Elon Musk IS-A-PERSON for sure

Technology can deliver social media to real humans

You cannot miss seeing the news that Elon Musk, the renowned entrepreneur, has managed to buy Twitter. I am not qualified to say whether this is a sound business decision or not, although I see that in order to pay the interest charges due to the acquisition there will have to be a change in the business model from Twitter. Advertising doesn’t seem to be earning enough to service the debt and it may be difficult to attract more advertisers while allowing more “free speech”. Surely there will be issues around what the creative calls “brand safety” and as Barry Lowenthal said informationadvertisers really don’t want to be seen around particular types of inflammatory content.

Rather, it suggests a move towards a subscription model of the type Professor Scott Galloway has been calling for for some time. As a fairly heavy Twitter user myself, I think this is probably the way to go. If things are prioritized correctly, most users won’t pay anything, and users with millions of subscribers will pay a lot, which seems like a pretty reasonable way of arranging such things.

Thinking commercially, I would have thought that one way to make Twitter more appealing to celebrities, organizations, and brands with millions of followers is to make sure their followers are actually people. I’ve never worked in online advertising, but I guess real people are more valuable to advertisers than bots. Similarly, an obvious way to improve the quality of speech is to allow people to engage in bot-free conversations about important topics in the new public square.

Mr. Musk seems to agree with this view. He stated from the outset that if his multi-billion dollar bid to take over Twitter was successful, he would declare war on bots and “authenticate all real humans”. These are admirable goals. Personally, I wouldn’t ban all bots from Twitter (after all, many bots are very useful) but it should definitely be clear in your timeline which posts are from people and which are from bots and you should be able to automatically block bots. bots if you will.

Bots are a serious problem on social media, and not just because of spambots jumping on every post that mentions cryptocurrency, but because since the early days of the new medium, bots have been used to try to change the feeling. The Atlantic report on a “vast network of non-existent authors“Taking Russian government opinions out in the open, then turning them into articles for Western publications, which were then boosted by battalions of bots pretending to discuss the articles on Twitter, exemplifies the battleground of modern propaganda .

Same old fake news again

The specific problem of bots on Twitter has been raised many times. Entrepreneur Mark Cuban, for example, sparked debate a few years ago in say that “It’s time for Twitter to confirm a real name and a real person behind every account.” I’m pretty sure he’s got the real name part wrong, because anyone familiar with the subject of “real” names knows full well that they can make problems online worse rather than better. He’s right about the real person.

Let me use a specific, prosaic example to explain why this is so and suggest a much better solution to the bot problem. The example is internet dating. Internet dating is a good test case for anonymity and pseudonymity issues, it’s a mass market for identity providers, and it’s a better test of scale for an identity solution than to log in to do taxes once a year.

How then to bring the benefits of Numeric identity to this world? One way not to do this is to require “real” names. When dating platform OKCupid announced that it would require users to use their real name when using its service (the idea was to control harassment and promote community on the platform), there was had a reaction from users, and they had to give in.

I can understand the hindsight. Why on earth would you want people to know your “real” name? It should be up to you to disclose when and to whom you want. In fact, I could go further and argue that the need to present a real name will actually prevent transactions from taking place, because the basic catalyst for transactions is not names but reputations. And pretty basic reputations at that. In the case of online dating, just knowing that the object of your affections is actually a real person and not a bot (remember, in the famous case of the Ashley Madison hack, it happened turned out that almost all the women on the site were bots) is probably the most important element of the reputation calculation at the heart of online introductions, but after that? Your name? Your footprint on social networks?

There are many places where I wouldn’t want to log in with my “real” name or using information that could identify me: the comments section of national newspapers, for example. “Real” names don’t solve any problem because your “real” name is not an identifier, it’s just an attribute (there are a lot of David Birches) and it’s just one of the elements anyway would need to be collected to verify the identity of the actual corresponding legal entity anyway.

To advance

What social media needs, and what will help solve Mr. Musk’s real problem of being sure there is a human behind an account, is this ability to determine whether you are a real person or nope. This is why Mr. Musk was very specific in his choice of words. He said his intention was to authenticate humans, not for identify them. It’s an important distinction, and it points (I think) to a much better way for all social media to work, not just Twitter.

Surely the way forward is not for Twitter to try to figure out if I’m a bot or not, but to work with people who do. After all, determining whether I am a person or not is a difficult problem if you are going to go through reverse Turing tests or Captchas. It’s much easier to ask someone else who already knows if I’m a bot or not.

There are plenty of candidates. There is the post office I suppose. And school. And the doctor. In fact, there are many people who could testify to my existence. But a pretty obvious place to start in the developed world is with my bank. So when I go to sign up on a social media site, instead of trying to figure out if I’m real or not, the dating site can refer me to my bank (where I can be strongly authenticated using existing infrastructure), then the bank can return a token stating “yes, this person is real and a customer of mine”. In other words, the cryptographic evidence of the fundamental attribute IS-A-PERSON.

The bank shouldn’t say which customer, of course, partly because that’s none of the social media site’s business and partly because when the social media site is hacked, they won’t have a name or client address: only tokens. This solves a paradox: you can now set your preferences against bots if you wish, but the identity of individuals is protected.

What is crucial here is this IS-A-PERSON attribute. Twitter, for example, should mark my account as of unknown origin (i.e. I could be a human or an army of bots) until it sees that attribute. Of course, Twitter will want to see it in the form of a verifiable credential signed by someone that they can sue if it turns out I’m not a person after all, but you get the idea. So, when I register on Twitter, I am “unknown”. When they get a valid IS-A-PERSON ID from me, my status changes to “known”.

Mr. Musk has further suggested, in earlier tweets, that Twitter give users who pay for Twitter Blue (the subscription service that adds additional functionality to users’ accounts) a checkmark to show that their account has been “authenticated.” “. It would be distinct from what The Wall Street Journal called the “coveted blue tick that requires accounts to be both genuine and notable”. As this comment indicates, there are really two separate things going on here: there is the authentication that Dave Birch is a real person, and the verification that this particular account belongs to the Dave Birch who writes Forbes columns and play Dungeons & Dragons. Hence the need for a three-state solution. Once I am “known”, I can then be “verified” if I wish. Again, not by Twitter, but by someone or something who can attest to the fact, as shown in the diagram below.

In this simple diagram, “unknown” users appear in red, “known” users appear in yellow, and “verified” users appear in green (and with a blue tick, for historical reasons). Most normal people, I imagine, will leave their Twitter account in the default yellow setting of “known only”. Some people may want to go further with a green “verified only” setting.

Anne Marie Slaughter summed it up nicely, writing in the FT that “with the decline of traditional trusted intermediaries and the discovery that social media account holders may well be bots, we will need verifiability”. This is absolutely fine, and we need to build the networks capable of providing this verifiability or we collapse into a dystopian discourse where no one believes anything.

The reflex “show your passport to use Facebook”, or whatever it is, is not the way to obtain a better public place. Fortunately, there is no need. Technology means we can provide verifiability in a way that enhances privacy, so let’s hope Mr. Musk takes a creative approach that embraces the new possibilities.