Public Stack Summit

Authenticiteit en reputatie in de digitale publieke ruimte

In dit onderzoekspaper reflecteert Waags CTO (Chief Technology Officer) Tom Demeyer op de betekenis van de digitale publieke ruimte. Bij het ontwerp van deze ruimte dient rekening te worden gehouden met een aantal principes, waaronder authenticiteit en, daaruit voortvloeiend, reputatie.


Authenticity and reputation in the digital public space


What defines a public space? 

In order to get a somewhat coherent picture of what we mean by a 'Digital Public Space' we first need to consider what we mean by a 'Public Space'. 

We often think of a public space as a city square, park, or maybe a street. We physically define it as a space where we can meet others, which is not claimed by anybody specifically. This has some validity, but does not seem to catch the essence as it refers to the strictly physical world; a public space might also refer to radio frequencies or access to other non-material resources. We feel that a more fundamental approach might be to define it in terms of something that can be claimed temporarily, either by individuals, or by communities. Even in the non-material sense, there seems to be a quality to the public space which we call 'locality'. This notion of distance can be physical, but also cultural, thematic or something else altogether. Mostly a public space is regulated, either explicitly in law, or customarily as in a village commons. Essential is that claims are temporary, and, to a lesser extent, that they are non-commercial. Another observation is that, at least in principle, access to the public space is equally available to all members of the community.

Online versus regular public space

To some extent we can define the idea of an online public space along similar lines. There are some rather fundamental differences, though. 

Firstly, the online public space is not a scarce resource. It does not 'run out'. Of course, storage and compute power are not free (in terms of funds, or environmentally) but, by any metric, they are vast. Because of this vastness, and the fact that the 'community' of the general online public space is effectively the whole world (those who have access, in any case), new and specific scarce resources are created: find-ability and attention.

Secondly, the online public space is not regulated and thus, one can stake a claim for an indefinite time and commercial entities have free reign. At this moment, an online public space in this sense does not exist.

Since many services, and especially social platforms, offer their services free of any direct charge, they are easily and erroneously seen as forming a digital public space (a narrative which is central to business models), where in fact these current digital spaces offer a product from the context of a strictly private space in which the rules are the ones set by the commercial entity ruling it. 

So, as a working definition we might suggest that an online, digital public space is a space of engagement:

  • which is equally available to everyone
  • where attention and find-ability cannot be monopolised
  • where commercial initiatives only find a very temporary and slippery foothold
  • which facilitates various metrics of locality, other than geographic ones
  • where the rules follow from the community and from basic principles and are mostly enforced through the fabric of this environment, i.e. the protocols that govern the presence of participants and exchange of data and media.

While we do not have the concept of 'nature' in the digital realm (some see the natural environment as a public space), we need to design the public space. It is not 'just there’. This is true of our physical public spaces as well, in all but the case of nature. Continuous effort is needed; in designing, building, managing and protecting the public space. 

Designing an online digital public space

The design process of this public space starts with the core values underlying the concept of the public space, how we govern it, how we sustain it and for whom. Much can and should be said about these topics; in this section we will focus on one specific value: authenticity.

We engage in the public space; we consume and we produce. We express, communicate, learn, teach, influence or simply let ourselves be entertained. Wether we consume or produce in the public space, in essence we are engaging in a relation. This relation could be one on one or one with many, it could be a conscious relation or an implicit one, and it could be real-time or taking place across years or decades.

There are occasions in which we do not care about the other parties in the relation: we simply interact. At the same time we may not care for the others to know us, we might want to be anonymous, or maybe our whole purpose is exactly not to be anonymous. Or maybe we have a carefully crafted alternate identity for a specific context. 

It is vital to realise that for all parties involved this is a continuous scale, from fully anonymous to fully identified, and that all positions on this scale fulfill proper and important needs. Sometimes these are needs that have life or death consequences (think, for example, of critical journalists in some countries).

When we take a leap of faith and suggest that an online public space can be defined through a set of values, governance rules, design principles and protocols (going up the stack), we see that in the protocol sphere we can (and should) facilitate this continuum of identification. Through verifiable credentials we can disclose attributes of ourselves which can be tuned to the circumstance with arbitrarily fine granularity. See IRMA for a mature implementation of this approach to identity.

Currently, these approaches to identity are mostly used or imagined in the context of authentication; i.e. in cases where access to a resource or platform needs to be limited to a specific set of users. A social security number for access to your tax statement form, a verifiable statement of residence for a municipal questionnaire. This approach works well in conjunction with the GDPR data-minimisation requirements, and it is an important step in assuring that our digital public space does not turn into an opportunity for free-for-all personal data collection. 

Authenticity and reputation

An equally important opportunity the previously mentioned protocols offer, is their application to authenticity, both of media and of participants. We live in an era of spam, bots, conspiracy theories, deep fakes and fake news. The social media platforms delete billions of fake accounts  as a matter of course, but miss billions more. Spam and phishing mails cost hundreds of millions each year. Clearly, the naive concept of a public space anonymously open to all will face some serious challenges.

Authenticity of people one deals with in a physical context is much aided by visual and behavioural clues that are absent in online interaction. Let's look at authenticity of online participants in practice. As an example of a platform in the online public space, take a health platform, which is concerned with an ailment that is particular to only some. The forum is open to everyone, but participants can potentially be labelled as either medical professionals, sufferers of the particular affliction, or family members. These labels are verifiable, meaning that there is an ‘authority’ that underwrites this particular claim. For doctors this is the health board, for sufferers it may be the hospital or medical specialist, and for family members it would be the patient. This is all arranged at protocol level and it is highly automated. The result is that discussions and experiences can be relatively anonymous, but participants can see at a glance (with a visual indication for instance) how to judge and interpret contributions. We do not need real names to participate authentically. Without such a label, participants can still join the discussions, but if one of them starts to praise the incredible effects of a particular medicine but is not labeled as a patient or specialist, people will be able to better judge the validity of these claims and maybe suspect commercial motives.

However, the implications of the use of these technologies need to be considered carefully. Naïve (technical, but, more importantly, social) implementations could lead to very undesirable effects. As an example, let's take a look at a non platform-specific quality in dire need of authenticity: reputation.

We might be familiar with the troublesome ratings mechanisms of hotels, restaurants or online retail platforms' product reviews. These are highly manipulable and can cause businesses severe headaches or worse, apart from potentially misleading customers or clients. 

But, more relevant to the current subject, people also carry a reputation as part of their identity. Operationalised reputation is very important, for a worker in the 'gig' economy, for instance, for whom reputation has direct impact on the availability of work and income (Temper, Uber). But also in a more general sense, as a car-sharing user, an Airbnb guest or host, or as an expert on 

There is no doubt that it would be very valuable when reputation (both of businesses and people) could be trusted to be authentic, and personal reputation could be made portable across platforms. A trustworthy and careful Airbnb guest may be relied upon to also take good care of the car you share with them. News items written by a peer-rated anonymous journalist might be taken more seriously than any old posting online.

Even though these ideas are about people substantiating claims they make about themselves (as opposed to the Chinese social credit system where claims about you are made by others: the state), the social effects could be similarly undesirable when generalised high reputation scores become a requirement for social participation. Careful research, discussion and design need to lead to both social as well as technical (protocol-level) implementations and schemes that will ensure reputation is robust against these sorts of detrimental social effects and abuse. 

Authenticity of data and media

Lastly, a public space is not only populated by people, businesses and systems, but also by data and media. Somewhat related to the previous topic of reputation, media is produced and data is collected by someone, and with a purpose. Then it is shared, adapted, changed or manipulated (or not), by someone else and again, this is done with a purpose. 

Until the advent of 'social' media and the internet in general, the medium carried (and still does) the reputation, and provides a certain context. An item in a tabloid would be read in a different frame of mind than an article in a 'quality' newspaper or an item on BBC News. As the source of messages (and data) becomes more diffuse, the context in which they are to be consumed is lost as well. This confusion has traditionally been exploited, of course, by the advertising industry, where a message is presented with a particular frame of reference (i.e. scientific, or 'young happy people') instead of the objective one of the business that needs to sell a product.

Digitally signing a message has been possible for a long time. This would let anybody know who the message originates from. This is less relevant in the context of commercials, as we know the message comes from the manufacturer of the tooth-paste, but more so in the current era of politically motivated (dis)information and deep fakes. What we lack is an infrastructure to authentically sign messages, and to do so with the needed granularity and the needed safe-guards for privacy. 

We do not need a full-disclosure identity for all media at all times; when we can sign our messages with certain attributes this can already go a long way towards interpreting them in the right frame of reference. When we (verifiably) know the item comes from a peer-accredited critical journalist-blogger, we do not need to know the name, especially not when he or she is working in a dangerous environment. The verifiable tag 'Dutch national' helps fight fake account on social media, as does the tag 'medical professional' in qualifying contributions on an online forum. The approach is the same as the one needed for the earlier mentioned verifiable credentials. The infrastructure and user-level design challenges are huge, but first steps have been taken. We cannot expect or require all media to be tagged or signed, but we do know that untagged messaged are just that, and can then read or watch them as such.

Although we cannot be too optimistic in the knowledge of state-level meddling, we can hope that verifiable 'tags' on media are a start towards more confidence with regards to the provenance of media and data and the frame in which to interpret them.