The truth about identity (part 1 - for bloggers)

Published November 25th, 2006 edit replace rm!

Identity is one of those things that technologists like to solve, and solve, and solve. The reason they keep solving it is that they don’t really go deep and analyse what identity is and what they are trying to solve. Oh, when saying they I should really say we as I’ve tried to reinvent the wheel as well.

So we keep inventing fancy ass solutions like Certificate Authorities, PKI, The Laws of Identity etc.

While out in the real world we have emails, DNS, passwords and cookies that we often look at as temporary solutions until the one Identity system that will rule the world kicks in.

The real reason that none of these identity systems will ever win is that they try to solve problems that aren’t important.

Identity is the information I need for an exchange to take place and be enforced if something goes wrong.

This might sound weird and strange but please bear with me in the following examples…

Identity between blogger and reader

If you are a blogger you are exchanging opinions to your readers in exchange for their attention.

Risks involved in the exchange is that people might attribute your opinions to someone else or that your statistics on visitors is incorrect for advertising or other grounds.

You let everyone read your posts, but want to identify the individual visits so you know how many people are reading your posts.

Thus you identify the individual readers by their IP addresses (actually your web log analysis software does this).

Your readers identify you through your domain name and through my content. I’m willing to bet that while there might be people who know my name is Pelle, I’m guessing the majority of my readers know me as Mr. StakeVentures.com. And that is fine as that is what is needed for my readers to differentiate participate in our exchange.

Our voice as our identity

Those of us who have subscribed to certain bloggers for a long time get to know the language, which is equally an identifier as the domain name. DHH style of writing is probably a more important identifier to his writing than his domain name. This has suited him well as he now blogs elsewhere, writes books and invented this little web framework. The same is true for amongst many others Doc Searls and Geoffrey Grosenbach’s

Identity between blogger and commenter

Now your readers are exchanging information directly back at you on your site.

Besides those mentioned above the extra risks involved are increasing:

You need to implement some way of avoiding this. One common way to avoid both of these is to use moderation (which I use here). Others are Captcha to identify that the commenter is actually a human being and not a computer.

I allow you to add a name, email and url to your comment on my blog but without verifying them. I don’t think that it is necessary to verify these. After all blog comments are not legal statements.

Comment identity systems

There are several blog comment identity systems out there. The most famous being TypeKey. They describe them selves like this:

TypeKey enables you to verify and protect your identity on the web. Enabling TypeKey on your own site increases accountability for the content that appears on your weblog and stops comment spam cold.

TypeKey is thankfully a fairly low-tech identity system but they commit the same basic mistake as the rest of them do. They think a centralized authenticating system solves the (very low) underlying risks in allowing comments on your blog.

TypeKey won’t stop trollers. If you were to troll you would just set up a few extra TypeKey accounts to go to mailinator. It might stop comment spam, but again I don’t think it would stop a really proactive comment spammer.

So you do get some benefits from TypeKey (I just nearly sold it to myself). But at what cost? TypeKey is relatively widespread so many of your readers already have accounts, but it will put an increased cost/burden onto your commenter. Many people don’t like registering for things like TypeKey, for the hassle, risk of spam etc. There are also many voices you will loose as they don’t want their comments linked to their other identities (blogs, work, spouse etc.) So basically the cost to you is that you will likely loose several potentially valuable commenters.

In the next part I will write about identity in web applications.

This has been an article in my legal category. You might also enjoy the very closely related articles Pragmatic Contract Law for Entrepreneurs and Understanding and preparing for Jurisdictions.

About me

Pelle gravatar 160

My name is Pelle Braendgaard. Pronounce it like Pelé the footballer (no relation). CEO of Notabene where we are building FATF Crypto Travel Rule compliance software.

Most new articles by me are posted on our blog about Crypto markets, regulation and compliance

More about me:

Current projects and startups:

Other under Legal

Popular articles

Topics: