically, however, it’s not very likely that this guy is lying — after all, as said, only 4% of us are (possibly) pathological liars. And worse than that, one thing is lying to a single person, the other is to be a convincing liar inside a community of experts on movies, all the time. Statistically speaking, this would be very, very rare. Not impossible, of course, but so rare as to be almost insignificant to consider. An alternative, of course, is that this group is full of liars that create “fake” reputations by covering up for their members (do your maths, this is even statistically less likely to happen).

So what happened here? Due to our excessive way of reaching conclusions based on partial data, we quickly fall into the Fallacy of Composition. This mostly means that we are prone to take the characteristics of a part for granted, and apply it to the whole. In the example above, we’ve fallen to this fallacy quite often. First, we assume that just because this guy never watched Titanic, he’s not a blockbuster expert as he claims (in reality, even a blockbuster fan might be unable to have watched all blockbuster movies since 1995). Then we assume that because the group of movie fans allowed this guy to lie once, they are all morons or liars (in reality, obviously, none of them has watched all movies exhibited since the dawn of time).

What happens is that reputation is also based on incomplete data, and, when we have only partial data to work from, this creates a huge amount of fuzziness. The group of movie fans did not see all movies, and they did not ask each and every member to prove that they have seen all movies. Your date has probably just mentioned quite a lot of them, and impressed the group with his knowledge. So the group inferred that he probably would also know some more movies that he watched but never mentioned in conversation, and that gained him credibility inside the group — since, of course, the group members are humans too, working with partial data, and also prone to the Fallacy of Composition.

You can see how messy this quickly becomes!

Here is my point, though. When validating a movie fan’s knowledge, which will establish their reputation as an “expert”, you might ask the following questions:

  • correctly identifies references in movies of a certain type that pop up in conversation
  • talks about movies that the rest of the group was not even aware of (i.e. showing that he has more knowledge that the average group member)
  • is consistently up to date with related/indirect information about movies beside the plot (e.g. knows a bit about the history behind the movie, or trivia about the actors in it, the Oscars or other awards the movies have earned, etc.)

But this might leave out the following questions that were never asked:

  • understanding of movies as an art form, e.g. the ability to discuss aesthetics
  • naming the soundtrack artists
  • knowing how much the movie profited in direct box office sales and indirect merchandising or DVD sales

So, once more, the tag “movie fan” is applied only to limited information that applies to a group. The last set of questions is not deemed “relevant” to be part of the “movie fans group”. Perhaps some other groups might find these relevant, but not this particular group.

What happens next is a question of expectations. If you are not a movie fan, you might think that all the above questions are equally relevant, and so, as a non-fan, you will judge a fan’s reputation by the ability to answer any of the above questions. That’s what you expect that a movie fan might know. In reality, however, it is the social group that defines the relevant norms. They validate their peers by agreeing on a common set of norms. Outsiders might have completely different perceptions of what the norms are, but in truth, these might not be part of the group’s norms. So your expectations towards recognising and accepting someone’s reputation is dependent on how well your own “list of possible norms” fit within the group’s own existing norms. If there’s a good match, you will be highly likely to pass along that individual’s reputation; in fact, if you are already a member of the group, you might have perfect knowledge on the group’s norms to evaluate reputation, and thus not be disappointed if an individual in that group doesn’t know how much the movie made in DVD sales. As an outsider, however, you will always project your expectations towards the group: you’ll get disappointed if an individual doesn’t conform to your expectations of what that individual is supposed to be!

Back to the real examples, this is where the Fallacy of Composition plays against us. In the real world, for instance, Governments will allow a company to incorporate if they follow a set of Government-mandated criteria, which will be validated. Thus, in the “social group” of all companies incorporated under a specific government, they will all conform to those criteria: they will “follow the law”.

The law will mandate a lot of things, like, say, silly examples that every company will need to have a fiscal address. Let’s take that as an example. So, every company incorporated under a specific government that forces companies to have fiscal addresses will know that every other company incorporated under the same government will have a fiscal address, too.

What about a company incorporated under a different government? Well, you will expect them to have similar laws, too, and so you project this expectation that they will also have a fiscal address as well. When suddenly you find out that they do not have a fiscal address (because their own government doesn’t have that as a legal requirement), what happens? You mistrust that company. They’re lying. They’re dishonest. They’re cheating. They must be breaking the law.

But that other company might send you a credential from their own government claiming that they, too, are fully legal and validly incorporated under that government. At this point, you cease to “believe” (or trust) on that other company’s proxy (i.e. their government) as establishing legitimately incorporated companies. You don’t wish to have anything to do with them.

The important thing at this point is to understand that no matter how many “proofs” this other company will send to your offices, no matter how many legal documents they send, you don’t trust their reputation, because they’re working under a set of social norms that are not familiar to you. Again, this is the fallacy of composition at work, linked to the notion that we make very quick judgements based on partial data.

Of course, I’m well aware that the requirement for a fiscal address is quite a silly example 🙂 But let’s try with a much harder example. Let’s assume that for a specific government the set of laws for incorporation insist on a fiscal address; naming the partners; naming the jurisdiction in case of conflict; paying taxes annually. You can safely assume that the government will ensure that all these conditions for incorporation will be met. We can even imagine that this government will disclose the registries where they can prove that company X is, indeed, validated and certified by government as being a fully legitimately incorporated company, and that the criteria have been successfully met for several years.

Now you wish to buy some services from company X, say, in the multimedia industry. Will you trust them based on government credentials on their legitimate incorporation?

I’m prepared to claim that 96% of you will immediately say: “yes, of course” 🙂 This is because almost all of us will immediately fall into the Fallacy of Composition again. We will intuitively think (but not logically!) that a company that is in good standing with the Government, in the sense that they have been successfully validated to meet all criteria for incorporation, is automatically a good multimedia service provider. “Good” in the sense of being able to provide service as claimed; to be able to fulfil contracts and obligations; to deal honestly with payments; to provide a service of quality.

But why we think like that? Governments never claimed anything of the sort.

By contrast, you might engage in conversation with the “social group” where this company works. That means “getting references”, i.e. talking to clients and employees of the company, see if they have a good track record in the industry, and so forth. This will establish that company’s reputation in the area they’re supposed to be providing services. They might be part of the local trade association or something like that, and you might be able to ask them what they think about this company’s service. In effect, the company’s reputation is established not by Government (in our example!), but inside the group of interactions with clients, partners, and suppliers.

Still, if you don’t know where this “group” is, what do you do? You rely on Government-as-a-proxy to establish reputation. We do this every day. When we buy something on the grocery store, we haven’t asked our neighbours or the grocery store’s suppliers and partners if their fruit is fresh. You rely on assuming that if they’re open for business, it’s because the local government has established some laws to regulate the market where this store is operating, and you can safely assume that “selling fresh fruit” is part of the regulations. You totally assume reputation-by-proxy.

Please note that I’m not criticising this way of thinking. We do it every day! In fact, I’m prepared to admit that we couldn’t run our complex society any other way. And, of course, I’m oversimplifying things — depending on the nation you live in, the actual set of regulations is far more extensive than I’m implying. Being part of a local trader’s association or a Better Business Bureau might be compulsory in some legislations. Some countries might force you to display on your grocery a list of certifications from quality institutes that regularly control the freshness of your fruit. In some cases, all public complains against the grocery store might have to be published publicly for everybody to consult. There is no universal rule — we don’t have a planet-wide government! — but it’s safe to assume that the “social rules” for grocery stores is quite more complex than I showed on these paragraphs.

Nevertheless, ultimately this might not answer the question: “are the shop attendants nice?” (which might be a criterium for you to go back again and shop there!) Even “is the fruit fresh?” might depend on your expectations; legislation might define it in a way you disagree with.

The beauty of the system is that 96% of the grocery stores you’ll find will very likely match your expectations 🙂 (yes, again, only 4% will lie about what they sell). That’s good enough for most of us. We’re prepared to eat that odd rotten fruit bought at a new place when we’ve already bought 25 good, fresh ones every day there.

The dark side of the system is that just because in 96% of the cases we will blindingly accept reputation-by-proxy, we’ll still be very wrong on 4% of the cases. And, more dangerously, we’ll expect that good reputation-by-proxy on a very specific area will automatically mean that there exists good reputation on all areas. In my example above, just because a grocery store might have a fiscal address (good reputation which is validated by Government as to compliance with local laws), it does not mean they’ll have fresh fruit too. We just assume it does. In 4% of the cases, we’ll be wrong. But that’s not only because the grocer is a liar; it’s because we’re transferring reputation-by-proxy from an area to another one which works under different rules and assumptions.

Thus, on the reverse example, you might ask a group of fresh fruit fans where to shop, and they’ll tell you which shops to avoid, based on a criterium that’s good for you: fresh fruit. On the other hand, that rickety stall quickly assembled near to a corner of the street with the dubious character running it might have the most lovely fresh fruit you’ve ever seen in your life… but very likely have no fiscal address. Which is more important, compliance with the law (one social group which might have little relevance to your health or pleasure when eating fruit), or reputation from the group (a different, unrelated group which has little interest in how grocers pay their taxes, but loves healthy, fresh fruit)?

And that is a question I can’t answer easily 🙂 So it’s time to keep this in mind, and switch over to the service economy in the 21st century, which is digital and online.

Reputation in the digital world

Let’s bring up the old cliché of the Internet fans (of which I’m naturally one!): it’s all about interconnecting people, independently on where they are, or what their gender, age, or ethics are. I will not waste time looking up the emergence of social groupings in the digital world; visionaries like Nicholas Negroponte, for instance, have sold more bestseller books than ever on this subject. Papers and thesis pile up on every university in the world talking about this. The dawn of the Internet broke “geography” as the limiting factor in how communities are built, but it brought our gregarious trends to the digital world where people forge connections without the need to be in physical presence of each other all the time.

If you have been reading this article with attention, you might have noticed that I left out one example of relationships — personal, intimate relationships. These are hard to fit into the model, but just for one reason: while many of us immediately rely intimacy to physical contact, this is by no means necessary. Intimacy is usually defined as a set of circumstances that allow people to share common secrets (whatever they are; don’t read too much in the word “secret”, for some people certain knowledge might seem very trivial and even banal to many, but not for themselves) which forge a very strong bond between them. In human relationships, we tend to see “close friends” and “partners” or spouses as sharing this bond. When the bond involves sexual contact, we expect physical presence. But, again, a large percentage of people don’t see things in this way, which is merely a conservative, traditionalist definition which simply might not apply any longer. While I’d be hard pressed to find examples of long-lasting intimate bonds (over several decades, not merely days or even months) that will even include sexual fulfilment without physical presence, I still think that these are not a significant percentage of the overall world-wide population.

On the other hand, not all intimate connections require sexual fulfilment 🙂 — at least when we define intimacy as “bonds arising from mutually sharing common secrets”. For those, as we can imagine, intimacy requires, once more, the establishment of reputation, and the identification/validation of that same reputation. Put into other words, you trust someone with your innermost secrets if they have an ethical behaviour that is consistent with your own (i.e. both share a common set of rules applying to your own social group), and the group endows that someone with a good reputation.

I have deliberately kept the notion on how to validate that reputation vague. In the real world, we would simply talk to that person, and our evaluation would mostly fall on both internal behaviour (expressed through words) and external behaviour (actions according to the established norms for the group), consolidated by using the attributed reputation by the group (with which we would presumably have some sort of contact). However, the digital world is not much different, except for the determination of the external behaviour, which can be inferred but probably not directly perceived.

Taking an extreme example, let’s suppose that someone adheres to an ethical code of conduct that forbids them to mistreat animals, and is interested in developing an intimate relationship with someone they just met. It’s conceivable that in the real world you would be watching what your date is doing. Does he kick cats and dogs on the street? Does he spontaneously buy bread to feed birds in the park? If you can observe those actions directly, you can feel confident that this person does, indeed, share the same norms of your group, and thus validate his reputation as someone friendly to animals.

In the digital world, however, this proof cannot be obtained directly. Someone might be chatting (or talking on the phone) on how much they love animals, while kicking the dog under the table. If distance (or other physical conditions) might prevent a physical validation of actions, how can you be sure this people is not simply lying?

But like the real world, direct validation is just half the story: reputation, which also points to identity, as we have seen before, is also part of the process. Even in real life, your new boyfriend might show tenderness and care towards animals, but kick his mother’s cat when at home. How do you know? In real life, you’d ask the mother directly (or potentially get in touch with your boyfriend’s friends). This is just dealing with reputation. If many individuals part of the same social group confirm someone’s reputation, your own validation might be less important. Even if you never see your boyfriend actively petting an animal or treating them well, you will accept the social group’s perceived reputation as part of your boyfriend’s identity. Sometimes this can be overwhelming, to the sense that the boyfriend might never reveal their affinity with animals — and thus, ordinarily, you would never directly perceive that trait of his personality — but his reputation as an animal lover would still be transmitted through the network of connections of the social group. Your boyfriend’s identity would still be perceived as having a loving relationship towards animals even if he never talks about it (because he might be shy… or embarrassed to talk about it!) and never physically performs an action of empathy towards animals in your presence.

The digital world pushes the focus on reputation, and less on actions, since actions will be (mostly) intangible. You might never be able to see your new online boyfriend petting an animal. But you might have instant and immediate access to your boyfriend’s network of social connections and ask this network about his stance towards animals. Indeed, the mere fact that our digital lives become more and more complex, with more and more information voluntarily published by our own selves on all sorts of social networking websites, facilitates this reputation-gathering: at a glance, you can see to which groups someone belongs, and often be able to contact all the members of those groups. If someone has a tag of “animal lover” on their profiles, and that is a blatant lie, it’s sure to attract comments from angry members of the social group which will very vocally deny the claim. In a sense, since digital communication is so much faster, so much more information-rich, so much more widely encompassing, it can build up reputation — good or bad — very quickly, and disseminate it quickly and effortlessly across the digital channels.

Some of you might remember having passed along chain letters to see how long it would take until they reached you again. When using postal mail, this might have taken years; using Internet email, it might be insanely quick. This is how information about reputation is also quickly spread: through word-by-mouth. Unlike what happens outside the digital world, where word-by-mouth is not very fast and has a limited range, word-by-mouth on the Internet can be very quick and far-reaching — dozens of thousands of people might be spreading a meme about an individual’s reputation in a matter of seconds, using lots of different techniques (email, Twitter, Facebook, IRC, IMs on SL group chat…). On the digital world, the meta-beliefs around reputation go around very, very quickly.

However, so do false beliefs. And here is usually the catch when we think about online, digital transmission of reputation. Rumours are spread very quickly, but even more so on the digital world. Thus, a lie also runs much faster. Worse than that, the feeling that you’re pretty much immune to direct, physical retribution if you spread lies on the Internet, traditionally, because of this, we assume that lies are widespread on the Internet far more than on the real world.

Well, to a degree this is true. But again we are following a fallacy: the notion that people on the Internet lie more than outside it. The astonishing result of the authors of Freakonomics is that the number of people lying is astonishingly low even when there are no incentives to be honest (or a lack of sufficient deterrents on liars). This goes a bit against our (biased) feeling that most people are dishonest, it’s just the law that “keeps them straight” because of the ability to physically enforce this very same laws.

I admit I was quite amused and even very surprised when I read those results. I had to turn to Kohlberg’s stages of moral development. I’d claim that Kohlberg is sometimes an optimist, sometimes a pessimist: democracy is a form of government that is related to Stage 5 of moral development, but most individuals are on Stages 2 and 3. Put into other words, while the founders of democracy understand that a better society is one that assumes the notion of a social contract — people behave to benefit the whole of the group by adhering to a standard set of rules they agree with — we assume that most people only adhere to these same rules because they fear repercussion. The interesting result observed by the Freakonomics authors showed otherwise. Even without enforcement, most people will observe a code of conduct most of the time that benefits the group as a whole. By “most” I’m assuming a relatively high percentage — 85 to 96% of all people. As gregarious animals, we shouldn’t be surprised: although we are highly individualistic, very few among us can really survive outside all group structures, and we recognise the need to conform to the group’s rules in order to maximise our benefits. A very low percentage is able to “tweak the system” in order to gain direct benefits while making the rest of the group suffer, and this is common throughout most of the so-called civilised world (very understandably, when we suddenly realise that this small group of egotists are actually the ones most often elected as representatives, we are disgusted with the corruption of a democratic nation).

If we bring the example to Second Life, for instance, we’ll see that the vast majority of residents could be completely anonymous if they wished. They could easily get an email address on Google Mail, register an alt, and grief the whole grid. There is no deterrent, no enforcement. So why aren’t we all griefers, if we don’t fear retribution or consequences? Surprisingly, the number of griefers is actually quite low; and similarly, even though content can be freely copied, the number of content pirates is quite low as well, almost insignificant compared to the overall resident population (just note that while the number of people in absolute or relative terms might be very small, the impact of their actions be tremendous!). This is, and will always be, a very startling result, since our “common sense” makes us believe otherwise. In effect, we usually think “if I have the freedom to grief, and fear no repercussion, I could be griefing the whole of SL, and everybody else is thinking the same as I am, so we could all be griefing without fear”. Ironically, we never ask ourselves the question: “well, why don’t I become a griefer then?” If we ask that, the answer is that it simply doesn’t feel right, even in the absence of deterrents. It’s not merely a purely altruistic behaviour, i.e. deliberately seeking group approval by following naturally the rules “because they are right, and I’m a righteous person”. In fact, most people don’t think that way. They follow the principle of the “intelligent egoist”: pissing everybody else is a bad strategy, since it means being shunned by others. By contrast, benefiting others will make them more likely to benefit you in return, because they’re happy with your behaviour. Ironically, this “intelligent egoist” — a hypocrite, if you wish — is more common than we imagine, and it’s the foundation of most communities. We don’t “behave badly” not because we feel that we’re very good persons with a golden heart, but simply because that strategy will lead to having a whole group very happy with you, and thus allowing you to extract some benefits from the group. It’s an egotistical approach to adhesion to social norms: “I’ll be politically correct so as to get a good name inside this group, and that way, I’ll be more able to manipulate others to give me what I wish of them”. The strategy works well. It created whole stable civilisations, where criminality, although it exists, is always small (in relative numbers).

But what is this behaviour but merely establishing reputation? In the digital world, where “actions” are not directly perceived, behaving as the group expects you to behave will allow you to extract the most benefits, as the group spreads out the meme “this person is ok, this person conforms to the rules”. Nothing shows this better than the SL-friendly social microblogging site Plurk. Plurk’s owners had a dilemma. They have seen how Facebook and Twitter operate, and seen the rise of social networking spamming. The principle is simple: most people are used to reciprocate friendship offers. This means that all that a viral marketeer has to do is to add friends randomly. Most will be socially compelled to return the favour. That way, you get a list of people who have “signed-in” to your private spamming list. They can’t even complain that they’re getting spammed: after all, they did add the “friend” in the first space.

Plurk added an intriguing concept, “karma”, which follows some rules. If you add friends (expand your social network), you get more positive “karma”. If you send them messages (thus exchanging information and making Plurk more content-rich), you get more “karma”. If you stop sending messages for a while, your “karma” will lower (thus incentivating the need to be signed-in on Plurk and add more and more messages to your network). Clearly this would mean that a viral marketeer adding everybody on sight and spamming them very aggressively would make a huge impact — and skyrocket your “karma” (which is a measure of “trust” based on perceived reputation). But that’s not what happens. Why? Because when someone else drops you as a friend, your “karma” lowers — very dramatically so.

Viral marketeers have thus to be very careful. If they send too much spam to their “friends”, they will cancel the friendship with you, thus making your “karma” drop so much, that it’s highly unlikely that they’ll accept an invite from you again. But if you don’t send any spam at all, your purpose of using Plurk is wasted. This artificial measure of someone’s reputation actually works quite well. Plurk, to the best of my knowledge, doesn’t have anti-spamming filters — but have a surprisingly low spam ratio. You can game the system, artificially inflating your “karma” by creating thousands of different accounts and sending them fake messages just to raise your “karma”, and thus look at “reputable” when hunting for more friends. But a single spam message that makes one of those friends to drop you from their list will affect “karma” so negatively that from then onwards, people might simply never connect to that marketeer’s profile again.

Plurk might not be the best choice out there, but they have proven with their system how reputation on the digital world can actually be self-filtering. Plurk doesn’t need to rely on any other mechanism to weed out viral marketeers, spammers, scammers, or members with unacceptable behaviour. All they need to allow is for people to blackball someone.

Alas, of course the system is not perfect. You can practice ostracism quite effectively. If someone “influent” on the network (meaning that they have high “karma” and tons of friends) suddenly gets angry with someone else, who might be completely innocent, they can simply ask for all their friends to drop the connection with that person, thus blackballing them by lowering their “karma” so much that it will be highly unlikely that they sign back in again. In practice, however, this is not that easy to do — it requires a lot of charisma to be able to persuade a large enough number of friends to ostracise an enemy. Not everybody has that degree of charisma; in fact, I’m prepared to admit that this number is tiny, possibly much smaller than the number of individuals in a given group that are fundamentally dishonest.

Other digital environments use different mechanisms and strategies to record people’s reputation. eBay and Amazon.com allows users to rate merchants or to leave comments about them. PayPal users get an internal rating depending on the successful transactions completed. Although I think these systems are quite ineffective — and are gamed as well, of course — there is still the ability to warn others outside the system, i.e. writing blogs or posts on public forums that have nothing to do with the company providing the service. Thanks to Google Search (or Bing!), searching for someone’s reputation online becomes easier and easier. Sometimes it becomes too easy for a residential, private user to track people down (thanks to Soft Linden for the link!).

With over 2 billion human beings on the Internet, this is now a global reputation marketplace 🙂 Of course I’m not claiming that the system is “perfect” — no system ever is. However, it has become quite simpler to locate some information on a specific individual (or company), and read what people know about them. As most people are quite loose with what they reveal online about themselves — at the very least, they publish their list of friends and a few groups of interest — it’s easy to validate “digital reputation” very quickly and effortlessly. A lot of that information might be rumours and it might be false; some might be exaggerated; often, the most vocal ones are not part of the majority; but as a rule of thumb, digital reputation matters. How much it actually matters is very apparent on two major services: eBay and Second Life.

Digital reputation is online identity

A few years ago, Amazon.com started offering a new service. Instead of acting as the sole supplier of goods to their members, they started validating some merchants (and individuals) and allow them to sell items to Amazon.com’s members too. The mechanism to become an Amazon.com seller is allegedly simple. There are many types of sellers, some of which are invitation-only and will deal through Amazon.com as an intermediary; others are open to individuals and small companies and require little else but registration, and are allowed to sell directly to the end-user. Amazon.com’s idea was simple: if we can cut down the red tape in gathering more products to be sold through our services, we will increase the number of happy customers and our revenues at the same time.

eBay had long since gone a step further: eBay itself is not a merchant, they just act as the electronic marketplace technology provider. Sellers and buyers contact each other directly; eBay does not even act as an intermediary, except in the sense that they provide a tool to list services and handle the underlying transactions.

Since the audience of those services is global, it means that different legislations require a different compliance to national laws, specially in the case of small businesses. From the perspective of an European buyer, ordering something from someone in the US, China or Russia is pretty much the same thing: the laws regulating business transactions on those countries are so different that it hardly matters for an European user what kind of “real life” information was disclosed to eBay. Very likely, even if they had sent volumes and volumes of documents and certificates, you wouldn’t be able to read them; and even if you can read those, you might not be sufficiently proficient on international trading laws to be able to rely on those documents to establish credibility and a good reputation. This is the typical case where using a government for reputation-by-proxy is totally, completely, utterly meaningless.

So what do eBayers do? They rely on digital reputation, and since “ratings” can be easily gamed, this means also reading things on forums — either the ones from eBay or independent ones. It means sending those companies and individuals on foreign countries some messages and see how they reply. But mostly it means questioning the network of eBayers to try to assess a specific vendor’s reputation.

Is it effective? Well, of course there are scams, and of course there are failed transactions, and lots of horror stories. Nevertheless, eBay still prospers, and, surprisingly, the number of frauds is quite low — much lower than the usual “magic number” of 4% of liars (btw, credit card fraud at the start of the millennium was close to that percentage, but it has dropped to about 1.4% these days). Personally, I cannot believe that all that is thanks to stronger measures of prevention (although some technology improvements have certainly helped). China has as many Internet users as the US, but I have absolutely zero chances of validating a certificate emitted by a Chinese official (even if I might be able to do so for a US company); nevertheless, overall fraud has decreased in relative numbers. My own evaluation of the issue follows the argumentation in Freakonomics: even though the chances to sue someone in China for fraud is very low, any serious Chinese merchant, just like their US counterparts, is more likely to continue to do good business by establishing a good online reputation, since that’s all we can seriously evaluate. The incentive to do better commerce online is directly related to the amount of positive recommendations attached to a merchant, and much less to the “amount of paperwork” that this merchant is able to provide. This is even more important with intangible goods (e.g. service providing) where you can’t even look at a picture of what you’re supposed to be buying. You have to rely only upon word-of-mouth reputation.

Fortunately, these days, all you need to do is a few Google searches. Even the most awkwardly-spelt company name from the remotest country in the world, if they’re serious about their business, will have something written about them somewhere on some place, in a language you can understand. And even though you have to take what you read on the Internet with a pinch of salt (or often a whole barrel…), it definitely means that small companies in remote locations are actively engaged in enhancing their online reputation, since they know this is all that they have to show their honesty and ability to deliver. A good recommendation on LinkedIn is far better than publishing your tax report.

Again we have to point out the major difference on transactions through the world-wide Web: it’s decentralised and global, and the mere distance will make small-scale operations hard to validate through established international sellers. Putting it differently, how much are you willing to pay to lawyers to sue a company in the Caribbean for the sale of a single CD for US$10? Or if you can’t afford to sue, do you really believe that the Interpol will take your case seriously enough?

So what’s your choice? Asking around on the ‘net to see if that Caribbean company is legitimate is probably far easier, and even though it takes some time (for instance, asking on forums if anyone ever bought some CDs from them), it pays off. Remember that a good customer experience will make the buyer tell 5 friends about it, while a bad one will be reported to 50 friends. So it’s far harder to maintain a good reputation than a bad one. Multiply that by a million when we’re talking about the world marketplace on the ‘net, and you’ll see how important a digital reputation is. Serious, honest companies know perfectly well that if you sell on a global scale, you have few arguments, based on local reputation only (or strict compliance to local regulations), that will impress your potential customers. A good review on a popular blog, however, will make all the difference. Being helpful in answering queries and questions, specially on open, public media (like forums or comments on blogs), goes much further than publishing your tax forms. Nobody will check up if  “Room 604, 1376 Nanjing Xi Lu, Shanghai” actually corresponds to a real address (well, they might look it up on Google Maps), but your clients will definitely want to see what you say on your webpage, and look it up on Alexa to see how much traffic you get, and cross-reference it via Google to find someone who wrote a report on you.

(A small parenthesis. I hope nobody thinks I’m picking on China purposefully; it’s just an example that crosses my mind often, since I’m pretty sure I couldn’t read a certificate of incorporation in Mandarin Chinese, and I believe that most of the readers on this blog wouldn’t, either. On the other hand, some of my best shopping experiences on eBay have been with Chinese vendors. They went through pains to make sure everything was delivered to me, even if in one case I completely mistyped my own address! Thankfully, China is in 2010 close to be the largest English-speaking country of the world, so language was not a barrier. Also, for us Second Life residents, dealing with Anshe Chung has shown how she could build a reputation across three virtual worlds — building her content empire on SL, IMVU, and now Frenzoo — and be on the cover of a magazine. Would that be possible if Anshe relied only on her real world credentials to establish a reputation? I’m afraid not.)

So why do people like Scope Cleaver still complain about stupid clients that don’t take his credentials in the digital world as his base of reputation? I think that the real reason comes from “common sense” which has little or no sense at all, and this is something that requires a drastic mentality change, which, however, is not forthcoming. The world is simply changing too fast, and old habits die hard — since WWII at least nobody trusts a mere signature on a paper, but the point is, there is no rational, logical reason for doing otherwise. I have repeatedly read and heard stories about how my fellow SL residents “would never do business with someone they never met in the real world”. But when I asked them if they were ever victims of a scam or a fraud by someone they never met “in the flesh”, they all invariably answered “no”. Or rather, “no, but…”. If I pursued the issue a bit further and asked them if they had any friends of contacts that were actually scammed with fake identities or similar abuses perpetuated on the digital world, where “forging an identity is simple” (or so it is claimed), they utterly failed to give a single example (my own experience is the total opposite; the biggest scams I’ve been a victim of were all perpetuated in the flesh, once at gunpoint).

The list of reasons for “dealing in the flesh” is as long as the White Pages. Typical comments are “I have to look in someone’s eyes to know if I trust them”, or variations related to reading body language. As I’ve alluded before, body language is just part of the issue of confirming a reputation, but the real checks come from the group that has emitted that reputation. In a sense, however, most of us labour under the false assumption that if a thousand people claim that a specific individual has a good reputation, you have superior mental powers able to determine the rotten core, but your mental powers don’t work across a telephone line (or an email message). Scope gives the following fine example, which is also common: if you decide on a supplier based on quality of their service, and you can get hundred references for their good work, and look at the portfolio online, why is “knowing the real name” so important? Why do so many people believe it’s harder to forge a copy of an ID card with Photoshop than to forge a list of hundred references from happy customers? As I once showed, forging an ID card, even for the non-expert Photoshopper, just takes a couple of hours:

Well, granted, that picture is from 2007 and definitely not one of my best, but I’m pretty sure that I could get it done much better these days 🙂 So, with a little more patience, I could use that ID card to open a bank account, register a small business name, rent a PO box, and make nice-looking documents of all the above, and prepare my mega-fraud. You might ask me why I never did that; believe me, the temptation has been great, and I do have a credit card emitted under the name “Gwyneth Llewelyn” 🙂 But is this the correct way of doing business? Hardly so. I prefer to rely on my reputation instead.

On the other hand, ranking #8 on Google if you search for “Gwyneth” (the first links are all from the lovely Gwyneth Paltrow) took me about 5-6 years of building up a digital reputation that made people all over the world to link to me, or quote me, or, well, publish things where my name is referred someplace else. That cannot be easily faked. And even — admittingly — that a computer wizard with a criminal mind would be able to reproduce all that in a few days (assuming it’s possible!), what would be the point? If it’s to sell L$100 HUD attachments, that’s hardly worth the time spent in setting up the whole thing. If it’s to do a US$100 million fraud, are you sure that the Interpol wouldn’t be after you?

Since we’re back to Second Life… yes, Second Life is also a huge marketplace, which bears more similarity to eBay than to anything else, if we just examine the economic aspects of it. Obviously eBay makes far more money than Linden Lab: the difference is that in SL only content is sold, and content is insanely cheap (compared to eBay’s average price). Nevertheless, SL has several orders of magnitude more items for sale. And Second Life residents are as pseudonymous as eBayers — they reveal as much information as they’re willing to reveal and not more than that. That allowed over half a billion US$ transactions last year alone. So somehow, in spite of the utter lack of “real life credentials” attached to avatars, people still buy and sell like crazy inside Second Life. We shouldn’t be surprised. They do that on eBay, too. Perhaps the difference is that SL has a vast amount of information on its own blogosphere that allows patient tracking of someone’s reputation.

So, honestly, we have to re-examine the motivations for the “need” and the “obsession” with so-called real-life identity. I continue to insist that there really are only three reasons. The first is purely irrational, and is a direct consequence of the Fallacy of Composition which makes us think that partial information (in this case, a copy of a “real” ID card or Government-emitted certificate) is enough to establish reputation-by-proxy. It is also closely tied to “common sense” (or, rather, common nonsense): we feel that if thousand people claim this person is honest, you might have a different opinion by standing in the same room and breathing the perfume she’s wearing.

It’s very, very hard to drop old misconceptions of the universe that surrounds us. Things won’t change in a day, even when people are faced with evidence proving otherwise. It’s what some guys call “gut feeling”: in business, you have to trust your “instincts”, not real, factual data, which can be “spinned” or “doctored” to look better than it is. Incidentally, a good reason for that attitude on the business side of the issue comes from the typical notion that a sales representative has to “lie” to sell a product — even if it’s just a “white lie” that enhances and overstates what a product or service does. Haggling is apparently part of our instinctive behaviour: the ability to “role-play” a negotiation, where both sides will present fantastic arguments, often little related to factual reality, but by “outstaring” your adversary on the negotiation, you’ll get a better deal that way. Online communications replace all that “emotional game” with facts, and salesperson don’t like that (you might remember how at some point in the early Internet days, many companies were very reluctant to display their prices publicly, “because a client might compare us with the competition much easier that way”, thus bypassing the salesperson entirely. Nowadays, most companies fear that if they don’t list their prices, their customers will think — often rightly so! — that they have something to hide, and go shop elsewhere, where all prices are shown).

On Second Life, the problem has only arisen recently with the rise of pirated content. Since on the Web this phenomenon is rare (you can usually grab most things you see in the Web for free), people were simply unprepared for it, and suddenly realised that they were relatively unprotected. It’s not that they were protected at all; they just laboured under the false assumption that they were. When this assumption was finally shown to be false, many desperately raised the cry for the end of anonymity (or pseudonymity). Since this would also minimise the issue about teens on the adult grid and similar problems, Linden Lab lent that very vocal minority their ears. But this is not the most important reason.

The second reason is a legacy of bureaucracy. As said, at least since WWII, business transactions relied almost exclusively on exchange of documentation, often witnessed by notaries, and certainly with lots of reputation-by-proxy documents coming from governments or institutions. It’s hard to dump all that into the waste bin after being so used to that system. Corporate rules might be impossible to overcome in some cases, even if individuals might be willing. This is a roadblock for some organisations, but I have seen the tide slowly changing. Email was the first breakthrough. Imagine that a defence contractor signs a paper-and-ink document establishing that they will outsource some work to a service provider, which has delivered tons of documents and certificates. After the contractual phase is finished, the first thing they receive is an email saying: “Hi, I’m John Doe, and although we never met, I’ll handle project management on our side”. From then on, contacts might be made via email with that person without a second thought — even if the contractor might never heard of John Doe before, has no clue how easily email can be forged, and has no way to know if this person is a legitimate employer. But of course they think that they can always sue the company if this John Doe is not legitimate…

The third reason, and this is what has happened with Facebook, and possibly with Second Life soon, might be far more interesting. Wallace Linden unveiled the issue a bit, when talking about “fighting for the right of becoming an online identity provider”. These days, it starts to become hard to find a website that doesn’t allow you to connect with your Facebook, Twitter, OpenID, Yahoo, Google, or Microsoft Live account. Linden Lab seems either to think that they could enter this market as well, or, conversely, accept digital IDs from those providers to register for SL. This would make some things very easy, e.g. imagine you’d register with your Facebook account, and would automatically get a list of all your Facebook friends that have also joined Second Life as well, and offer to connect with them. As described on an earlier article, I believe this might give SL a huge boost, specially during the first hours/days, where you haven’t explored anything yet and have no idea who your friends are. But to allow this — I haven’t read Facebook’s terms of service for interconnecting with their digital ID service — LL might require that somehow the Facebook-linked profiles only have RL data on them. I’m just wildly speculating here, of course, but I can imagine this to be the case.

But perhaps all that Linden Lab wants to do is to go the same route that Facebook went in 2007: display content-targeted ads. When Microsoft agreed to deploy their own ad engine on Facebook (following Microsoft’s acquisition of a chunk of the shares), they specified that their advertisers would only be able to do some serious work with profiles with “real” names and addresses, not silly nicknames, so Facebook changed their terms of service accordingly, and started to kick out profiles registered under a nickname. (Of course, stories like this one show that Facebook’s way of dealing with private information is less than stellar.)

Maybe — just maybe! — Linden Lab started considering to use the same technology to display in-world ads, or ads during teleportation/login. That would mean providing as much real data on the avatar as possible.

Profiling data on the Internet is definitely one of the best business areas to be at this time. It’s a marketeers’ paradise: where once they only had data warehouses processing truly anonymous usage (say, supermarket data), now they can not only get direct real data from Facebook, but, thanks to the publicly displayed friends list, gather information on your friends and family too…

Sadly, this is one typical case where the whole world has been placed upside down. Instead of demanding more access to real data to establish some reputation and link it to an identity, for the purposes of enhancing business transactions — still a fallacy, but nevertheless one that we’d be familiar with — what Facebook is doing is allowing targeted spamming via their service: a dubious borderline practice which is close to the boundaries of what is legally permissible. Spamming might be illegal on most countries, but targeted advertising, which requires exchanging real data among several unknown companies, is not. Ironically, the issue is not even “privacy” vs. “establishment of reputation” any longer: it’s just a question of who sells more ads…

Print Friendly, PDF & Email
%d bloggers like this: