Dunbar Number & Group Cohesion (mapping social networks in massively multplayer games)
Phased ID cards?
They want it, they really want it! (with apologies)
When DRM goes mad.
Despite the desire, none of these were from me.

With the rise in the use of the Internet and online environments for social interaction, the use of a nickname to identify yourself is pretty much the norm. If you spend a lot of time online and use the same nickname time and again, it;s very easy to become attached to it. In my own case, I’ve been using cro (as in the domain name this weblog is hosted on, and my email address prefix) for email addresses, website names, forum logins and laterly as my primary identity on QuakeNet for more than 15 years.

Where I can I always use ‘cro’ as my identifier, it’s something I’m used to. So much so that I answer to ‘cro’ in the real world - and friends actually call me by that name. A couple know me better as ‘cro’ than as ‘Tom’.

So it was with interest I read a story posted on Slashdot on the subject of virtual identities, and the use of a nickname.

My Azgalor Paladin is running through Stormwind when I get a message from a GM proclaiming that my account is in violation of Blizzard policy and I must change my nickname. I try to find out more information, but I am kicked from the game. I have been CmdrTaco since April, but when I log in, I choose the new name: Violated. This experience has brought up a host of feelings on matters of virtual identity and virtual worlds.

(For those of you who don’t read Slashdot very often, CmdrTaco is Slashdot’s originator.)

The article makes very good reading, as well as making a couple of very interesting points about the nature of online identity and the attachments we can make to the way we express ourselves through our choice of online name.

In this virtual world, two levels gives me a couple new pieces of armor, and suddenly I am unrecognizable to anyone who may have run an instance with me. In guild chat, I am a total stranger to people I may have chatted with for months. My history with other players has been erased. It almost makes me wish that I spent my first 45 levels ninja looting!

There have been reports in the past about odd name change decisions in various massively multiplayer games, usually for apparent (but usually unexplained) violations of the terms of service, and most of the public postings made by those affected are full of indignation, however CmdrTaco takes the time to explore the effect the changing of his in-game name has had on his relationship to other players, and his attachment to his avatar.

Technorati Tags: Digital Identity, Identity, World of Warcraft, Slashdot, Virtual Identity

I posted recently about assumed identity and it’s impact on obtaining information about television programs I watch (via OTA broadcast) which direct me to a website I can’t access, and the impact on my music buying habits.

Phil Windley has offered up his comments on my frustrations, and associated the concept of assumed identity - or, as he eloquently puts it, presence (I like that term, it carries weighty connotations with it) - with Digital Rights Management.

One interesting side note to the whole issue of assumed identity and presence as an arbiter in DRM models is the case where I want to buy a certain album from iTunes, but it is only available to customers in a certain country. So I go to another provider such as an online store and buy the exact same album, for less, in it’s physical form, using the same payment card that iTunes won’t let me use to buy music.

And the music still ends up on my iPod.

Technorati Tags: Digital Identity, Itunes, DRM, Presence

I’ve discovered Last.fm, thanks to prodding from Julian Bond. I’d come across Audiscrobbler and Last.fm before, but not really paid much attention to them. I spent the time today, doing some searches for some of my favourite artists (椎名林檎, 東京事変, Judy and Mary, the brilliant green, Yuki) . After reading about the Last.fm audio player and ’similar radio stations’ I decided to give them a go - and I’m pretty much hooked now.

The most important thing is that it’s giving me a chance to listen to bands I’ve heard of, but not heard anything by. I can see that more of my music buying budget is going to drain away from iTunes towards CD Japan again…

There’s been a lot of press recently about Apple’s new video iPod (or more strictly, the new iPod that can play videos), and how you can now purchase episodes of TV shows for $1.99.

I’m having a bit of a problem downloading these shows. iTunes won’t let me, for the same reason I can’t buy music most of the time - I’m not in the US.

The assumption that’s been made in all the discussions I’ve seen about the new iPod so far is that the person reading the discussions lives in the USA - there has been an assumption of Identity information made about me before I even visit.

Unfortunately I don’t think we’ll see this aspect of Identity changing any time soon, despite people saying on the Internet, nobody knows you’re a dog. It is already assumed that I am one thing in particular based on my geography.

Can you see this website? (This is what I see.) The assumption is made that I am not interested, or not a potential customer, because something is assumed about me based on my location - despite being a fan of numerous TV shows from this company that are broadcast where I live. And despite this URL being prominently displayed as a source of additional information about the program.

The same goes - again, and again - for iTunes. It is assumed that because I live in the UK, I am interested in music that is released in the UK. It’s assumed part of my Identity is ‘this person is English’ and ‘this person speaks English’. Which might explain why most of my music buying budget goes to one website in particular rather than iTunes or local record stores…

In each of these instances, an assumption of my Identity has been made based on someone else’s description of the credentials I can provide - my IP address, or where my bank account is held. Neither of these things actually mean anything in particular about my Identity, and they’re outside my control.

Technorati Tags: Identity, Digital Identity

This is fun :)

In my response to a post on ringtone purchasing, Shekhar has responded to my response, which bears yet another response, but this time I think I’ll address specific sections.

I am not sure how can the third party deliver an application or service without information about the platform from which the ring tone request was sent.
For the most part they don’t - they require you to identify your own handset. This does lead to situations where the content you buy may not display on your particular cellphone - but caveat emptor!

But I am bothered by cell phone company as “big brother” who own the medium, authentication technology, and the gateway to ecommerce over an unencrypted medium which makes them a very big owner of information on user physical identity, habit, social connections (guess phone usage given you a good idea).
This is less an issue where pay-as-you-go phones are popular. In the UK for example I can pick up a cheap cellphone for about US$40, and there’s absolutely no record of who I am, and nothing for the mobile carriers to colledct about me, except that I used the handset somewhere. There’s no way of linking the handset to me personally.

A contract handset is of course a different matter. And yes, the carriers do hold sway over the gateway - but it’s a pretty leaky gateway.

In case of iTunes, the Apple is not in a good position to collect this kind of data and the transactions can not be correlated while in case of Cellphone the company can become quickly very powerful and start selling user’s habits and social contact info (without providing their personal information) to ring tone providers to allow them to better customize the ads etc on per-user basis.
I actually think it’s the other way around, as in it’s current form iTunes collects all sorts of personally identifiable information about me before I can use the service: My name, my gender, my age, my address, my email address (or at least a valid, working address) and my credit card details. Without these details I can’t actually purchase anything from iTunes (unless they’ve changed it recently).

Conversely, with a cellphone, all the content provider is concerned about is ensuring I have enough credit on my cellphone account (or I have a contract handset) - other than that they don’t typically care.

And on the specific subject of ads, the market for cellphone advertising is a nascent one, and one that’s already being very heavily regulated. In the UK you’re not allowed to market directly to mobile phones unless the customer has opted in, and you must provide an opt-out service free of charge (the STOP function). Companies who flout this rule can be (and have been) heavily fined. This regulation in many ways is actually being driven by the carriers themselves. For example, Vodafone in the UK will not let any third party provider use their SMS delivery network without registration and confirmation that the STOP function is provided free of charge (there’s a whole raft of guidelines).

One thing that has been noted already is that unsolicited ads sent to mobile phones actually have a highly negative impact on the end user, making them less likely to buy another ringtone or graphic, and more likely to complain. On the flip side, opt-in advertising works extremely well…

I am sure the silos within the company itself may be keeping this information distributed but as the integration of these identity silos are completed over time think of the information they have access to (if the ecommerce through cellphone takes off).
Interestingly it’s possible to provide these kind of ecommerce services using cellphones as the billing mechanism without the intervention of the mobile providers at all. They don’t have to be the ecommerce provider at all - all they become is the transport network. There does not need to be a link between the cellphone account used to pay for an item, and any information about the item itself, and there doesn’t need to be a link between the purchase, the cellphone and the person. And this does include items specifically designed to be utilised by the cellphone itself. (In fact, the web code to provide a form of microbilling for ecommerce sites using cellphone charging is a trivial excerise.)

I’m sure the cellphone carriers could intercept and perhaps log what information is passed between a third party content provider and the mobile carrier, but that starts encroaching on privacy and wiretapping issues. For everything else, there’s no reason to associate the purchase with the item - sort of like you don’t write down on your bank notes what you bought with them :)

Technorati Tags: Identity, Digital Identity, Federation, Federated Identity, Transient Identity, Mobile, Cellphones, Ringtones, iTunes

Watch this space for more interesting JSRs:

http://www.s-ox.com/Feature/detail.cfm?ArticleID=1159
http://politics.guardian.co.uk/homeaffairs/story/0,11026,1594645,00.html?gusrc=rss

Shekhar Jha has asked a question about cellphone purchasing habits, and what information is stored when you buy something, and linked it to the concept of federation.

I freely admit that I don’t know how the system works in the US - this is a market we want to get into, but we’re still looking for a suitable partner. In the UK, what information is stored about you depends entirely on who you purchase your ringtone (or other content) from.

If you buy something from your cellphone provider’s content catalogue, then they have access to a host of information about you, limited by the amount of information you provide to them. If you have a pay monthly contract for your cellphone service and you buy something from your providers online catalogue, then they can figure out your likes/dislikes, your buying habits, and combine them with demographic data.

However, if you have a pre-pay cellphone, or buy something from a third party provider, then the only information available for use is your cellphone number, and by derivation your carrier (which in around 1% of cases isn’t valid anyway, since number portability is available). There’s no other information available, since you’ve not given any extra information out. You’ve not had to pre-register to buy, you’ve not had to fill in any forms. The only identifiable piece of information about you is the cellphone number you used to buy the ringtone.

In terms of demographic information, I can tell you that GTIP customers are almost exactly spread between all four primary cellphone providers in the UK (the difference varies by around 1%). Other than that I couldn’t tell you anything else. I could possibly do some analysis and tell you how many customers had which games console (it’s skewed, about 70% have one particular console. If you want to know which one, drop me a line and we’ll organise something), and potentially how many have more than one console. I might even be able to figure out when people prefer to play games based on when they ask questions.

But I couldn’t tell you how old they were, whether they were male or female, where they lived, how often they bought games or anything like that. The information quite simply isn’t available. All we get from the carrier is the customer’s cellphone number, so we can send back their answer.

It’s been one of those months where a lot of information about a lot of initiatives has been released in a lot of areas, but it’s not until you combine them that something really interesting almost appears.

Let’s talk about web2.0 and AJAX, and some of the things that are now appearing. There’s Writely for word processing, Numsum for spreadsheets, Meebo for chatting, and lastly Netvibes, which, while not being new (or relatively new, and Microsoft have their own version), has provided the catalyst to what I’ve been thinking about.

I’ve been thinking about personalisation, and more importantly, portable personalisation.

(more…)

Toby’s posted on a recent meeting of privacy and identity exports in London. Whilst it’s only his interpretation of the meeting, some of what’s presented (especially the summary of findings) is interesting, and prompts more thought rather than guidance towards a final solution.

I particular, in Key Issues 2006, I like the mention of ‘Ambient’ information - what is this? Is it information about you that you have no control over? Information that is assumed about you? That’s derived about you?

Our relationship with machines (can you say Infocards?) is something else I’m currently exploring, and all going well (i.e. I get enough time today) I’ve got a post on the seperation of machine and identity when related to personalisation of services that’s about half-written.

Technorati Tags: Identity, Privacy, Security, Digital Identity