About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion

Advertisers

Technorati

  • Add to
Technorati Favorites

License

  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Stux on you | Main | Red army »

Put your game face on

By Dave Birch posted Dec 6 2010 at 6:34 PM

[Dave Birch] Who are you? That's an easy question to answer in cyberspace, because no-one knows you're a dog, so you can be anyone you want to be. This means that you can do bad things, doesn't it? Surely it would be better to make people disclose their "real" identities online.

I was thinking about online identity -- again -- because I was working on a report for a client of ours and I was thinking about some issues around multiple identities. In cyberspace, multiple identities make sense in a way that has no analogue in the analogue world, if you see what I mean. Now, a fundamental objection to letting people have multiple identities is that it will enable them to get up to no good. And it is certainly true that there are people out there getting up to no go. When I was writing a post about virtual commerce over on Digital Money, I came across this interesting piece about the activities of fraudsters after virtual gold.

Operationally, gold frauding is much cheaper than gold farming as you don't need to spend time building up characters, farming assets, and waiting to be banned. Since you are hitting accounts and looting them on a one-time basis, you are not going to trigger traditional gold farming detectors.... and if you get banned, on to the next victim.

[From World of Warcraft under stress from Gold Frauders via Phishing and Key Loggers - PlayNoEvil - Game Security, IT Security, and Secure Game Design Services]

While the theft of virtual gold may well be a serious problem, in the great scheme of things it's probably not the no.1 priority of law enforcement (which is why kids use two-factor authentication for these kinds of games). But we have to recognise that there are much more serious problems.

Michigan resident and twice-married mother-of-five has been charged with “using the Internet to entice a minor into sexual activity”, after she seduced a 15-year-old boy while playing World of Warcraft. 35-year-old Angie L. Jenkins told the teenager she was 21, while he swore he was 20.

[From 35-year-old woman charged with seducing minor on World of Warcraft]

Without minimising the seriousness, I do find this example particularly useful: both participants in an online exchange were lying! What can we do about this? Well, to continue with the World of Warcraft (WoW) theme, let's looks at what Blizzard actually tried to do: they decided to introduce a "RealID" system (not to be confused with the US government's "RealID" system because the WoW system was intended to be secure).

the RealID system also identifies you by your real name instead of a character name or alternate identity. Friends who may have previously known you by your character name will now know you by your real name, whether you've ever told them or not. This is information pulled straight from Blizzard's account information and billing system - information that was previously private.

[From Player Perspectives - A Pain in the RealID - MMORPG.com]

How on earth could anyone have imagined that this was a good idea? Apart from anything else, the "real name" associated with the account that my kids use is me, not them, because it's my card that's used to pay for their subscription. I'm very uncomfortable with them using their own debit cards online precisely because I don't want them to give out their real name. But the story gets even more crazy.

Another enhanced feature of RealID is the ability to see friends of friends. Once you're on a friend's RealID list, you can now see the (real) names of anyone they have added to their RealID. The idea behind this function is to allow players to easily add mutual friends without having to ask a dozen people for their e-mail address. The potential use behind it to find out more information about someone that trusts you with their RealID is far worse.

[From Player Perspectives - A Pain in the RealID - MMORPG.com]

This is so wrong. I spoke about the "chatroom paradox" (an example I often use to illustrate this point) at the BCS ISSG "Privacy Day" recently. The point is that people seem to want the "real" identity of counterparties but don't want to disclose their "real" identity in case the counterparty misuses it. Blizzard really misjudged what people want and so they had to abandon their plan.

Sidney Eve Matrix, a film and media professor at Queen's University in Kingston, Ont., who studies cyberculture. "They know the culture requires to some extent an online persona. … It was a cultural misstep, really."

[From CBC News - Technology & Science - Battle to preserve online anonymity rages in video game community]

It isn't just about having a persona, it's about having a persona that can demonstrate certain credentaials (eg, I am over 18, I live in the UK, whatever). In fact, it's about having a number of persona and, I would argue, it's about having persona that are relevant to transactions.

“Who are you?” equates narrowly to Identity. It is only Identity at a sufficient level of trust the meet the requirements of a specific entitlement. In the simplest case, the person can be completely anonymous; in a municipal car park, only the ability to pay makes sense. However, they may keep a record of your car registration number. Requests for Housing Benefits are at the other end of the scale. The identity offered does not need a unique code.

[From Idiotic Identity Fallacy – No2UID « Quarkside]

I prefer to see these issues separated: I think that you do need a unique identifier, but that that identifier should not be part of transactions, and I think that there should be privacy rather than anonymity for low-value payments, but the central point is correct. I wonder if the attitudes forged by WoW and such like mean that the next generation will be far more tuned-in to what identity means in cyberspace: we have to stop forcing our "cardboard age" notions of identity on to them or we'll never make any progress in solving real problems.

Incidentally, if you are interested in the idea that WoW and the like are more than just games, I happen to have on my desk a spare copy of the excellent "Fun, Inc." signed by the author Tom Chatfield. I will cheerfully send this interesting book free to the first person to respond to this post with the name of the WoW character, who became popular due to a video of the game that circulated around the Internet, who famously led his friends to their doom because he wasn't listening to the other players plotting their moves. The phenomenon has since spread beyond the boundaries of the gaming community into other online and mainstream media, so that the name has become a byword for a team member whose reckless enthusiasm and inattention to plans leads to disaster.

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a00d8341c4fd753ef0147e06cefb7970b

Listed below are links to weblogs that reference Put your game face on:

Comments

Thanks for rising the identity issue that I believe will be solved soon in a way we don't expect yet :)

Leeroy Jenkins. People talked about interactive TV, to some degree MMORPG are that.

Leeroy Jenkins is the correct answer! Send me your postal address Brian and the book will be on its way.

The comments to this entry are closed.