Author Archives: ErinRadar

Research Summaries: Digital Identity Cards, Estonia Takes the Plunge

Title: Digital Identity Cards: Estonia Takes the Plunge

Publisher: The Economist

This article discusses the digital ID system currently being implemented in Estonia. The digital identity is now an Estonian birthright coupled with their health insurance. The digital ID comes in the form of a small ID card used in electronic banking and ecommerce, health care, public transportation, email encryption and even voting.

The cards themselves only contain the minimum amount of private data necessary for identification. Lost cards can be terminated before the sensitive information is compromised. Estonians are also given a PIN code coupled with their ID to aid in identity verification.

This article cites the reasons the digital ID has failed in other countries being the governments careless keeping of sensitive data. Similarly, the Estonians had prior framework for a government that did promote a surveillance society, evoking trust from their citizens which is opposite to that of most countries. Estonia is currently working with other countries in the European Union so that other member states can interact with their different digital ID’s.

The Estonian digital identity has helped the economy to flourish from home businesses. The specific ID’s make ecommerce safer and less vulnerable to fraud, something too common to home businesses before the system was implemented.

“Soon, multiple satellite citizenship may even become the norm,” the author predicts. The author of the article concludes by arguing the main point is that a government or digital identity is no longer reliant upon location. This is only moving society closer to the concept of a universal identity but it also highlights the flaws of a virtual universe that is divorced from location.

Research Summaries: Digitally ID’ing Customers: An Inexact Science

Title: Digitally ID’ing Customers: An Inexact Science

Author: Sean Sposito

Published by American Banker, author Sean Sposito wrote an article titled “Digitally ID’ing Customers: An Inexact Science” explaining the current conflict between digital identities and an economy attempting to adapt. This article specifically addresses a digitally identity consisting of what information users supply as a consumer. The example given was of a bank consumer connecting to business partners on social media, unknowingly providing information to their bank, becoming a part of their digital identity. Consumers digital identity can refer to passwords, user identities, or even web cookies.

“We are creating digital identities to benefit banks,” says Nelsen. “Static passwords need to be replaced. We are working on EMV chip cards, one-time passwords and app-based security technology,” said Mark Nelsen, Visa’s head of rick and authentication of products.” Donna Turner of Bank of American however argues that consumers expect a completely virtual banking experience, something the bank industry isn’t equipped for. Turner states that transferring sensitive data required for banking requires “accountability, responsibility, and liability” of unprotected data.

Balancing the brand risk and financial risk of transitioning to virtual banking will not be simple but there is ample demand, which can drive a movement. Sposito ultimately argues the process of aggregating the information that comprises a digital identity makes the prospect of a completely virtual economy nearly impossible.

Research Summaries: Social Networking and Identity Theft in the Digital Society

Title: Social Networking and Identity Theft in the Digital Society

Author: Eric Holm

Presented at the International Conference on Digital Society in 2014, this paper by Eric Holm explores the relationship between social networking and identity crime. Holm begins by highlighting the positive aspects of social media such as creating new relationships, connecting with estranged relatives, and exploring new interest. He also highlights the increase in identity related cyber crimes as a result of the growth of social networking.

A digital identity refers to the information one chooses to share about themselves online, in this case specifically, social networks. Holm states that social networks are the main platform for sharing any and all information. He explains the obvious draws of social networking and why users are more likely to share their information under the guise of  “privacy”. Common information such as location, name, and age don’t seem all that personal, but it’s enough for someone to steal your identity – something cyber thieves are very aware of.

Due to their increased presence on social media, and perhaps their naivety, teens fifteen to eighteen are 43% more likely to fall victim to an identity crime. Holm suggest users ages fifteen to eighteen are also more attractive to cyber thieves because their more likely to have an income than say a twelve year old. Monetary gain is often the driving force behind identity crimes. Younger children are more likely to have their identity stolen so thieves can commit fraud. Children and teens are often aware they shouldn’t tell individuals their address, but often sharing information when prompted to “create a profile” seems second nature. Children and teens are also sometimes unaware of what information is sensitive and should never be shared.

Holm explains it can be difficult to prosecute cyber criminals for crimes committed using information obtained through social networks. Firstly, the “Right to Privacy” creates a legal gray area considering the user shared the information pulbic even if it was attained without consent. Secondly, it can be hard to attain evidence against cyber criminals operating through social networks because of the rapid transfers of data, essentially destroying evidence. Thirdly, the Internet is universal; meaning anyone anywhere could be looking at your information. It isn’t easy for governments to cooperate in a timely manner, if at all.

Holm suggests the solution lies with the user. He explains it’s important for users to be aware of what information is sensitive and where they share information if they choose to. Similarly it is important for parents to monitor the content their children share and teach why it’s important to protect your digital identity.

Research Summaries: Exploring the Digital Identity

Title: Exploring the Digital Identity: Beyond the Private Public Paradox

Author: Stacey M. Koosel

Author Stacey Koosel simply defines a digital identity as a persons identity online. However, she explains this can be a completely new identity, a subtype of a persons existing identity, or even who someone thinks they are. Koosel points out the sometimes overlooked complication with online identities – although they only exist in a virtual reality, their actions still affect the reality in the physical world. “Online existence in online communities and digital identities are merely web-mediated human interactions,” Koosel explains.

Referring to the Internet as the medium that allows digital identities to flourish, Koosel explains the medium creates a platform for new cultures and forms of interaction and expression to emerge. “Digital identities are the content of the Internet; they are the performers who draw in the audience, and inspire the passive audience to become more active, interactive and creative,” Koosel elaborates.

The amount of control and power that is coupled with digital anonymity plays a large role in the reasoning behind multiple virtual identities. Users have the power to selectively display parts of their identity online, something not possible in the physical world. This can present itself in the form of a pseudonym or new personality all together. Koosel refers to the commonality of changing ones personal identity as “plastic surgery of the psyche”.

This paper specifically addresses the concept of a “private” digital identity (in reference to users who have ‘private’ security settings on their social networks). Users who create a digital identity wish to be heard and contribute and participate in an online community, which is driving the need for privacy settings – users no longer trust sharing certain information online to various parties, but the fear of missing out and not being included outweighs the risks of compromised information. The idea of protecting already public information in the name of Internet safety seems redundant. Users willingness to put their lives, or digital identity, on display only under the condition that it’s private is quite ironic.

Koosel explains the phenomenon of Internet fame, which can result in a digital identity being introduced to the physical world. She uses the example of an anonymous blogger being asked to write a book. Once the anonymous blogger has to integrate into the physical world, they will no longer be anonymous and their name will be clearly printed on the cover of the book. The equal opportunity that the Internet provides creates a platform for users to assume any digital identity.

Similarly, Koosel argues the power of digital anonymity and creation of digital identities results in information in the hands of everyone – this means anyone can claim to be an expert on anything. With news stories going viral by the minute, it’s easy for anyone to fabricate information and gain a small following. This also creates the channel for users to decide what news is worthy of recognition by what information they choose to share.

Koosel concludes by reminding the audience of the surveillance culture we live in. Digital identities wouldn’t last in the physical world because a surveillance society doesn’t allow them to thrive the way the anonymity of the Internet does. Users forget that their invincibility doesn’t last once they close their computer screens.

Research Summaries: The Laws of Identity

Title: The Laws of Identity

Author: Kim Cameron

This document is a white paper published by Microsoft in 2005 at a time when the Internet was rapidly expanding but Internet security was underdeveloped. Cyber crime was flourishing and the public was beginning to grow wary of the new Internet frontier. Cameron clearly states that the issue with the Internet lies within its ambiguity saying, “The Internet was built without a way to know who and what you are connecting to.” She explains how users have become numb to websites requesting personal information because it’s become so common. There is no way to authenticate sites so users find themselves disclosing personal information to unreliable sources. Similarly, with so many sites requesting information, users are failing to keep track of their digital identities and what information was given to what sites. These deficiencies are allowing the cyber crime industry to flourish. Cameron predicted that at the growing rate the Internet would lose its credibility and would lose it’s new found reputation as a place for the economy to flourish.

Cameron argues a universal digital identity isn’t a realistic solution. She states that Governments and Enterprises need to distinguish themselves and their consumers online – a hierarchy is necessary – something she argues wouldn’t be possible with a universal identity. “A universal system must embrace differentiation, while recognizing that each of us is simultaneously—and in different contexts—a citizen, an employee, a customer, and a virtual persona,” she explains.

The white paper was written to suggest an identity metasystem, but this paper was also written prior to the emergence of social networks into society. Although the concept of this metasystem is interesting, an outcome of this concept was the creation of the Laws of Identity creating a foundation for what information should be allowed to define your digital identity.

The Laws of Identity

  1. User Control and Consent – The user must be aware of any parties requesting information at anytime and must consent to any information being collected. The user has complete control over the use of their information
  2. Minimal Disclosure for a Constrained Use – The least amount of information necessary for identification is disclosed to approved parties.
  3. Justifiable Parties – Similar to Control and Consent, both parties have to justify the requesting/providing of information.
  4. Directed Identity – Refers to omni-directional beacons requesting information. The law protects private entities connecting to public beacons potentially compromising personal information.
  5. Pluralism of Operators and Technologies – This refers to users right to have multiple virtual identities. If someone wanted to use a different identity than their work identity, they may be attempting to protect their tax information from their monitored work computer.
  6. Human Integration – By recognizing human interaction, cooperation, and participation as a key solution to solving the current ambiguity issue, it’s important for the identity system to relate to humans rather than other networks.
  7. Consistent Experience Across Contexts – All users should feel comfortable using one identity to make purchases, browse the web, at work, and at home, without feeling like they’re compromising their personal security. However, it’s also important users realize they have the right to multiple digital identities.

Cameron’s argument from 2005 is extremely important because it shows the foundations for a digital identity that had yet to even flourish. At this time, there was no concept of social media which completely changed users outlook on sharing personal information and what information was worthy to be shared. The Laws of Identity were meant to classify and protect users right to digital identities.

Research Summaries: Exploring Online Identity Reconstruction in Social Network Communities

Title: Exploring Online Identity Reconstruction in Social Network Communities: a qualitative study.

Authors: Chuan Hu, Li Zhao and Jiao Huang

Citation: Hu, Chuan; Zhao, Li; and Huang, Jiao, “EXPLORING ONLINE IDENTITY RE-CONSTRUCTION IN SOCIAL NETWORK COMMUNITIES: A QUALITATIVE STUDY” (2014). PACIS 2014 Proceedings. Paper 36.

This paper presented at the Pacific Asia Conference on Information Systems (PACIS) in 2014 investigates the construction of virtual identities on social networking sites. The paper begins by introducing social networking sites as a place for users to connect over common interests. Immediately, the concept of a virtual identity is introduced as what information the user contributes to their “profile” on various sites. This virtual identity is based on the information users do or do not provide. Online, users can assume the role of (ex.) Jim, Sears employee or provide different information making him Jim, soccer player or Jim, dad of three. All of the information about Jim, the Dad of three who plays soccer and works at Sears may be true, but his ability to selectively share information online changes his virtual identity. Some users take on another identity completely such as changing names or gender. This paper explores the reasoning behind altering ones virtual identity. The authors state their research question as, “What motivates people in social network communities to construct a virtual identity that differs from their identity in the physical world?”

The authors site two theories as foundations for their argument. The first, “self-discrepancy theory” argues that the concept of identity is based on three domains of ones self: actual, ideal, and ought. The actual self refers to the qualities or characteristics one (or others) believes they possess. The ideal self refers to attributes or characteristics one wishes to attain. Lastly, the ought self refers to the representation of the attributions such as personal responsibilities or obligations that someone ought to have acquired. The second theory, the “social capital theory “ can also be broken down into three domains: the structural, the relational, and the cognitive. The structural social capital refers to the general pattern of connections between individuals. This includes the hierarchy of relationships and the intensity. The relational social capital refers to specific individual relationships and their combined assets as a result of the specific relationship. Lastly, the cognitive dimension refers to “the assets that provide ‘shared representations, interpretations and systems of meaning.’”

The study performed sought to understand the motivation behind the construction of various virtual identities. The researchers found that users often reconstructed their identity online because they were given the chance to create their “ideal self”. Others stated changing or altering their identity online was too simple making it more appealing. “Online dis-inhibition” is a result of the lack of social norms constraining the virtual world – with anonymity comes freedom and power. These notions support the self discrepancy theory because it allows users to control the three domains of their self (actual, ideal, and ought). Some participants of the studies admitted to altering their personality in order to diversify their virtual social scene. The example given was of a nurse whose social network was saturated with other nurse and doctor coworkers; she went on another social network to connect with writers and diversify her virtual social scene in the process changing her identity from nurse to writer. The ability to have different identities on different sites supports the social capital theory because it allows users to expand their social networks and relationships as well as create new relationships based on different interests.