Читать книгу Identity is the New Money - David Birch - Страница 9
ОглавлениеChapter 2
Identity is broken
I am not made like any of those I have seen. I venture to believe that I am not made like any of those who are in existence. If I am not better, at least I am different.
Jean Jacques Rousseau (1712–78)
A letter in the Daily Telegraph’s ‘Money’ section (2 October 2009) sprang out at me because it exemplified the problem of identity in modern life. The letter came from someone who had tried to open a bank account with HSBC, but who didn’t have a current passport or driving licence. She wrote: ‘When I explained this at a branch, it was suggested that I ask the police station for proof of identity.’ She dutifully went to the local constabulary, who told her that they had never heard of such a thing unless she had a criminal record. Thinking it seemed odd that you can only have a bank account if you have a criminal record, she returned to the branch to be shown a list of documents that the bank would consider acceptable for the purposes of account opening, and this time they suggested a letter from Her Majesty’s Revenue & Customs (HMRC). She reports ‘I duly went to the local tax office, where the assistant said she wished banks would stop sending people there... they would not waste public money providing such letters for banks.’
The letter goes on to list the documents that she had presented and had had rejected by the bank: an out-of-date passport, a birth certificate, a current payslip from an employer (the local council, for which she had worked for more than two decades), a work ID card (complete with microchip), utility bills, statements from another bank, house deeds and a voting card. Any one of these would have got you a job with the bank, but not, it seems, an account.
In a way, oddly, banks don’t really care about your identity. They care about the credit history of whatever persistent persona you present to them. They are complying with stringent ‘know your customer’ (KYC) regulations. These have nothing to do with any real identity security. At the moment, if you come and open an account with, say, a North Korean passport, the bank cannot possibly know whether it is a genuine passport or not, but it doesn’t matter, since the obligation on them is simply to keep a copy of it. If they do this, and the passport subsequently turns out to be false, it’s not their problem.
On a practical, prosaic, day-to-day basis, identity is broken and we need a new model.
Police dog
Identity has been broken since the earliest days of the online world. Remember that old cartoon, ‘On the Internet, no one knows you’re a dog,’ from the New Yorker in 1993? When I first started going to Internet conferences, this was in every presentation, including mine, but I was using it make a different point, which was that although in cyberspace, no one knows you’re a dog, no one knows you’re with the Federal Bureau of Investigation (FBI) either. Come to that, no one knows whether you’re a real person or a police-controlled software agent, cruising the Net looking to ensnare miscreants in dirty deals! I said this many years before reading that this is exactly what law enforcement agencies were doing, going undercover with false online profiles to communicate with suspects and gather private information, according to an internal Justice Department document.13 I’m not being critical: I want the police to use the Internet to catch the bad guys.
The point is to flag up that the legitimate interests of law enforcement must be taken into account when we begin to think about how identity should work. This task is actually quite difficult, because the way that identity works in the virtual world is not an analogue of the mundane world.
Multiple personalities
When it comes to the virtual world, multiple personalities are both real and actually desirable. Using different ‘personae’ across different types of transactions will become natural to us. Just as you use a different email address for work and personal messages, you will use a different identity in work and personal situations. This is a good thing; having only one identity that you have to use in all situations is not.
Travellers to Iran are forced by police at Tehran airport to log in to their Facebook accounts. Their passports are confiscated if they have posted criticism of the regime, which makes me wonder why everyone doesn’t take the precaution of creating a dummy Facebook account in their real name. (I’m going to make one and post a paean to Iran’s spiritual leaders just in case I am ever detained by Revolutionary Guards and forced to log in.) But will this be enough? Remember what happened to the British film-maker David Bond when he made his noted documentary Erasing David about trying to disappear? The private detectives that he had hired to try and find him simply went through Facebook. They pretended to be him and set up a new page, using the alias Phileas Fogg. Then they sent messages to his friends, suggesting that this was a way to keep in touch now that he was on the run. Most of the friends got in contact.
So even if you are careful, your friends will blab. There’s no technological way around this: so long as someone knows which alias is connected to which real identity, the link may be uncovered. Probably the best we can do is to make sure the link is held by someone who will not open the box to anyone without a warrant. More on this in Chapter 3.
Progress?
The UK government has forced the banks to spend almost a billion pounds on the Current Account Switching System (CASS), reducing the time taken to switch bank accounts from three weeks to one. Yet if I, as a Barclays customer for nearly four decades, decide to go and open an account with Nationwide, I will still have to produce a physical copy of my gas bill and a passport, and they will still have to make photocopies to store. Why can’t I just use my very secure Barclays online banking login to log in to Nationwide and open an account? Surely Nationwide trusts Barclays – doesn’t it?
We have radio waves and transistors and a nuclear-powered robot trundling around on Mars but we don’t have a working identity infrastructure. But before we can say what this infrastructure should be, we need to determine the identity paradigm (in the correct sense of the word: a model of identity) and then develop a narrative around it. John Clippinger writes about the power of identity narratives,14 and I agree strongly, but we currently lack shared narratives in this area. We need stories to help people understand how identity should work, just as the story of Star Trek helped us to understand how communications should work.
Anglo-Saxon attitudes
We think about identity in the wrong way for today. We have a deep-rooted notion of identity that is only tangential to what identity really is now in an online, interconnected, networked nation. This backward-facing and now unhelpful identity paradigm has its roots in the industrial revolution, when we shifted from pre-industrial, local notions of identity to urban anonymity and bureaucracy. As part of this shift, we had to evolve new identity institutions alongside new identity paradigms.
Let me take you back to a time when an English-based international terrorist has been arrested for a murder overseas (using a bomb manufactured in Birmingham), leading to newspaper stories about the activities of a foreign fifth column, based in London but planning assassination worldwide. There ensues a government panic about the ease with which the terrorists are able to travel. This panic becomes linked with more general concerns over the identification of individuals. The British Foreign Secretary announces new rules for identity documents (including a higher price), public anger leads to new legislation being proposed, but the government’s bill is defeated and the prime minister resigns.15 Welcome to 1856. The British government has just launched the passport.
Since Lord Palmerston’s government lost that vote, mainly because of public resentment about French pressure fanned by the popular press,16 we’ve invented human rights, laser beams, microchips, universal suffrage and the Internet. Yet we have not invented a new version of identity and we (the British) are not at all happy with the old one either. Not all cultures feel the same. If you live anywhere else in Europe, you expect to be able to potter down and open a bank account with an ID card, not with printouts of utility bills, and you do not expect criminals to be able to open mobile phone accounts in your name (for a while the fastest growing category of identity theft in America).
It is certainly the case that these deep-seated attitudes in Britain mean that ID cards have only a ‘parasitic vitality’.17 In other words, they can never take root in the English body politic of their own accord but only by growing on the back of another, much bigger, issue. Thus, it was on the back of that Piedmont anarchist’s attempt to murder Emperor Napoleon III and the collapse of the British administration16 that the passport became the identity document we know today.15 Up until then passports had been general documents, not even including their carrier’s name, and the only way to obtain one had been to know the Foreign Secretary personally. The Earl of Clarendon, Secretary of State for Foreign Affairs at the time, said that the ‘British Government attached no importance to passports’ (so it is a wonderful irony that the anarchist mentioned above, one Felice Orsini, had in fact travelled to Paris on a passport issued to a Thomas Allsop seven years earlier by Lord Palmerston himself!18).
Post-industrial passports
Fast-forward to the post-industrial economy, and talk about an ‘Internet Passport’ is common but profoundly misplaced. Identity in the modern part-mundane, part-virtual world is utterly different to the ‘simple’ notion of identity rooted in our Victorian concept of passports and identity cards. There is no point in developing an electronic version of a piece of stamped, security-printed paper with a photo and personal information written on it for inspection. I’m not sure any such electronic version is capable of overcoming British or American resistance to identity cards, seen as instruments of state oppression associated only with foreign regimes, a view simply encapsulated in this idea that consistent identification of individuals is a necessary, although not, of course, sufficient precursor to a police state.19
Perhaps it is the mental model of identity itself, the essentially Orwellian conception of identity and surveillance that is wrong. Generally speaking, when critics lambast an identity scheme as Orwellian, they are thinking of an omniscient all-controlling state in which perfect surveillance, zero privacy and the total control of information combine to end terrorism, crime and even ‘thought crime’. Yet in criticizing schemes on these terms, I think that critics are sharing and propagating the same outdated identity paradigm, a paradigm that is rooted in paper and cardboard, where a person’s identity is seen as being singular and fixed, like a card in a card index, rather than multiple and changing; and in which the highly centralized information system that surrounds identity is concerned only with piping related information from the centre to the edge and back again.
As a technologist, I know that technology not even imagined by Orwell writing 1984 in 1948 can deliver far more surveillance than policymakers, civil libertarians, businesses, regulators and legislators realize today. The dangers to both individual liberty and society of ‘bad’ identity systems are much wider than was apparent to him in 1948 because of that same technology. As the Royal Academy of Engineering’s prescient 2007 report on Dilemmas of Privacy and Surveillance noted, we should not be concerned solely with surveillance but also with ‘sousveillance’.20 That is, we should not be concerned only with state snooping and intervention but big business, the press and our next-door neighbours.
The origins of the misleading and simplistic model of identity, the passport model, lie in border control. Today we should be concerned not only with border control between countries and communities but with border control between mundane and virtual communities. Indeed, as Catherine Fieschi of Demos wrote, this mundane–virtual border control may be a good basis for developing modern notions of identity and privacy.21 One might imagine a flight to virtual communities where mathematics (in the form of cryptography) provides a defence against crime and disorder that the metal barriers of a gated community cannot. If the community decides on a new law, they can enforce it instantly and effectively by excluding transgressors or by persuading them to exclude themselves.22
What will the post-industrial replacement for the passport look like? We need an identity infrastructure that admits different kinds of identities, some of which are fixed and some of which are more fluid. We want this infrastructure to deliver appropriate privacy and security. And it goes without saying that society needs this infrastructure to be cost effective; economics is an inescapable discipline.
The economics of privacy are, like anything else, a matter of trade-offs. The problem is that people can’t make informed decisions if they don’t know exactly what the trade-offs are. It’s an imperfect analogy, but consider the case of vehicle safety. Car manufacturers let consumers pick engine size, colour and the fabric on the seats, but not the design of the seat belt. Rather than let people figure out the optimal seat belt for themselves, experts pick a standard. We must be getting close to this point when it comes to identity standards.
The reason is that privacy is important. Privacy permits individuals to express unpopular ideas to people they trust without having to worry about how society will judge them. It is vital to democracy and it contributes to the ‘marketplace of ideas’ and the promotion of the truth.23 Privacy, however, is not enough. Private property creates social order and a peaceful society requires a clear allocation of goods and rules for their public use.24 In other words, as is well known, privacy needs security. So we need security as well.
A privacy paradox
One of the simplest ways to demonstrate both how non-intuitive some aspects of the problem are and also how the use of new technology can deliver new solutions is to consider what I have called the Chatroom Paradox. My kids want to go into chatrooms to discuss everything from computer games to saving the planet. I will only allow them into chatrooms if I know that the other people in the chatrooms aren’t serial killers, perverts and so forth. In order to make sure of this, I therefore want the name and address of everybody else in the chatroom so that I can validate them against sex-offenders’ registers. However, if somebody else in the chatroom wants my kids’ names and address to check them against a register, I don’t want to give it to them. What if there’s a mistake and they really are a serial killer or pervert? This then is the paradox: in order to harness the power of the Internet, I want full disclosure from everybody else who wants to be part of the subgroup but will refuse any kind of disclosure on my side. Stalemate.
Yet as we technologists will readily point out, through the miracle of public key cryptography, it is straightforward to implement unconditionally unlinkable identities which allow subgroup members to prove to each other that they are over 18, a British citizen, a Manchester City fan, or anything else, without disclosing their identity in a way which could be compromised.
This might also be a way to approach the challenges set out at high level in Hillary Clinton’s speech on ‘Internet rights and wrongs’ back in 2011.25 She called for (I paraphrase) freedom of communications for people that we like, but not for people that we do not like. It’s probably unfair to pick on her about this, because a great many politicians have called for the same thing without having any idea of how it might be achieved.
Such calls demonstrate that it is hard to think about identity and related issues in a networked world using the mental models of the ‘old’ world. As described here, though, we’ve been here before. The emergence of the modern passport involved more than the development of new technologies and techniques to document individual identity. It also required a critical rethinking of identification and identity.26 The result was, it is fair to argue, the emergence of a new identity, one distinct from how people had previously thought of themselves. The emergence of a new passport equivalent will lead, yet again, to a new form of identity, yet again distinct from how we think about ourselves now.