Matt McKeon has created a great infographic to explain what is now automatically public for anyone using the default settings:

The bloggerati are incensed. Jason Calacanis writes:

Over the past month, Mark Zuckerberg, the hottest new card player in town, has overplayed his hand. Facebook is officially “out,” as in uncool, amongst partners, parents and pundits all coming to the realization that Zuckerberg and his company are–simply put–not trustworthy.

Video podcaster Leo Laporte tweets:

OK @jason has convinced me. I’ve deleted my personal Facebook account. I will delete the rest tomorrow during TWiG… http://bit.ly/aEgNVj

Peter Rojas – founder of engadget and Gizmodo – follows suit:

Just deactivated my Facebook account. […] You really don’t have control over your personal data and who it is shared with.

Geek opinion seems to be that the new social network Diaspora will offer users more respect and control. It is intended to run in a similar way to BitTorrent, with no central server and ‘friending’ equating to giving access to highly encrypted information on your own computer or hosted server space. It will be open-source and use open standards. So better?

I can’t really buy that. It may be a better solution, technically and even morally, but my father-in-law and ninety-year-old aunt are on Facebook: they will not be installing open-source software on their own server space. Facebook is the social network where I can communicate with non-geeks. (BTW, the non-geeks in my life are considerably more cautious than a lot of geeks about privacy online – very few of them have opted for public profiles). What’s more, on a technical level, Facebook already supports a raft of open standards such as OAuth and Open Graph Protocol as well as its Open APIs for creating third-party applications. If they saw demand, I’m sure they’d add more. I’d suggest that Facebook app vendors might think about creating services around privacy — ‘My Private Photos’, ‘Private Wall’, that sort of thing.

I’m not suggesting that the distress that’s been reported over declining privacy is a storm in a teacup. It’s not. But ultimately, the age-old advice that anything you write on the Web is in the public domain, so think before you post, remains a better solution than some kind of exodus to unknown and untried new lands. If one thing will persuade Facebook that it’s made the wrong decision and so reverse recent decisions on privacy, it would be people using it less.

It’s already a superpower on the Net; but it wants a lot more.

You’re probably already well-aware that the company introduced a couple of new features this week:

Community Pages – new pages around the hobbies, brands and favourite things you’ve included in your profile that automagically link from there. Your profile link will also appear automatically on these pages. You say you like ‘cooking’ – now you’re visible on the cooking community page.

More connected profiles – not just your favourite things, but also the places you studied at and the companies you worked for might have auto-generated pages. Again, your profile will be added to these pages without you having to do anything, such as make your own choice on the matter.

Like Button – instead of ‘become a fan’ buttons, there are ‘like this’ buttons. I actually appreciate this bit in some ways. Saying that I was a fan of a brand always seemed very fake. My relationship with most brands that I don’t hate is more along the lines of ‘it’s alright’. I would be 10X more likely to agree that I like them as opposed to being their bitch fan. The other side to this is that it’s available as a plug-in to third-party sites – giving publishers more information about yourself if you click their ‘like this’ buttons than you ever did by clicking on the old ‘share on facebook’ equivalent that you’re used to.

So, to sum up the changes…

What’s in it for Facebook?

Advertising placement opportunities: creating a page that links from your hobby of – say – archery allows archery-supplies advertisers to know that their ads are appearing on a very targeted page.

Better ad-profiling of your tastes through your ‘likes’ enabling more accurate delivery of behavioural advertising.

What’s in it for you?

Nothing.

Oh wait: the ‘like’ not ‘fan’ semantic distinction.

If you believe the hype, Facebook says that it’s “helping people find connections”. Like you need more random stalker opportunities and entrance vectors from spammers and malware distributors in social media.

How to get rid of it

You can switch off the automatic community and profile-connection pages in Facebook by logging in and then going to the Account menu (top right of the page), then Privacy Centre, then Applications and Websites. Once you are into that screen, select and switch off Instant Personalisation.

Robert Scoble, who took the picture above [thank you], is characteristically bullish about these announcements, but recognises that the company is treading on thin-ice:

So far I’m hearing all the right things from him and the employees around him. They know that this is a major, ambitious, move and they are going to move carefully and deliberately from here. They better or else we’ll see regulators move into control this business like we’ve never seen in our industry. One CEO, who asked not to be named, told me in the hallways today that Facebook is now a utility that the industry is going to rely on and he noted that utilities usually are heavily regulated to make sure that they don’t abuse the power they have over people and businesses.

I think that current regulation is sufficient, if it’s actually acted upon. The trouble is that few people understand their rights or are in a financial position to be able to fight for them. Furthermore, the existence of people who either can’t be bothered with Facebook or who have actively revoked their accounts means that the rest of the Web would be unwise to march in line behind a single leader.

Bruce Sterling “Shaping Things” (Lift09 France EN) from Lift Conference on Vimeo.

The video is of Bruce Sterling at the Lift conference last year, reflecting on his 2005 book Shaping Things. I’m going to summarise it, so if you haven’t got 22 minutes and a strong tolerance for poor audio editing, read on. It is about the Internet of Things, the idea and practise of giving objects in the physical world an Internet presence, through RFID tags, stickybits or somesuch.

One example is the Internet fridge that know when you’re running out of milk and orders some more. Another is Tower Bridge’s Twitter account. Proponents of this sort of technology imagine a future where everything is tagged – where you can Google your car keys to find out where you left them, or a clean pair of underpants. Shops could automatically charge you for the things you leave with, as you move through the scanner at the door. Theft becomes practically impossible since the location of objects is always trackable. Sterling coined the word ‘spime’ for these tagged, findable, identifiable objects – since they have co-ordinates in space and time.

In the video, he mainly talks about the ways in which his vision has gone awry or changed since he wrote the book.

Taxonomy – tagging or labelling things turns out to be trickier than it seems at first glance. This is the ‘magic word’ ontological problem. a) People disagree about the names of things — is it a bap, a barmcake or a bread roll? b) Our names for things change over time: e.g. ‘Web 2.0’ seems quite an old-fashioned expression now, just five years after its invention. c) There are numerous regional/demographic linguistic variations that actually describe semantic and psychological differences – seven words for snow in Inuit, that sort of thing. d) What about the components of the thing you are tagging – do they get tags too? And how deep do you go with that – if you started tagging a laptop, for example, where would you stop?

Ownership – tied with this is the problem of who does the tagging. Should it be the government and large corporations, as was the case with the implementation of barcodes? Or should these tags develop more democratically, a folksonomy, if you like? Naming is a form of ownership, so the latter may feel more politically acceptable, if not perhaps as well-organised.

Privacy and Tracking – Googling your car keys sounds like a cool idea, but what about if other people can do that? Who would you trust with that information and how could you control it? People are understandably anxious about revealing their location, the status of their underwear and so forth. Sterling suggests that there are ‘about a million bad ways’ to implement this sort of thing – and that we’ll probably try half a million of these before we find useful techniques.

Recycling – a possible big win for item-tagging is making us more aware of our waste, something towards which we tend to have something of a natural aversion. If we continue to ‘own’ the items we discard, it ought to make us more careful about their disposal and less likely to destroy the planet. However, we probably need to act a bit faster than this is likely to happen as a technology.

Sterling closes by remarking that these debates may just disappear as spimes become the norm. This seems likely to me, as uneasy as that makes me feel. We are very quick to change our social mores to take advantage of new technologies. I bought my first mobile phone ten years ago. Before that point, it was effectively impossible to make (or break) ad-hoc arrangements with friends that weren’t physically present. Now it is the norm, and we don’t think twice about it. The moral and social dilemmas surrounding this have simply become invisible.

Perhaps surprisingly, spimification is happening to people faster than it is happening to objects. Nearly all higher-end mobile phones today have an embedded GPS device and a unique identity code – its ESN – that connects it to you. The ones that don’t can still be located using cell tower triangulation. I would imagine that under some circumstances, probably more than we know, the authorities can use this as a Verichip (the chips people inject into their dogs – or children – so they can be found). The only difference between your phone and the ankle-bracelets they put on bailed prisoners is psychological.

That won’t be necessary in the future. The location status game Foursquare has more than three-quarters of a million members and allows you to voluntarily do this to yourself without MI5 lifting a finger. People are already turning themselves into spimes. You don’t even need to make a decision: the data you produce is already enough to reveal all sorts of information about you. Today, these behaviours may seem potentially risky, odd and perhaps egotistical. Tomorrow, it may seem equally odd – even suspicious – if no-one knows where you are and what you’re doing.

picture credit: *janina*

You’ll have seen this word flying about recently and it’s time for some explanations.

Err… don’t you mean ‘publically’? [’publicly’ if you’re American]

No. Well, in some ways, yes, I do. Let me explain.

In the past, there has been an assumption that privacy was the default state of human existence. It was only when you, someone or something else acted on that state that your privacy was broken. You did something ‘in public’, ‘went public’ or ‘published’. But if that was ever really the case — I’d argue that it’s partly a symptom of late C20th urban living — then it most certainly not true at this point in the early 21st Century. There’s a database entry just a few seconds after your birth that stays attached to you for the rest of your life. Everyone has got information on you — lots of it — from the government to the police to the supermarkets you use. And they’ll probably lose it or allow it to be stolen at some point.

Things get even worse when it comes to the Internet: your ISP is monitoring your data stream; Facebook is keeping your teenage indiscretions alive forever; Google is retaining your search history. Our brave new world of mobile applications sometimes seems particularly geared to recording (and judging!) your location to within a few yards using GPS.

So one part of the meaning of publicy is this status of not having privacy, for which historically we haven’t had a single word, so strong is the assumption that privacy is the natural state of affairs.

People aren’t entirely happy about this being the case, of course. And that draws in the second part of the meaning of the word. But first, some background…

We have strong personal, social, professional and political reasons for having an attachment to secrets and lies. While we’re told that we have nothing to fear from lack of privacy; unless we’ve done something wrong, in which case we deserve what we get. That’s not really true. In fact, it’s not true at all.

Secrets and Lies

Most religions and philosophies suggest that ‘telling the truth’ is a moral necessity. But this isn’t entirely the case. Secrets and lies are arguably essential to our psychological well-being. Certainly, they’re essential to everyone getting along without a fight every two seconds. By some accounts, we lie 200 times a day just to keep the peace.

Personal lies: ‘No, of course you’re not fat’; ‘No, it’s great that your mother is coming to stay’.

Social lies: ‘How am I feeling? Really good thanks’, ‘Oh yes, how is [child-name]? Do you have any more pictures?’

Professional lies: ‘great work, Bob’; ‘it’s been a pleasure doing business with you’; ‘we have the utmost respect for [competitor company]’.

Political lies: ‘We will cut taxes and maintain quality of public services’.

Secrets – probably best not to tell your mum that you take drugs, your wife that you fancy one of your colleagues; your boss that he stinks; your wartime allies that you think they are crass vulgarians. The place of secrets in our lives is more difficult to describe than the necessity of lying, but rather than dredge the literature right now, I think we’ll agree to agree (won’t we?) that we all have secrets and that their remaining secret is important to us.

The other difficulty is that this rise in public information has happened a lot more quickly that our society’s ability to come to terms with the consequences of that. We’re not especially good at forgiving and forgetting, for example, preferring instead to remember forever and condemn you for that one stupid thing you did five years ago.

So… Publicy?

Ah yes. The other part of the meaning of the word is very much akin to ‘publicity’. You see, there are two common tactics to coping with the loss of privacy:

Disinformation. Some 50% of teenagers post false information about themselves onto the Net. It’s been observed that if you look at the registration data, 10% of MySpace users are aged over 100, which seems rather unlikely, unless you factor in that you’re not supposed to register unless you’re 14 or over. [see the video below for more on this and other stats I cite]. Apparently, everyone lies on dating sites (men say they’re more successful; women that they’re younger and slimmer). If you counter the number of true facts about you that exist on record with a similar number of complete lies then the reliability of all the data is seriously compromised.

Curation. We make sure that the information that appears is, to the best of our ability, sanitised, presenting our ‘best side’. We untag drunken pictures of ourselves on Facebook; we don’t check in to FourSquare when we’re in McDonald’s and do when we’re in the Ritz; we remove ‘dodgy’ music from our Last.fm profiles. We use pseudonyms when we’re on networks that don’t reflect what we want to be part of our professional reputation. If someone or something is producing information about you, then you make sure to produce more, better quality information.

From the Economist’s report this week on Social Networks:

Research published last year by Pew showed that some 60% of adults are restricting access to their online profiles. In an earlier study the institute had found that, contrary to received opinion, many teenagers and young adults are also using privacy controls to restrict access to online information about them. Nicole Ellison, a professor at Michigan State University who studies social networks, says that over the past few years she has noticed that her students have become steadily more cautious about whom they share information with.

This corruption or correction of the information available about ourselves is the other side of the idea of ‘publicy’. Publicy isn’t the opposite or the death of privacy: it is the way we live when it is less available.

These ideas aren’t yours, are they?

No, ‘course not. To my knowledge, the word was coined by Laurent Haug, who founded the Lift conference among other achievements. Stowe Boyd wrote about this being the decade of publicy last month, with some great examples of the way different cultures accept certain pieces of information as ‘naturally to be disclosed’ or private. PR-man Brian Solis wrote about it last week, together with some fascinating data-points (taken from this study) about people’s attitudes to social networks that I’m still digesting. e.g.:

How do you pronounce it?

I don’t know: it’s that new. It’s either ‘publicky’ or [more likely] ‘publissy’. I quite like this ambiguity because it reinforces the dual meaning of ‘living in public’ and ‘generating publicity’. I also like that while it’s an utterly ugly word, this ugliness communicates its modernity rather well.

Anything else to say?

Maybe. Disinformation and curation both seem like coping mechanisms, both of which have drawbacks. Disinformation leaves a trail of lies and half-truths that might make a person seem like some sort of Walter Mitty fantasist when subjected to scrutiny. Curation requires time, judgement and skill — while it’s well-suited to a seasoned PR professional, it’s perhaps less so to those vulnerable people who will suffer most from complete disclosure.

Elements of society move at different speeds, as I’ve already remarked. Until we’re able to guarantee an internet Statute of Limitations on how long being an idiot lasts and under what circumstances it counts, then there will be a disconnect between the abilities of technology to record us and the abilities of the people we deal with to cope with that data. My belief is that it takes several decades — maybe two generations — for this sort of change. Until then, we’ll have to suck it down.

I don’t make any judgement on the fact that we now live publicy and not privately. That’s like railing against the incoming tide.

And this video?

It’s Genevieve Bell, an anthropologist working for Intel, talking about secrets and lies on the Internet at the 2008 Lift conference. I’ve cited it before, but it’s well worth a second look. Don’t forget to leave a comment, though.

Facebook founder Mark Zuckerberg is reported as having changed his mind about privacy. The recent set of changes to the site’s T&Cs in December – which rendered members’ names, profile picture, gender, network, fan pages and friends visible to the world unless they explicitly changed their settings – merely reflects societal norms,  Zuckerberg says. People aren’t that worried about privacy any more, he claims:

…in the last 5 or 6 years, blogging has taken off in a huge way and all these different services that have people sharing all this information. People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.

“We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are.

“A lot of companies would be trapped by the conventions and their legacies of what they’ve built, doing a privacy change — doing a privacy change for 350 million users is not the kind of thing that a lot of companies would do. But we viewed that as a really important thing, to always keep a beginner’s mind and what would we do if we were starting the company now and we decided that these would be the social norms now and we just went for it.

Facebook’s Zuckerberg Says The Age of Privacy is Over

As Read/Write Web points out, the suggestion that blogging and possibly Twitter have wrought a worldwide alteration in people’s attitudes to privacy seems disingenuous. While both are quite popular, neither forces people to reveal their identity to the extent that Facebook does. With 350mn users, largely concentrated in Western Europe and the US, the network holds considerably more sway over cultural mores than blogs. Facebook is not following changes in society, it is creating them.

And what is this suggested link between blogging and giving up privacy? There are plenty of anonymous blogs and pseudonymous Twitter accounts. Heck, there are plenty of personal blogs and Twitter accounts that don’t show as much personal information as a Facebook account. There’s nothing inherent in either blogs or Twitter that forces the disclosure of your friends, gender, appearance and affiliations, while it’s the raison d’être of Facebook.

The other thing is that right or not about social norms, Facebook has changed the rules mid-game. You’ve already disclosed whatever you decided to disclose to your friends on the network under the old rules. You didn’t opt-in for greater visibility than you initially signed-up to. While Zuckerberg may be cultivating a ‘beginner’s mind’, that might be less true of the people who joined the network before last December.

To be fair, Zuckerberg’s point of view, as expressed in this interview, is no different to that of most web-savvy people. If you go on the Web, then you leave an indelible digital trail — so get used to the idea and act accordingly. We’ve all known that for years. However, it is rather surprising to find Zuckerberg both acknowledging and promoting this view. The normal line taken by social network execs is ‘don’t you worry your pretty head about privacy – we’ll keep you safe.’ There’s commercial advantage in this. If people feel safe, then they’ll be more open about what they reveal about themselves. If people are more open, the social network will be able to better target users demographically and behaviourally. Its advertising will be more effective and thus more easily sold.

This new approach – ‘no-one cares about privacy any more: get over it’ – seems like a mistake to me, unless he is thinking that the traffic uplift from search engines will raise enough revenue to allow a swift IPO and exit before anyone realises what’s happening.

picture credit: Max-B

I am always suspicious of Internet ‘experts’ who pay homage to the digital natives idea. The idea that young people are not only generationally different from me, but also are psychologically different.

Perhaps it’s my age. Being over-40, I react badly to anything that suggests that I’m not long from the care home. But I also genuinely believe that dividing the population up in this way is lazy, divisive and inaccurate.

The line goes that young people nowadays, having been raised on a diet of MySpace and YouTube, are careless about their privacy, are immune to advertising and share everything.

This came up in one or two sessions of the Heroes of the Mobile Screen conference on Monday.

The highlight of the day, personally, was a panel of 16–18 year-olds giving feedback to the developers of new mobile services aimed at yoof and talking about their online and mobile behaviour.

Asked about privacy, the responses were really interesting:

“I try to take non-embarrassing photos of myself. But I like to have that security — if I have a daft picture of me, I like it to be my call that it’s published somewhere than someone else’s.”

“On Facebook, you share your photos with your friends, rather than with everyone. I like that.”

“I’m on every network, and with every network you can go to your settings and change your privacy settings.”

“I’m really worried about it. Not to the point that I won’t get on every possible social networking site you can think of. But I try not to make it not about me, and about what I’m doing with the public. It’s getting a bit Big Brother kinda thing — everyone knows what you’re doing.”

“I completely agree, I think privacy is such an issue. As much as I liked Flook, that was one issue with it. There is too much exposure, and opportunity to put something up that you didn’t agree to. But it’s something we’re going to have to accept and move with, it’s part of the times. Maybe better security would help.”

“I agree. But also, y’know, you’re putting yourself out to Facebook and everyone sees your pictures. And you can make them private if you want. I know my pictures are private and only my friends can see them. It’s just something we’ve got to live with. It’s not such a big issue.”

[Thank you Mobile Entertainment, for sterling reportage].

As you can see, these teens are certainly concerned about privacy, actively curate the content and information that appears about them on the Internet, and are savvy to controls that exist to enhance their privacy. The opinions of six London teenagers hardly constitutes exhaustive research, granted. But when you hear it ‘face-to-face’ as it were, it’s a lot more compelling than seeing statistics in a survey.

If you’d like more research on this, which largely substantiates this take on teen privacy, then I recommend danah boyd’s papers. More quantatative research is available in this Pew/Internet study.

[picture credit: Shavar Ross]

Life just got better. At the end of last week, Google announced that its personalised search had now become available to ‘signed-out’ users.

What does that mean?

Well, personalised search means that Google uses its history of what you have searched for before to provide more relevant results for subsequent search queries. It records everything you’ve searched for and every result you’ve clicked. This allows it to profile you and produce results that are more likely to be about what you’re interested in. If you live in Birmingham, UK, for example, and often click on results for places in that city, then you’ll be less likely to get results relating to Birmingham, Alabama.

Signed-out users are people who don’t log into a Google account prior to conducting a search. That would include people who haven’t opted in to have their search results saved. This is done through a cookie file saved on your computer. Unless your Internet privacy settings are set very high, this will happen without you noticing.

So, whoever you are, your search history is saved and analysed. Without your permission.

In a similar vein, the rollout of real-time search means that Twitter comments are instantly catalogued. And don’t worry – you don’t need to change any account settings or opt-in to anything. They’re doing it anyway. There really is no ‘undo’ button on the web.

Any lily-livered liberals clinging to outmoded ideas like a right to privacy need to move on. As Google CEO Eric Schmidt told CNBC last week:

If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.

Well, maybe I shouldn’t. Or maybe I just don’t think it’s any of your business. Or that you should ask me first.

Oh wait – you are allowed to delete your history and opt out. But you’ll need to explicitly opt-out of survei personalisation on every computer you use.

I really wish Bing produced better results.

Postscript: I notice Alan beat me to the punch on this and is typically incisive.

I mentioned this a couple of posts back. Delete discusses ‘The Virtues of Forgetting in the Digital Age’. Unfortunately, I couldn’t attend but the RSA has — as always — made the audio of the talk available to everyone. See the link below for details.

Google remembers everything we’ve searched for and when. Potentially humiliating content on Facebook is enshrined in cyber-space for future employers to see. The written word made it possible for us to remember across generations and time, yet now digital technology is overriding our natural ability to forget. Should the past be ever-present, ready to be on-screen at the click of a mouse?
Viktor Mayer-Schonberger, director of the information and innovation policy research centre at the National University of Singapore’s Lee Kuan Yew School of Public Policy, explains why current information rights and privacy fixes can’t help us, and proposes a simple solution - expiration dates on information.

RSA Event Page Here

We have no idea, do we, of where this stuff will be in the future?

“The Moving Finger writes; and, having writ, Moves on: nor all your Piety nor Wit Shall lure it back to cancel half a Line, Nor all your Tears wash out a Word of it.”

That’s what Omar Khayyam wrote. But it‘s rubbish, isn’t it, here in the digital world?

The moving finger writes and bits are written, but they can be unwritten at the drop of a hat. Maybe I’ll forget to renew this hosting account and domain name. And then it’s gone. Three years of writing down the pan. Link Rot is so widespread that there’s a name for it – even a wikipedia entry. Ask around for Geocities users, for example. My first proper website about Hamlet got wiped from Hypermart without explanation in 1999.

Oh hoh! – you say – if you are in a swashbuckler sort of mood. “But Ian, there is the Internet Archive and Google. They save the lot.”

Let’s take the two separately. The Internet Archive is a not-for-profit that may or may not exist tomorrow. Google will do what it has to. Maximise profit for shareholders. Its priorities are not yours.

Writing and Digital Writing have a key difference when it comes to history and permanence. The pen-written word is permanent – what is written in ink is in history, has happened, will always have happened. Digital Writing is subject to UNDO, link-rot, moderation, invisible and unlimited revision, and ultimately, erasure. Digital Writing is inherently unsafe, written in water, whatever the writer’s or publisher’s intentions at the time of publication.

On the other hand. I was talking with my friend Deirdre the other day about memory and the Internet. That the way we consider our past is reconfigured because we have continual access to the primary data.

The opposing case says this, and it also holds a lot of value:

I can see exactly what happened at *that* party four years ago because there are dozens of photos/videos/posts about it. The past doesn’t decompose the way it used to. While once upon a time, my memory of the party was that it was wild and enormous fun, the raw data might show that we were all over-intoxicated and some people were clearly not so happy. Twitter doesn’t currently archive, but it, or its successor, will do so very soon – and so we’ll have access to everyone’s impressions of the party as it happened, *then*.

And then we start to rely on it, perhaps. At the age of 14 I knew the capitals of every major country in the world. I don’t anymore, because what’s the point? I can Google it. So we don’t need to remember stuff. I used to know 10 phone numbers off by heart. Today I know none, because they’re stored in my mobile. So what’s the point?

There’s two strands to my thoughts here:

(a) We have semi-permanent access to our past. This enormously affects our ideas about our own history. They will be more ‘true’ in a way, but our understanding of what the reflexion of Internet publishing means is still very naive. Memory and the past is changing, but I don’t think we know how, yet.

(b) That we are eagerly abrogating responsibility for knowledge and also memory. My phonebook, pictures, thoughts — my people, my past – are in other people’s hands. And those people don’t care about my past or my memories. They might well get wiped. I’m anxious about that as well.

More anon.

I spent the day today at the Wealth of Networks II conference, the agenda of which was set out as the next-generation of the Internet.

It was a good event and the organisers managed to bring together some top-rate speakers in a great venue with rock-solid internet, for once. And it was free – yay for the ESPRC which created the funding.

The slight oddness was that all three of the three panel events at the conference, and one keynote, despite their ostensible themes, turned out to be about trust and identity online. I rather suspect that might have been in reaction to the top-down research model described in the first keynote which admitted that E70mn of EU research funding into the next ‘net was being spent without investigating users’ concerns or agendas.

We’re becoming increasingly aware that there’s an issue with the identity and trust thing. What are the headlines? Backlash against StreetView; Facebook’s T’s & C’s; stalking, bullying, frauds and impositions.

There are two poles in this debate that need to recognised and reconciled in whatever the Next Web brings.

Authentication is a good thing. Being able to prove that it’s you buying that DVD and accessing the details of your bank account; you (if you’re a 12-year-old-girl) joining that social network designed for 12-year-old girls; you registering your general election vote, should that come to pass. Tracking down cyberbullies, slanderers and child-porn disseminators also sounds good.

On the other hand, anonymity is also extremely valuable. If you’re in a repressive regime and blogging about that, then it ought to be possible. It should be possible here in the UK, if you stay lawful (I’m already inviting some big questions, to which we have no answer).

You might want to have separate professional and personal online personae – if you join a dating site, for example, you probably don’t want your colleagues finding that profile. Avoiding stalkers without retiring from online would be a good thing. Teens frequently maintain multiple personae to explore different social scenarios and make mistakes without (real) consequences, I understand, and that certainly sounds like a very good thing compared to the horror of my own teenage years.

So we need a way for people to prove their identity if they need to; to protect their identity if they need to. And about a million shades of privacy and open-ness in between.

The internet safety / government services agenda would sway towards everyone having a registered identity with some third-party, let’s say the BBC, who would act as a trust broker.

But how much are you going to trust anyone to be that broker? A panel late in the day highlighted several elements of grey in the word ‘trust’. For example, sometimes, a better word would be ‘confidence’:

• I trust that my bank won’t run off with my salary next month.
• I do not trust my bank to offer me the best financial advice for my individual situation.

So do I trust my bank or not? You see? The first example is better described as confidence. You know that NatWest would probably not be better-off running away to southern Spain with your month’s wages. It’s an informed gamble. But you don’t think they could be trusted with your finances full stop – you don’t think they’re all beautiful people who only care about your interests.

Trust (real trust) depends enormously on context and implies a belief in the moral character of a person/organisation/business. Most likely, a lot of the services we might be described as trusting (Banks, Amazon, eBay) would be better described as things we have confidence in.

Added to that, sometimes we have no choice but to sort-of trust. Helen Keegan pointed out that oftentimes we click through acceptance of a service’s terms and conditions, because there’s no real alternative. We either want to do banking online or we don’t – we can’t disagree with point 5 in the t’s & c’s and have them changed. It’s like it or lump it.

I don’t really trust anyone to be the trust-broker of my online identities – or yours, dear reader. Let’s look at the possibilities, currently:

• The Government. Obvious non-starter. I might be a dissident of some sort. (and *what!* 25% of government databases are already illegal)
• Government Organisation: e.g. BBC. Similarly flawed.
• Private Corporate: e.g. Google. Already massively failed in China.
• Private small company: might turn evil; vulnerable to hackers, potentially, eh monster.com. And who the hell are you, anyway?
• The UN: this is a possibility, but once the UN is hacked, then how do I recover my ID?

So this probably leaves the least neat, least integrated, least semantic possibility:

Lots of stuff. Regular password for stuff you don’t care about; unique passwords for stuff you do; OpenID and Facebook Connect and MyBlogLog and Google for social apps; NI number and PIN for government apps; Account Number and PIN for commercial stuff.

Messy. And I think it may be the case that ‘messy’ is the best solution to online identity, trust and anonymity for a long time to come. I can’t really imagine that computer scientists are going to be the people that manage to overcome that.

That is probably not what the ESPRC, or Southampton & Imperial Universities wanted me to walk away thinking today. But thanks again for the thinking.