Have you ever thought of how reputation is created in cyberspace? Beth Noveck wrote an article, Trademark Law and the Social Construction of Trust: Creating the Legal Framework for On-Line Identity, (available on SSRN), in which she argues that, to determine what rules should govern on-line identity, we should look to trademark law, which has the best set of rules to deal with the way reputation is created in cyberspace.
The following is the abstract from Beth Noveck's paper:
Trust is the foundation of society for without trust, we cannot cooperate. Trust, in turn, depends upon secure, reliable and persistent identity. Cyberspace is thought to challenge our ability to build trust because the medium undermines the connection between online pseudonym and offline identity. We have no assurances of who stands behind an on-line persona or avatar; it may be one person, it may be more, it may be a computer. The legal debate to date has focused exclusively on the question of how to maintain real world identity in cyberspace. But new social software technology that enables communities from EBay to Amazon collectively to rate their members is giving rise to meaningful identity in an online context. To determine what rules should govern on-line identity and the use of such reputational data, we should look not to constitutional, copyright or tort law, but to trademark, the area of doctrine most closely analogous. Trademarks are the collaborative creation of the source of the mark and the buying public, which associates the mark with that source. The public's interest in the mark circumscribes the property rights of the individual holder. By applying trademark theory to on-line identity we can create a better set of rules to deal with the way reputation is created in cyberspace. One key consequence of this approach is the conclusion that in order to produce reliable and persistent on-line identity, past reputational data should be preserved and widely shared.
Reposted from the author's blog
By Cedric Manara, Law Professor. Visit the blog maintained by Cedric Manara here.
Related topics: Cybercrime, Law, Web
To post comments, please login or create an account.
DNS SecuritySponsored byAfilias | |
SecuritySponsored byVerisign | |
DNSSponsored byNeustar UltraDNS | |
MobileSponsored bydotMobi | |
IPv6Sponsored byNominum | |
Top-Level DomainsSponsored byMinds + Machines |
I've spent a lot of time thinking about online identity. David Chaum has written extensively, (and brilliantly) describing ways to provide irrefutable evidence of, e.g. citizenship or the right to drive, while preserving anonymity.
In my anti-spam work, authentication and reputation of identity is critical. We develop efficient and robust methods of authentication and reputation, such as CSV. Most of the concepts behind CSV are applicable not just to email spam, but to all spam, such as SPIM, wikispam, blogspam, etc. While they are not useful where identity must be tightly tied to an individual, there are many cases
There are different levels of authentication, analagous to the levels of authentication provided by PGP/GPG, S/MIME, DKIM/DomainKeys, CSV, etc (which vary depending on how they're used). SpamAssassin rules and Open Proxy DNSBLs, for example, are already widely used to prevent non-email spam.
Unless we want to help build a police state, folks must continue working on implementations other than ones that just tie an online identity to a gov't ID. I think it's great that this is continuing.