<-- digital ecosystem | Transhumanist Terminology | disassembler -->


An alternative identity, secured through the use of strong crypto, the digital pseudonym is a mainstay of transhumanist thought. In its strongest form it offers the possibility of precisely controlling how much of your personal data leaks out to others. Victims of horrific crimes will be able to discuss their experiences without fear of being identified, the politically oppressed will be able to speak out without fear of torture or death at the hands of the local jack-booted thugs, those with different artistic sensibilities from their surrounding community will need not fear humiliation or ostracism. It is the hard-core privacy activist's wet dream.

Most variations of the idea revolve around the widespread use of several advanced encryption applications; public key encryption, anonymous digital cash, and effective trust networks are all required for the emergence of digital pseudonyms. While all of these are technologically feasible today, a lack of necessary legal and social infrastructure will prevent the emergence of digital pseudonyms for the forseeable future.

The core of the digital identity (any identity, not just "pseudonyms") is a pair of large numbers--the private and public keys of a public key encryption system. With these it is possible to establish that a message is from who it says it is from (authentication), it is possible to prove that someone said something even if they later deny it (non-repudiation), it is possible to detect changes made to a document after it has been signed (integrity), and it is possible to exchange messages with someone with no possibility of being listened to (privacy). Each of these functions contributes to the identity in its own way but integrity and privacy are of less consequence in the matter of digital identities than are authentication and non-repudiation.

The first function, authentication, by definition establishes the actual identity of the sender of a message. It does this not by identifying a specific individual, but by reliably tying two or more messages together as having originated from the same source. Since it can be verified that the same key signed message A as signed message B it can be verified that the same person authored both (or, at least, is willing to be held responsible for the contents of both). This allows for the creation of trust over time even between individuals who do not "know" each other in the traditional physical sense; it allows for the emergence of reputation and future consequences without which a functioning social framework cannot exist. It is possible to examine someone's prior messages and to use them as a guide to the reliability, intelligence, trustworthiness, etc. of the sender.

The second function, non-repudiation, is essential to functioning of the framework that authentication allows. A contract is of little use if one of the parties can later claim to have not signed it. Past messages cannot be used to indicate reliability if they can't be tied to a specific source. Digital signatures have been designed to make repudiating a signed message impossible, at least if you want to continue to use a particular identity.

The other features of encryption, integrity and privacy, are not as interesting in the context of digital identities. While it is a hard and fast requirement that messages not be alterable after signing it is more of a fundamental encryption issue than one specific to digital identities. Privacy in the encryption sense falls into the same category, even though a vastly stronger social form of privacy is the whole point of digital pseudonyms.

Public key encryption, then, provides the actual digital identity used as the pseudonym. It provides the mechanisms for verifying that two messages are from the same source, that the contents of the message are as the sender intended, and that the sender can't later claim to have not sent the message. But this isn't enough, it turns out there is still a more fundamental problem to be solved.

A far more insidious problem is how to determine who to trust in the first place. It's all well and good to be able to refer to your past interactions with someone as a guide to how they'll behave in the future, but that doesn't give you any guidance on whether you can trust someone the first time you go to deal with them. You can't just trust other signed testimonials, digital identities are so easy to create that all of the testimonials could originate from the same source. You can't automatically trust every identity you come across, not unless you'd like to find you and your wallet soon parted. At the root, the problem here is that even if you can verify that the encryption is good you still know nothing of the underlying intention.

Once again there is a technical solution to the problem which has not yet been widely deployed. Trust networks such as the one implemented by Advogato (although there are numerous others) can provide a mechanism to verify someone based on their past interactions with others. These networks work by having Tom vouch for John, John vouch for Mike, and Mike vouch for Susan. You can presumably trust Susan if you trust Tom. Properly implemented a trust network of this sort is demonstrably resistant to attack by malicious agents; the better of them are resistant to attack even if some of the attackers are highly trusted members of the network.

Even this leaves a problem, and it is likely to be this that prevents the emergence of cheap, throw away identities even if public key encryption and trust networks were to become widely adopted. Nobody is going to want to do any sort of business with a newly created identity. Without an established place in several trust networks and a history of interactions an identity is going to have serious problems functioning in even a limited capacity. Even if banks were to open accounts to purely digital customers, they aren't going to open accounts for an identity with no history (money laundering regulations guarantee this); customers aren't going to do business with a random email address that has no references, no matter how good the encryption (look at Ebay and the difficulty some first time sellers have); even retailers and service providers will effectively refuse to work with newly established identities by only accepting payment in forms controlled by large banks (such as credit or debit cards).

Establishing a new identity will be an expensive and time-consuming business. It starts with small transactions that provide low enough risk to the counter party to overcome their reluctance to deal with an identity with a short history. Given enough small transactions the identity will slowly find itself becoming more trusted and, thus, being able to engage more fully in a digital society. But this requires the time and attention of the individual that owns the identity, and in the end I doubt you'll see individuals with several identities that they change depending upon whim or context.