About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Barclays to tighten online banking security | Main | That whole trust thing »

The chat room paradox

By davebirch posted Aug 26 2006 at 10:20 AM

[Dave Birch] Chat rooms are a great place to start thinking about digital identity. Especially where children are concerned. I started thinking about this again while I was dipping into the privacy vs. anonymity debate that is swirling around our corner of the Internet yet again. If we (ie, the digital identity illuminati) can solve the chat room problem, then we'll really have achieved something.

Chat rooms were in the news recently because UK users of Windows Live Messenger or MSN Messenger can now click a new button in the chat application to contact police with reports of suspicious behavior and instances of inappropriate sexual conduct online (eg, any mention of having viewed Celebrity Love Island). But how do you know who was being "inappropriate"?

Technorati Tags: ,

This brings us back to the fundamental chat room paradox that we touched on last month.  To restate... Your kids want to go in a chatroom and you will only let them go into the chatroom if you know (in principle) who everyone else in the chatroom is, but you won't let them go into the chatroom if they have to disclose who they are.   So in an "open space", you want to everyone else to disclose their identity but keep yours secret, just in case of one the other people who has disclosed their identity is lying and is actually someone else (so that if they do something bad, the police can't catch them).

My head hurts.

I think the solution to the paradox, as I consistently maintain, is to take pseudonymity seriously.  The problem isn’t the chat rooms themselves, but that no-one knows who is in them: it’s a problem of identity that pseudonyms could solve.  We generally take proving identity in the real world generally means proving who we are, but in the chat room we can clearly see the problem in a digital identity context.  It's not who you are, but what you are:  are you an adult, UK subject, Manchester City fan, British Airways customer or a single parent?

Suppose that teenagers were given avatar by their school, or their parents’ bank or as in an interesting pilot scheme for children in care, a charity (for example, the Who Cares Trust, who presented on a version of this idea at the 4th Digital Identity Forum back in 2003).  Now suppose that the pseduonym (ie, public key certificate) contained a few unforgeable credentials (“I am between 14 and 18”, “I am male”) but that the children could choose any name they wanted for the ID (“I am David Beckham”). This gives the best of both worlds: the kids can log on to appropriate chat rooms, but no-one else in the chat rooms (nor the chat room operators) will know who they really are. 

My bank could give me an avatar of Donald Duck, but I couldn’t use it to get up to no good because if a police warrant asked my bank who “Donald Duck” is, it would tell them: and naturally the chat room operator -- such as Microsoft -- would only accept pseudonyms from reputable organisations such as my bank.  Thus, no-one in the chat room would know the real identity of the participants but none of the participants could get away with any illegal behaviour.  In just the same way, a travel agent might be happy to accept my BA Executive Club pseudonym, which leads us back into the world of federation etc..


The comments to this entry are closed.