Would I want to use a Real ID?

I have been on Facebook for a while now and it seems like there are a lot of people out there who are also using this global social network website (750 millions at last counts). It is fair to say that even if it is falling short of some requirements (privacy) and expectation that some may have, it became one of if not the phenomenon of this decade. Mark has been very productive in the last few years and came up with some ideas on how this little baby of his should be.

From the closed college network to the global worldwide reach that it has now, Facebook has managed to gather a crowd of people that would deliberately give their private information so that they could be interacting with other friends using the same website. What is the initial attraction or the reason you were forced to get on it, it does not really matter; in the end you ended up pouring your data into it.

The one aspect that is slowly crawling out of this global user database is the notion of Real ID. And to most the lambda users this does not mean much as they do not see the point of using anything else but their real first and last name as well as other personal information on this website. After all, what would be the point of not showing that this is “me”, I would not be able to connect to my friends then and they would not be able to find me or interact with me?

And that’s how it all started, the initial requirement to connect to Facebook was to have an email address form the university in order to connect, this ensured that all the users where unique and they would be who they said they are. This created a fixed and reliable base of users that would then send invitation to their friends that they would know and thus increasing the reliability of the initial database. The fact that you can now open an account on Facebook with any name or email address does not really matter, because the large majority of the users are who they claim to be offline.

Then the concept of “connect with Facebook” appeared, a simple API that one could use on a website and that would enable you to use Facebook as your login and password to website and thus avoid the creation of a profile every time you want to be identified on some forum or write a comment somewhere.

This is a first step and it will be quickly be followed by another one, the possibility to use your profile as an identifier for online payment, a bit like paypal but with a lot more information linked to it. This would reinforce both the uniqueness of the user and the fidelity to Facebook. There is already a credit system that has been implemented for in-games such as farmville and from there a link with your credit card information is not far fetched.

However that is not what can be seen as the last step, you see a RealID is more than just a way to make login and online payment easier, it is also an international and up to date passport, with your personal information, your picture, your tastes and most importantly your friend network. If somehow everyone on the internet ends up with a RealID and you have made your profile private, you are still in the system, and it can still be used to give you access to websites and make payments. What would prevent Facebook from using this information to provide some others sort of service, like profiling data to use by paying customer?

The obvious case is targeted marketing where the data is used to try to sell you good or services that correspond to your profile, the advertising on your screen would be only what interests you and the product would look at your age rage, friends, relationships, history, family, holiday location, drinks, movies, hobbies even job and colleagues… But that is already in place, and Google is on the same track with the data they can collect from your emails and google+. That is what they are also trying to accomplish and there is no point in trying to deny it. However, since the human mind is twisted, let’s see what we can come up with if we push the envelope.

Let’s say that you want to apply somewhere for a job, you’d have a choice to login using your Facebook ID to fill in your application online or send it by the old mail or even better, a pigeon. The result would be that people would probably use their Facebook ID to log on. Then in the background, a service build by Facebook runs a check on you, on your friend list, the comments you posted, the pictures where you’ve been tagged.  This is compared to some predefined criteria and taken into account and even before your posted profile is filed to the company, your application can be rejected by the systems.

The HR resource does not even see the reason why the application is refused; on their end they just gave the criteria to Facebook to filter results according to their “company policy”. The check is done in the background and the result is a simple accepted or refused. A fee would be requested to companies using this service allowing you to pre-select candidates.

Of course this would probably kill Facebook or Google right on the spot if they allow such a use of personal data for discrimination purposes. However this type of check must already be done for some sensitive position such as government security or politically sensitive jobs.

However the concept of a real ID on the web can make sense for a lot of services and has been in the work for a while with the Open ID initiative. The concept is to provide a single log in and password that would work on multiple web site however there would just be a minimum amount of personal data attached to this ID. It is obvious what is the problem is with this one, you can have as many open ID as you want thus making the uniqueness of these IDs highly questionable.

Google is trying to request people to use their real name on google+ to prevent multiple profile from being created, it has not been welcomed by most of the defendant of personal privacy and I can understand why to some extend.

I am certain that one day we will all have a unique or at least as far as acceptable, unique ID system that will be used on the internet and will enable us to go to any online shop, forum, cloud storage and other services requiring to provide a unique identifier to grant you access to your data. This real ID should however remain impersonal and only used by you. You may display whatever name or pseudo you want on those site.

Imagine if you could be sure that you can block one spammer for good on your incoming mailbox, whatever email address he or she  is using, or that you can be sure that the items your are selling to someone on craigslist are to someone you trust because you know it is the same person as the one on eBay. When you are purchasing an application or a game, no need to input a key in or to have it attached only to a single machine, you can just use your RealID during the purchase and it would be automatically be valid the moment you log on. You don’t need to know who the users are or what they look like or how they are feeling in the morning, just that this particular user is not the same as the other one.

Maybe that could happen with the IPv6 where each one of us would receive a unique IP for ourselves this would be allocated to the machine we are on, the moment we use our RealID to log on… or something along those line. It should not be compulsory to access information and the it should remain remain as anonimous as possible if the user wants to.

That last point is the one that is causing all the problem in the current discussions. What happens in countries where free speech is not allowed? The moment a RealID is imposed, there is no way for those people to post, write, comment on anything that the regime would consider illegal and that would result in them beeing persecuted for. Therefore the option should remain possible not to use this RealID system and just make it a very attractive option to use with the possible signs that this or this user is using RealID but some others don’t. Not an easy task but one that has been growing in a box for a long time and just starts to crawl out.

So, for the time beeing the RealID concept is still fragmented and until it is unified into a single all purpose standard, this question will remain open. I would be using it for the conveniences that I mentioned before but I wouldn’t wand to be tagged and followed whatever I do or say on the web. Same as real life, if I apply for a loan I’ll give you my ID to check my credit rate, if I ask for direction in the street, you don’t need to know I’m a fan of DaftPunk and that I enjoy eating chocolate while watching Games of Thrones…