There’s a bit of a row going on about Twitter, Facebook, social media in general and bots. It’s a serious issue. Democracy was invented before bots and doesn’t seem to work terribly well in their presence, so in order to restore peace, low taxes and the tolerable administration of justice we need to do something about one or the other. Many people seem to think that we should do something about bots. The noted entrepreneur Mark Cuban, for example, caused some debate recently by saying that…
He’s wrong about the real name, because anyone familiar with the topic of “real” names knows perfectly well that they make online problems worse rather than better. He’s right about the real person though. Let me use a specific and prosaic example to explain why this is and to suggest a much better solution to the bot problem. The example is internet dating, a topic on which I am a media commentator. Or at least I was once.
A few years ago, I appeared on a programme about internet dating on one of the more obscure satellite TV channels. They wanted an “internet expert” to comment on the topic and since no-one else would do it, eventually the TV company called me. I agreed immediately and set off for, if memory serves, somewhere off the M4 in West London. The show turned out to be pretty interesting. I didn’t have much to say (I was there to comment on internet security, which no-one really cares about), and I can’t remember much of what was said, but I do remember very clearly that the psychologist at the heart of the show made a couple of predictions. While interviewing a couple who had met online, she said (and I am paraphrasing greatly through the imperfect prism of my memory) that in the future people would think that choosing a partner when drunk in bar is the most ludicrous way of finding a soulmate, and that internet dating was a better mechanism for selecting partners for life. Now it seems that this prediction is being confirmed by the data, as the MIT Technology Review reports that “marriages created in a society with online dating tend to be stronger”.
The psychologist’s other prediction was that internet dating gave women a much wider range of potential mates to choose from and allowed them to review them in more detail before developing relationships. Of course, internet dating also increases the size of the pool for men, but think that her thesis was that men don’t seem to make as much use of this as women do. Anyway, the general point about the wider pool now seems to be showing up in the data, assuming that interracial marriages are a reasonable proxy for the pool size. When researchers from the National Academy of Sciences looked at statistics from 1967 to 2013, they found “spikes” in interracial marriages that coincided with the launch of online matchmaking sites.
Why am I telling you all this? Well, it’s to make the point is that internet dating is mainstream and that is it having a measurable impact on society. This is why it is such a good use case at the sharp end of digital identity. It is rife with fraud, it is a test case for issues around anonymity and pseudonymity, it is a mass market for identity providers and it is a better test of scale for an identity solution than logging on to do taxes once every year. Now, I am not the only person who thinks this and there are already companies exploring solutions. And you can see why they want to: online dating is a huge business. A third of the top 15 iOS apps (by revenue) were dating apps.
So. How to bring the benefits of digital identity to this world. One way not to do it is that Mark Cuban way of demanding “real” names. Last year, the dating platform OKCupid announced it would ask users go by their real names when using its service (the idea was to control harassment and promote community on the platform) but after something of a backlash from the users, they had to relent. Why on Earth would you want people to know your “real” name? That should be for you to disclose when you want to and to whom you want to. If fact the necessity to present a real name will actually prevent transactions from taking place at all, because the transaction enabler isn’t names, it’s reputations. And pretty basic reputations at that. Just knowing that the apple of your eye is a real person is probably the most important element of the reputational calculus central to online introductions, but after that? Your name? Your social media footprint? (Look at the approach of “Blue”, a dating service for Twitter-verified-users-only.)
I don’t think this is a solution, because if I were to be on an internet dating site, I would want the choice of whether to share my name, or Twitter identity, or anything else with a potential partner. I certainly would not want to log in with my “real” name or anything information that might identify me. In fact, this is an interesting example of a market that does not need “real” names at all. “Real” names don’t fix any problem. Your “real” name is not an identifier, it is just an attribute and it’s only one of elements that would need to be collected to ascertain the identity of the corresponding real-world legal entity anyway. Frankly, presenting “real” names will actually make identity problems worse rather than better since the real name is essentially nobody’s business and is not necessary in order to engage in the kinds of transactions that are being discussed here. Forcing the use of real names will mean harassment, abuse and perhaps even worse.
What internet dating needs, and what will solve Mark Cuban’s social media problem as well, is the ability to determine whether you are a person or a bot (remember, in the famous case of the Ashley Madison hack, it turned out that almost all of the women on the site were actually bots). On Twitter it’s not quite that bad yet, because there are still many people posting there, but with bot networks of 500,000 machines tweeting and re-tweeting it is not in good shape. The way forward is surely not for Twitter to try and figure out who is a bot and whether they should be banned (after all, there are plenty of good bots out there) but Twitter to give customers the choice. Why can’t I tell Twitter that I don’t want bot followers, that I want a warning if an account I follow is a bot, that I don’t want to see posts that originated from bots that I don’t follow and so on. Just as with internet dating, the problem is not real names but real people.
Now, working out whether I am a person or not is a difficult problem if you are going to go by reverse Turing tests or Captchas. It’s much easier to ask someone else who already knows whether I’m a bot or not. My bank, for example. So, when I go to sign up for internet dating site, then instead of the dating site trying to work out whether I’m real or not, the dating site can bounce me to my bank (where I can be strongly authenticated using existing infrastructure) and then the bank can send back a token that says “yes this person is real and one of my customers”. It won’t say which customer, of course, because that’s none of the dating site’s business and when the dating site gets hacked it won’t have any customer names or addresses: only tokens. This resolves the Cuban paradox: now you can set your preferences against bots if you want to, but the identity of individuals is protected.
One of my acid tests of whether a digital identity infrastructure is fit for the modern world is whether it can offer this kind of strong pseudonymity (that is, pseudonyms capable of supporting reputations). If we can construct an infrastructure that works for the world of internet dating, then it can work for cryptocurrency, cars, children and all sorts of other things we want to manage securely in our new always-on environment. We have to fix this problem, and soon, because in the connected world, if you don’t know who IS_A_PERSON and who IS_A_DOG and who is neither, you cannot interact online in a functional way.