what Pirandello, Rifkin and Pandora have to do with digital identity

In his 1926 novel one, no one and one hundred thousand, Pirandello talks about the struggle between our perceived identity and the masks that society force us to wear every day. It's a funny and bitter novel even today, subtly disturbing one of our most (apparently) firm belief: I am what I am.

Nowadays it seems that we live in a sort of permanent and digital DID, not even wearing multiple masks every day (at least one for every login we made) but also impersonating very different personas in every account we have.
To make a long story short, in the chicken-egg debate about

is technology shaping new behaviours or simply empowering old ones?

I'm definitively on the latter side of the question. Not only I agree with Jeremy Rifkin's position about a new stage in consciousness and empathy1, but we can safely begin to explore the fact that, aside from extreme behaviours, we are all inhabited by multiple selves, and there is nothing wrong with our "dissociative" digital life. The ancient Greeks got it right from the very beginning: the perennial fight of all their very characterised gods seems to shape very well what happens every day inside our minds (at least that's the direction the latest models about the mind are taking nowadays).

Let Pandora manage all your jars

In the real world, we probably have some secret places where we store things only for ourselves, things that can be meaningfulness for others or that we do not want to share or leave to others after our death.
We have some private places where we store things that are memories of our past or properties that we are happy to show to our intimates.
We have many protected places where we store things or properties, and we deliberately define who can access them (your bank account, your business stuff, etc.).
We have one or more public places where we share information about us (the public registry office, the church, the white/yellow pages, etc.)
And of course, we could do things in an anonymous way or even need to build a fictional alter ego of ourselves (especially if you work in the show business or open an ok-cupid account...).

Our digital needs are not so much different, apart from the fact that unlike in real life, in our digital otherworld things are very easy to copy and to send into the wild2.
Stealing is one of the most used verbs by RIAA, but the problem is that a physical object is very different from a digital one, and even the kind of rights you can place on them are very different.
To steal a jewel you need to move it from its vault to another place, and the robbed can't use it anymore. If you copy a file, both the owner and the thief can use it without problems, and, even worse, you can't tell the difference between them and neither trace with certainty the original author.
Of course, an even physical object can be copied, cloned, counterfeit, but it's costly, complicated, and most of the time it's possible to tell the difference between the original and the copy. This difficulty and simple but effective laws have been able so far to limit thieves and smugglers.
Until not so time ago, even for digital goods such as films, the cost of the storage and bandwidth was limiting the easiness of copy, but nowadays this is not a problem anymore. With costs out of the way, laws, judges and even the FBI can't stand the storm coming.

Therefore we need to build a precise and secure way to handle digital stuff, access, and authorship

Let's call it the Pandora jar security model.
For example, if we store something into a secret digital silo, we should be confident that nobody can access it besides ourselves (login and password are not enough, I'm afraid). If we move something outside of it, it can't go back (once opened, the Pandora jar can't be closed).
Our private silos instead, could be less demanding about access security, but again, if we move something outside of it, it can't be personal anymore.
The very troubled silo is the protected one. In an ideal world, the content of it should be accessible only as long as (expiring content) and to whom (restricted access) I desire; unfortunately, there is not yet a secure solution for the above requirement, for the latter, there are plenty of solutions instead.
The easiest to manage, of course, it's the public one: everything inside it can be seen/copied by everyone.
To me, the most interesting ones are the fictional and anonymous silos. The former because thanks to the internet we now have the freedom to express all facets of ourselves (as many as the ancient Greek gods) and impersonate as many alternative selves as our logins. The latter because is such a challenge nowadays to keep a portion of our data anonymous, that most of the times we simply give up.

We not only need new ways and places to store our digital assets, but we also need to clarify the way things go in the wild to make everyone aware (even the most digital illiterate).
One way to describe it is as DAG.
Every silo we own defines a particular level of security and anonymity on a straight path from the more secure/anonymous to the public.
The data can only be moved from one silo to another and inherit the security/anonymity level of the new silo, as in the following paths:

  • secret->private->protected->public->fictional
  • secret->private
  • secret->anonymous
  • secret->fictional

One final note. The fictional silo can originate both from public or secret ones, to grant or avoid traceability of the contained materials.

digital identity(ies)?

Now that we have defined the places, it's time to talk about who owns or can access them, and what are the needed features the files should have in such a model.

Current efforts towards digital identity are based on the practical paradigm one-person-one-id.
See for reference the India’s Ambitious National Identification Program called Aadhaar3, or on a smaller scale the Italy's initiatives called SPID and ANPR. Of course, all the major web service providers (Google, Facebook, etc.) are fighting too in order to make users use their own silos' login as the magic key to access a broader array of sites and services4.

Although practical, one-person-one-id does not fit very well with the actual way we live in the real word and in the way we use the internet.

  • the first problem lays upon the fact that they are only trying to link one real person to one digital record in order to make it easy to know and collect all the information about him or her. Useful but very limiting and dangerous, especially in non-democratic countries.
  • the second problem is that our digital assets are very property-resistant. Being so easy to copy and distribute around the world in a second, they need more than ever to be signed5 and indelibly attributed6 to one digital identity.

The two problems are strictly related. If we sign every digital asset with just one digital id, it could be too easy to look after everything about us: please do not think that, since we live in a democratic country this is not a problem for us at all. We are building a new tradition, which I hope will last for centuries, and we can not predict that the future will always be bright.

We need different types of id, at least as many as the data silos described above.

Digital identity can be stolen and used against us very easily: we can't put all the digital eggs in just one basket.
We need to keep secret things secret, even about ourselves, and the same can be said for anonymous and fictional stuff.
We should be able to destroy, swap, loose, change and even sell, perhaps, all our digital identities except the public one.
The latter should be managed more carefully and following shared democratic procedures.

But what about thieves?
In the digital world, if someone steals your identity, he owns your related digital properties.
If the stolen identity is the public one, there should be some procedure (that we have not yet) to mark it as such and link the person to a new one.

it's all about privacy, freedom, and democracy

Our present and future capability to handle the multiple digital identities and the appropriate silos where to store and share our digital assets will be determinant to maintain and grow our democracy and freedom in our digital future.

notes

  1. see Chapter 14 "The Theatrical Self in an Improvisational Society" in The Empathic Civilization

  2. see Wired or Harvard Business School articles for a detailed description

  3. OpenID doesn't change the equation either, aside from being an open standard

  4. see the 4th paradox in my previous post

  5. see public-key cryptography and digital signature

  6. see for example service like ascribe based on blockchain technology