Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Pondering Digital Reputations

By andredurand in Technology
Wed May 01, 2002 at 06:22:55 PM EST
Tags: Focus On... (all tags)
Focus On...

Our reputation may affect our lives more than any other identity construct we have. Anonymity, Pseudonymity, and other such constructs are ultimately all methods to deal with the effects of reputation. Digital Identity will create Digital Reputations, and how technology handles this has very significant privacy and security implications...


The notion of a digital reputation first came up for me about three months ago in my discussions with Phil Becker, editor of Digital ID World (Digital Reputation is a major topic with Phil.) Ever since then, I've grown in my fascination with the concept of reputations, what they are and how a digital reputation might mirror reputations in the real world.

Reputations are both deep and complex at the same time, in one instance serving to amplify reality ("...she was larger than life.") and in another instance oversimplify it, ("...he's amazing."). Reputations are not limited to people, but can and do apply to groups, organizations, companies, countries, governments and even objects.

Having a good or positive reputation can serve to make your life easier, (e.g. "...of course I trust you, your reputation precedes you.") just like having a negative reputation can work against you, many times in ways that you'll never even realize (e.g. "...his resume looked like a perfect match, but when I inquired of others who knew him, I found he had a poor reputation as a team player, so I didn't hire him.")

What is a reputation and how might a digital reputation affect you?

First of all, a reputation is not something that's internal to you. Yes, it's *your* reputation, but you don't have a reputation with yourself per-se. Reputations only really exist within the context of your interactions with others, and therefore, a reputation can be viewed as existing in the space between you and others.

While a reputation can be thought of as distinct, separate and external to us all, it is inextricably linked to us. Reputation doesn't exist outside of the context of the owner to which it refers. In some instances, a reputation can become so independent from us that it 'takes on a life of its very own.' In these cases, reputations can actually drive how we act, rather than the normal case of how we act dictating our reputation. For example, sometimes we find ourselves acting in uncharacteristic ways, many times unconsciously, just to support an external perception of who we are amongst others that is no longer true to our being.

A reputation is comprised in part of what we say and what we do, over some period of time in some particular context of an interaction with others. As an individual, I might never know all of the different facets of my reputation, just as others might also never know every aspect of my reputation. Needless to say, reputations are important to us all because they affect us in very tangible ways, serving to make our lives easier or more difficult, depending on whether they are positive or negative.

The reason we care about our reputations is two-fold:

1) our reputation is often tightly coupled with our sense of self-worth, serving as an external reflection of who we are, or who we wish to be
2) our reputation can precede our physical being, serving to 'open doors' or generally make our lives more convenient or to close doors, in which case we are blocked from doing something or going somewhere, and we might never know why.

At any moment in time, our reputation is nothing more than a snapshot of our historical interactions with others. If the snapshot supports what we say about ourselves, then our reputation is enhanced (R+1). If the snapshot contradicts what we have said about ourselves, then our reputation is diminished (R-1).

As reputations bearing any weight and credibility are only built over time, it's difficult to truly circumvent their creation. This is why we learn early the value of 'borrowing' a reputation. Namedropping is nothing more than an attempt to place oneself in the positive glow of another's positive reputation, hoping that it will make our life easier in the process or gain us access to something which we would not normally have access to on our own. How many times have you specifically gone someplace with someone who you knew was bearing the credentials and reputation of being 'well-connected.' (e.g. "I'm good friends with the owner and he always lets us in for free.")

Reputations are likely the most important quality enabled by identity and I believe that digital reputations will likely become the core and central reason why individuals will choose to have a digital identity in the future.

eBay uses a simplified version of digital reputation to allow individuals to quickly see whether or not a buyer or seller is trustworthy in their ecommerce transactions. What if the concept of a digital reputation was expanded to encompass all facets of one's identity. The reason this is important is that I may be completely trustworthy within one context and completely untrustworthy within another. Let's examine the attributes of a reputation.

Attributes of a Reputation

What You Say - To begin with, many people believe that a reputation can be created by what they say about themselves. Bragging is in essence nothing more than a nave attempt to short-cut the creation of a positive reputation, often eliciting the exact opposite, which is a reputation that we are insecure.

Of all the ways to create a reputation, telling people what they should think of you is both the weakest and carries the least amount of weight in the real world. That said, what you say about yourself can serve to amplify a positive opinion of you if it is consistent with your actions (in the listener's experience). Likewise, what you say about yourself can negatively impact one's image of you if it is inconsistent with the listener's experiences with you.

What You Do - "Actions speak louder than words" embodies this attribute of an identity.

Nothing serves to more quickly establish a reputation than one's actions. When we say, "...what they say and what they do are two different things," we're really making a profound statement about someones reputation, namely, 'you can't trust what they say, because in our experience, they don't follow through.' One's perceived actions, combined with one's words, constitute the foundation of a reputation.

What's Public - Certain elements of our reputation are public, that is, generally known by us (the owner of the reputation) and by others who know us. I know that many people think of me as creative and honest, two elements of my reputation that I consider positive attributes. Because I view these elements as positive and because I'm aware of them, I work hard to reinforce them by saying and doing things which are both creative and honest.

Generally speaking, we work to reinforce positive elements of our reputation and diminish negative ones. If I knew that I'd been branded a 'tight-wad' when it comes to paying my bar tab, I might over-pay in the future to counteract a negative impression of my reputation as being generous.

What's Private - Certain facets of my reputation are private, and will never be known to me or others. Individuals who choose to create a new identity are doing nothing more than running from their reputation. The same way that individuals might attempt to conceal their past and reputation from others, others might also feel compelled to conceal elements of our reputation from us.

While many of us are aware of some of the negative attributes of our reputation, we will likely never be aware of all of them, and as a result, we'll never actually know when and where our future has been opened up or walled in and blocked off because of them.

What Context - Lastly, while in real life and in every day conversation we do in fact attempt to summarize an individual's reputation (e.g."...she's an amazing person."), the fact is, our reputation is contextual and it is quite possible for me to have a positive reputation in one area of my life with individual A and a negative reputation in another area of my life with individual B.

The Digital Reputation

While reputations have historically been somewhat vague and subjective, in the digital world they are likely to become more objective, binary and long-lasting (all the more reason to take them seriously). Biologically, time is a built-in eraser, allowing us to forget and move on. In the digital world however, where memory is cheap and caching the norm, our reputations are likely to become more persistent, at least in the areas in which the law has not intervened (e.g. driving tickets are erased every three years and bad credit every seven).

Probably more important, in the digital world, our various reputations which are today disconnected are likely to become more connected. If not by us, then by others. Think this is far fetched? Don't think for a second that my reputation as a frequent flyer is not in some way connected to my reputation as an individual who rents cars when I'm out of town, and that's just the beginning.

The fact is, systems specifically designed to create and track our digital reputations exist today. They are disguised as cookies, packaged as awards programs and renamed to convenience time-savers. As individuals navigate an increasingly complex and interconnected world, our slime-trails spell money to the private sector, and control to the government sector.

Having the digital reputation become an off-spring of digital identity, ensuring that we maintain control in how our reputations are built, and are informed of how they are used and accessed, is essential to our future as a free society that holds dear our right to privacy.

Andre Durand is a contributing writer to Digital ID World, the CEO of Ping Identity Corporation, and founder of the PingID Open Digital Identity Project

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Andre Durand
o Ping Identity Corporation
o PingID Open Digital Identity Project
o Also by andredurand


Display: Sort:
Pondering Digital Reputations | 56 comments (44 topical, 12 editorial, 0 hidden)
Examples? (4.00 / 2) (#3)
by arthurpsmith on Tue Apr 30, 2002 at 11:16:34 PM EST

I was going to suggest eBay, then read more closely and realized it was mentioned here very briefly. I think more interesting than the generic speculations here would be more specific examples where reputation plays a role right now, and some more discussion of the implications rather than just to "become more binary, objective, and long-lasting".

Personally I think the development of public digital reputation models like eBay's are leading to a fundamental shift in economic power away from the large corporations (on whose "name", "brand", or "reputation" we in the modern world have so much come to trust) and towards more direct person-to-person interaction, whether it be in commerce (eBay and co.), media (/., k5, blogs, etc.), or general exchange of information, art, cultural artifacts (mediated by Google etc.). Of course that puts enormous new power in the hands of those entities that create these new "reputation" frameworks - will that merely replace one set of large corporations with another at the top of the heap?

Energy - our most critical problem; the solution may be in space.


we're living in a bad world... (4.50 / 4) (#4)
by rohrbach on Tue Apr 30, 2002 at 11:27:21 PM EST

Of all the ways to create a reputation, telling people what they should think of you is both the weakest and carries the least amount of weight in the real world.

apparently, this is true for individuals, but not for those who pull the giant levers of the marketing and propaganda machineries.

Don't think for a second that my reputation as a frequent flyer is not in some way connected to my reputation as an individual who rents cars when I'm out of town, and that's just the beginning.

and this is exactly the point where the folks pulling said giant levers come in again.

creating a "digital identity" or "digital reputation" is needed in terms of our daily social and commercial interaction as a community. making the resulting transaction data available to third parties is not and makes certain corporations more powerful.

so, it's all about digital reputation? NOT (none / 0) (#7)
by rohrbach on Tue Apr 30, 2002 at 11:45:14 PM EST

from http://www.andredurand.com/

04.29.2002
Back to Fund-Raising...
Well, as a serial-entrepreneur, I guess I'm just going to have to get used to the constant fund-raising. This week I completed the most recent version of the PingID business plan and projections with the assistance of the Ping advisors and David Brode. I guess it's time to get back in the saddle again. What makes the world turn? -- Money.

no comment.


[ Parent ]

Maybe with money (none / 0) (#25)
by Wah on Wed May 01, 2002 at 01:01:48 PM EST

he can you buy you stuff.
--
Choas and order, flowing down the drain of time. Ain't it purdy? | SSP
[ Parent ]
so? (none / 0) (#49)
by rohrbach on Thu May 02, 2002 at 08:37:42 PM EST

SSIA

--
Give a tool to a fool, and it might become a weapon.
[ Parent ]
not really much of a point (none / 0) (#50)
by Wah on Fri May 03, 2002 at 09:04:56 AM EST

just that calling him out for the statement that you need money to build a successful business doesn't really make someone a money-grubbing whore. Which might not be what you meant by the conspicuous "no comment" and the emphatic "NOT", but that's what I took them for.

What is SSIA?
--
Fail to Obey?
[ Parent ]

fundraising (none / 0) (#52)
by rohrbach on Fri May 03, 2002 at 02:46:19 PM EST

surely fundraising is a usual process in building up a company from an idea. the word "serial-entrepreneur" rings the alarm bell here, but that's just my humble personal opinion.

fund-raising is not a constant process; when you invest in something, you should have at least a rough concept about where your revenues come from.

SSIA means "subject says it all".

--
Give a tool to a fool, and it might become a weapon.
[ Parent ]

Three Tiers of Identity (none / 0) (#16)
by andredurand on Wed May 01, 2002 at 10:21:49 AM EST

I wrote an article on DIDW called the Three Tiers of Identity. I'll beef it up and post it hear later, but I postulate that when T1 Identity finally exists, that T3 is going to change complete. See the article for a description: http://www.didw.com/modules.php?op=modload&name=News&file=article&si d=26

[ Parent ]
Right (4.50 / 8) (#5)
by qpt on Tue Apr 30, 2002 at 11:28:34 PM EST

Maintaining my reputation online is of paramount concern.

Domine Deus, creator coeli et terrae respice humilitatem nostram.

Isn't it? (5.00 / 2) (#8)
by jabber on Wed May 01, 2002 at 12:34:00 AM EST

You do go out of your way to maintain a very specific image. But that's not my point.

For individuals, in a context they do not take very seriously, building and maintaining a good reputation may not be very important. But if you are an authority, you have to be careful. Bruce Scheiner for example, can't go around spewing venom at Microsoft without giving corroborating evidence, and even then he has to be professional about it. This is where ESR and RMS suffer. They have a reputation for being authority niche figures - why niche? Because they're impulsive, spiteful hot-heads who throw tantrums when anyone makes a good counter-point.

Online reputations matter most to Corporations, and Digital Identity, I suspect, is looking at their own Digital Reputation through such Corporate eyes. Why they want K5 approval, rather than that of ventura capitalists is beyond me, but let's let them have their Crusade.

Ultimatelly, I think there are two issues to Digital Reputation.. Precision and Accuracy.

You are very precise about the reputation you create for yourself, but odds are that this reputaiton is not very accurate of you as a 'Real Person'. Conversely, entities which wish to seem authoritative seek accurate reputations, they want to portray themselves as they believe they are.

The difference is subtle, but significant. Microsoft and qpt both try to create a specific image in the online world, to achieve certain goals. The integrity of this image is just a characteristic of the reputation, not the reputation itself.

[TINK5C] |"Is K5 my kapusta intellectual teddy bear?"| "Yes"
[ Parent ]

*shrug* (5.00 / 4) (#9)
by porkchop_d_clown on Wed May 01, 2002 at 12:59:24 AM EST

I take great pride in making sure that people know I don't care what they think of me.


--
Uhhh.... Where did I drop that clue?
I know I had one just a minute ago!


[ Parent ]
Very Interested (3.00 / 2) (#12)
by Adam Theo on Wed May 01, 2002 at 01:26:51 AM EST

I'm personally very interested in digital reputation. After personal profile management and automatic contract negotiation, it is a field I'm hoping to really get into.

True, as others have pointed out, the article is pie-in-the-sky, and could do with a couple of hard examples, but that doesn't detract from its usefulness. I'm sure many people on K5 havn't thought about digital reputation much, but now see how it is a really important and interesting feature for the internet of the future.

BTW, disclosure: I am working with Andre on his PingID project.
-- "A computer geek free-market socialist patriotic American Buddhist."

Heh (4.50 / 6) (#19)
by trhurler on Wed May 01, 2002 at 11:09:42 AM EST

As the owner of one of the most substantial and probably ambiguous online reputations not possessed by a Slashdot editor or a ZDnet employee, I must point out that online reputation is severely overrated. Nobody worth knowing thinks the way you act online has any predictable relationship with reality, after all.

My suggestion is that there is no future for this "field" except in protecting paranoid know-nothings like corporate executives from seeing all the nasty email they receive from each other.

--
'God dammit, your posts make me hard.' --LilDebbie

And, (none / 0) (#20)
by roam on Wed May 01, 2002 at 11:30:02 AM EST

who are you again?

___
Are they like hamsters?
Specifically, can I tape up a chinchilla, slather him in axle grease, and shove him up my ass? - Patrick Bateman


[ Parent ]
I definitely disagree (5.00 / 1) (#21)
by andredurand on Wed May 01, 2002 at 11:38:27 AM EST

I'm not talking about your 'online reputation' that you create through your persona in emails and discussion boards. I'm talking about a real digital identity (something that only partially exists today for you, mostly in the context of your interactions with companies) and the history of your interactions with other digital identities.

[ Parent ]
Er... (5.00 / 6) (#24)
by trhurler on Wed May 01, 2002 at 12:50:27 PM EST

I see. So what you want is to create a sort of electronic papertrail of everything a person has done in his life with money. Thanks, but no thanks; my observation of the credit history system has given me more than enough reason to believe that such systems exist only for the benefit of corporations, and never for the benefit of individuals. (My credit is better than probably 99% of people my age due to some curious circumstances, but that's beside the point. Credit ratings are a way of screwing people over, not helping them. The deals I'm offered are reasonable; the deals your average schmoe is offered are just short of criminal.) Add that to the ridiculous invasion of privacy that's involved, and frankly your reputation idea can go slurp a shaft as far as I'm concerned.

--
'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
A "digital identity" for what additional (5.00 / 2) (#26)
by yankeehack on Wed May 01, 2002 at 01:48:09 PM EST

OK, I think you've probably hit upon what causing me so much cognitive dissonance with this asinine series of articles. So, here's my question for you....

What MORE do I friggin want to do online that I can't already? And why would I need an improved version of this identity?

I hate to break this to you, but I'm (and I'm sure alot of others) are ALREADY leading a digitized lifestyle. I can do everything from bill pay to managing my investments to checking my insurance coverage to shopping to working with my family practitioner online to teleconferencing with my family. I mean, heck, my kid was online (with her sonogram picture) even before she was born!

So why isn't my present "digital" identity good enough? What are the drawbacks? What doesn't work? What does work? How come a good chunk of the population won't go online? And most importantly, why? (With specific real life examples that perhaps I can use with my students and clients....)

THESE ARE THE QUESTIONS YOU NEED TO BE POSING IN THESE ARTICLES. STOP BEING SO VAGUE.

Apparently for some men, unused to the rigors of changing 45 diapers a day, refereeing 28 arguments over small pieces of plastic toys, and preparing more tha
[ Parent ]

Uh... (none / 0) (#31)
by trhurler on Wed May 01, 2002 at 02:34:41 PM EST

The reason most people won't do it? Three things. One, they don't know what's possible(this changes with time), two, they're old dogs and these are new tricks(your kids know how to program at the age of five, and after five years of "learning," grandpa still can't send email without help,) and three, most people are too stupid to reliably perform arithmetic, let alone engage in any real abstract thinking of the kind needed to make computer interfaces make sense. I realize the third may be controversial among some egalitarian dumbshits, but it is true nevertheless.

--
'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
Sorry trhurler... (none / 0) (#38)
by yankeehack on Wed May 01, 2002 at 04:18:31 PM EST

I really meant that little rant for Mr. Durand. :-P

Apparently for some men, unused to the rigors of changing 45 diapers a day, refereeing 28 arguments over small pieces of plastic toys, and preparing more tha
[ Parent ]

OK (none / 0) (#41)
by Adam Theo on Wed May 01, 2002 at 08:40:34 PM EST

I think Digital Identity isn't so much about new things, as it is about doing existing things easier and faster.

But you have inspired me to write some more articles that have meat and bones, and not just theorizing and what-ifs....
-- "A computer geek free-market socialist patriotic American Buddhist."
[ Parent ]

Interesting. (5.00 / 2) (#27)
by aphrael on Wed May 01, 2002 at 01:51:54 PM EST

There's an interesting implicit assumption in your statement here: that the identity i have formed in my interactions with companies is *more important* than the identity i have created here. (You use the term 'real' in a way that implies that my corporate identity is "real" but my non-corporate identity isn't.)

I think the bias implied by that assumption is a dangerous one; corporations are not the only metric of importance, nor are they the only judges of reputation --- and i shudder to think what the world will be like if they *are*.

[ Parent ]

My mistake... (none / 0) (#39)
by andredurand on Wed May 01, 2002 at 06:48:24 PM EST

Using the word 'real' was definitely a poor choice of words. Perhaps different would have been a better choice of words. Part of the problem I have and others when I speak with them about this space is that there is definitely lacking a lot of common vocabulary. We need to invent words just to speak about it. Lacking those words, meaning tends to run together and things can definitely get confusing. From what I gather in reading comments on K5 to this post, I already have (or am on the process of forming) a reputation based upon my words (the only form of 'interaction' on K5). For the most part, what I gather of the 'public' part of my reputation here is that people view my articles as vague. I can't argue with that as I know aleady that I think in ways which many people view as vague and so I'm sure it comes through in my writing. Agreed on your last statement. Corporations and your interactions with them will become one facet of your digital reputation.

[ Parent ]
Uh, yeah (5.00 / 1) (#28)
by DesiredUsername on Wed May 01, 2002 at 02:12:08 PM EST

I agree about the online rep being kind of dumb (though don't forget the NH guy that resigned over some Usenet postings). But as for your own rep, get real. Let's compare.

You
CmdrTaco
Rob Malda (same person, different name
And, as a baseline, my old /. nick and new K5 one (some of those latter ones aren't me, but that doesn't detract from my point)


Play 囲碁
[ Parent ]

Two things (5.00 / 1) (#30)
by trhurler on Wed May 01, 2002 at 02:30:27 PM EST

First off, I wasn't really referring to trhurler, but I bet more people recognize the name trhurler than do either of your names, and I specifically excluded Slashdot editors from my statement for a reason. I should also have excluded certain other kinds of celebrities; the point is, I've got as much rep as you can have without being famous in some manner or other. (And just because people will ask, no, I do not have any k5 account other than trhurler, never have, and cannot see why I would either.)

Second, Google searches are a lousy way to determine this sort of thing, as Google has nothing to do with how many people know of you or what they think until you start talking on the scale of literally millions upon millions of people. I doubt more than a few million people worldwide know the name Rob Malda or Desired Username or any other such thing, and of those who know the name, how many know enough about the person, even the online persona, to have a reasonably grounded opinion? I hate to break this to you, but Slashdot is definitely a subculture in a subculture, and however famous you might be there, almost everyone in the world has never even heard of Slashdot, much less you. In that limited context, I think my rep is probably as substantial as one can get short of really becoming a celebrity. I'm not esr(thankfully,) but he's not Mister Rogers either, and it pays not to forget the difference.

--
'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
I know I'm not famous (5.00 / 1) (#32)
by DesiredUsername on Wed May 01, 2002 at 02:34:57 PM EST

That's why I said "baseline".

So how do you establish who has a bigger online rep? And who were you referring to, if not "trhurler"?

Play 囲碁
[ Parent ]

Well, (5.00 / 1) (#34)
by trhurler on Wed May 01, 2002 at 02:56:12 PM EST

I was referring to my real name. The rep there has probably declined due to disuse(I don't post under it anymore,) but at one time, I was one of the more prolific Usenet flamewar participants, and Usenet had a lot more readers than Slashdot does. I don't want to post that name here, and while you might be able to find it, I wish you'd do me the favor of not posting it yourself:)

--
'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
I'll do you that favor (5.00 / 1) (#35)
by DesiredUsername on Wed May 01, 2002 at 03:01:41 PM EST

if by the remotest chance the need ever arises.

Play 囲碁
[ Parent ]
Heh (none / 0) (#36)
by DesiredUsername on Wed May 01, 2002 at 03:17:28 PM EST

Heh.

Play 囲碁
[ Parent ]
Heh (5.00 / 1) (#43)
by DJBongHit on Wed May 01, 2002 at 10:10:17 PM EST

at one time, I was one of the more prolific Usenet flamewar participants

I'm shocked.

~DJBongHit

--
GNU GPL: Free as in herpes.

[ Parent ]
Which reputation? (4.75 / 4) (#29)
by Cro Magnon on Wed May 01, 2002 at 02:21:18 PM EST

Most cyberpeople have at least 2 identities, maybe more. I don't give a flying fig if people on K5 or /. think Cro Magnon is a babbling idiot. I DO care if my boss thinks John Smith is a babbling idiot. I say dumb things online that I'd seldom if ever say in RL, and I sure wouldn't want what I say as Cro Magnon to be held against John Smith.
Information wants to be beer.
Neural Nets are what we use. (5.00 / 3) (#33)
by krek on Wed May 01, 2002 at 02:47:43 PM EST

A person does not possess their own reputation, a persons reputation is held by the individuals and groups that they encounter. A person has a seperate reputation for each and every person and group that they have ever met (although some people might get together and collaborate on the reputation that they will hold for a particular person). Each of these people has built their interpretation of your reputation through the various experiences that they have had with you, directly or indirectly. These experiences form their opinion by massaging their brain in essence. The neural pathways in our brain are constantly under revision and each and every experience will have it's way with your neural pathways. If presented with a stimulus, in this case an oportunity to determine the trustworthyness or reputation of an individual or group, that stimulus will ignite a neuron or a group of neurons, this will in turn have the usual effect of igniting or suppressing other neurons or groups of neurons. After exposure to a stimulus, a cascade of ignition and suppression follows and either the cascade produces the expected result, in which case the 'reputation' is reenforced, or it does not produce the expected result, in witch case the 'reputation' is revised in cases of small discrepancy or disreputed in cases of large discrepancy.

That is what reputation in real world terms is; a particular, expected, neural cascade in our brain.

What this tells me is a couple things;

One, we already have the hardware, or should I say wetware, to do proper reputation forming online, it is just a little new to us and we are still trying to figure out what matters to us in terms of trust in an online environment.

Two, that if we wanted to do a simulated version of reputation, neural nets are probably the way to go, and that the keys should be kept simple and in extremely large quantities.

Three, and most important, a person should NOT be in control of their own reputation, each person should maintain their own database of reputations of others that they encounter online. What I think of someone is my own business, and I would really hate to think that someone else was telling me what to think of a third party. The only way a person should be able to affect the reputation that they have with someone else is by behaving differently in their presence.


Nice (none / 0) (#40)
by andredurand on Wed May 01, 2002 at 06:50:36 PM EST

Some very good points. I'm going to have to ponder some more...

[ Parent ]
Then there's reputation betting markets (5.00 / 2) (#37)
by khallow on Wed May 01, 2002 at 03:18:10 PM EST

Here's a particular reputation problem. I make a prediction about a future event. Should you listen to me? As you may recall, I wrote a story about such a market, the Foresight Exchange. It doesn't solve the general problem. Ie, can I trust you under a given set of circumstances? But it does a decent job of weeding the chaff from the grain for making predictions.

Rather than dwell on the Foresight Exchange, I just want to make the point that economically, reputation is a tricky beast. If it takes a lot of work to make a reputation, but very little to destroy it, then someone with a reputation probably could be counted on in a situation with a high level of temptation. OTOH, if reputation building is easy, then there's no effective way to avoid cheaters.

An alternative to reputation is to not trust anyone else for anything (it is assumed that you can trust yourself sufficiently). Ie, if I wish access to a resource of yours, I must post a bond that gets paid to you if I misuse your resource. The escrow agent could be a third party we both trust, or in a world with no trust, it could be a manufactured program that we mutual create.

Eg, I enter in a contract with you that I'll do "A" if you pay "B". The program would contain dual parts from you and me. You're part would determine that the program does do what it's supposed to, and second checks that I indeed do "A". In a similar fashion, I make sure that your code does what it's supposed to do, and also makes sure that you pay me "B". A typical flow might be. You send the "B" resource (digital cash, whatever) to the program which holds onto it. I do task "A". Program checks that task has been completely properly according to the program provided by you. Finally, resource "B" is handed to me and program exits - presumably after issuing tailored reports of activity to both parties. With proper encryption of internal data, it might not matter where this program is run.

Raging paranoia may not seem the most cost-effective approach, but in a world with viri and worms, computer breakins, assumed and stolen identities, and potentially high levels of fraud, it seems reasonable to require payment for use of resources in order to reduce the misuse of nominally free resources. Eg, if you send an email to me, you must pay me. In turn, I must pay you if I wish to read the email. I guess the term is something like "hypercapitalism". Everything is for sale.

Stating the obvious since 1969.

A flaw? (none / 0) (#44)
by vectro on Wed May 01, 2002 at 10:19:35 PM EST

How do I know that the program you run on B is the same as the program you showed me?

“The problem with that definition is just that it's bullshit.” -- localroger
[ Parent ]
Re: A flaw? (none / 0) (#45)
by khallow on Thu May 02, 2002 at 02:46:15 AM EST

How do I know that the program you run on B is the same as the program you showed me?

There's also the parallel problem of how does the program figure out whether it's input is accurate (and in particular not fraudulent)?

In the former case, I can ascertain through challenge/response or hidden embedded data whether I am talking to the program or not. In the latter problem, the program can do the same to determine whether the data in question comes from the claimed source.

I merely state the obvious (see my sig) when I state that there are numerous potential flaws that need to be dealt with. The idea is that you want an environment where you can protect a resource (no matter how small) so that it is more expensive to exploit in an illegitimate manner than to pay me for use of the resource. Here's an example of why this could matter, a reference to TCP/IP over DNS. Here, DNS is a free resource, while TCP/IP apparently wasn't.

Stating the obvious since 1969.
[ Parent ]

Hidden Embedded Data? (4.00 / 1) (#46)
by vectro on Thu May 02, 2002 at 03:53:36 AM EST

It can't be hidden; if I have the source to B, and we are assuming it is clear enough that you would be willing to agree it does what I say it does, then it can't have obfuscated data.

Furthermore, even if you trust the program, you can't necessarily trust the operating system or the hardware it's running on. If it's encrypted, where do you store the encryption key such that I can't get access to it?

Your problem is equivalent to that of digital rights management, and there exists no solution: If I have enough information to make use of the bits, then I have enough information to duplicate them.

Continuing the equivalency, it would take only a single crack in the security (through obscurity) of your software for the software to become useless; once the algorithm is defeated, the crack can be distributed.

“The problem with that definition is just that it's bullshit.” -- localroger
[ Parent ]

We getting in it deep (none / 0) (#47)
by khallow on Thu May 02, 2002 at 12:00:19 PM EST

It can't be hidden; if I have the source to B, and we are assuming it is clear enough that you would be willing to agree it does what I say it does, then it can't have obfuscated data.

I don't believe that necessarily follows. Rather than attempt to stand on an increasingly indefensible position (we're going well beyond vaporware and my working knowledge here), I'll just say that perhaps it is possible to prove than an obfuscated program does what you say it does without revealing the internal workings. In such a case, clarity isn't required or desired. Further such a program can make itself more elaborate after it starts (I guess self-obfuscate or some such thing), or generate internal keys. It should be possible (so I blandly assert) to hide such activities even from someone who is observing the program in action (ie, all it's bits and activities).

Stating the obvious since 1969.
[ Parent ]

No. (none / 0) (#51)
by vectro on Fri May 03, 2002 at 01:41:04 PM EST

At least you're willing to admit we've exceeded your capacity for discussion.

Any proof of the correctness of a system will necessarily entail looking at the workings of that system.

Even if the program is obfuscated, that doesn't mean it can't be understood. And if I possess and control the program, then I have all the information I require to masquerade as it. Without hardware assistance, a program can't conceal data from the person whose hardware it runs on.

Come back when you have something more concrete.

“The problem with that definition is just that it's bullshit.” -- localroger
[ Parent ]

Reputation (none / 0) (#42)
by rcs on Wed May 01, 2002 at 08:49:11 PM EST

First off, I'll suggest going and checking one of the cypherpunks archives because this has all been done to death numerous times, and it would be bad to make conceptual mistakes that could be avoided by doing a bit of research.

Second. The nature of reputation or belief or trust is inherently a vector. If you even start to think about it in a scalar context, you're going to get screwed. It's touched on, but not really covered enough to make me think you realize this.

The interesting part of reputations or beliefs come in with transitivity, and the methods by which relationships (A,B) and (B,C) can make a relationship (A,C). Some things to look for in this are Bayesian analysis and the like.

Your reputation can't be said to belong to you, as it exists in the minds and perceptions of others. To say that that is yours is delusion on the largest scale.

The transitivity is the interesting part. And the hardest problem to solve. Another poster above me brought up the idea of neural nets, but this is again flawed, as you can't look at these from a system level. If you try to control or constrain a system from the top down, it won't be able to grow to the size or complexity it would otherwise be able to. You have to be able to get belief paths from the viewpoint of any node in the graph, and compute what it means from that node.

I beg forgiveness for the use of reputation, belief, and trust in this post instead of just "reputation". But when one thinks about it, talk of reputation boils down to beliefs in future actions based on the past. This is the terminology used in articles posted to the cypherpunks list, and I fear it has crept into other areas for me.

--
I've always felt that there was something sensual about a beautiful mathematical idea.
~Gregory Chaitin

Is it even a vector? (none / 0) (#54)
by pwayner on Mon May 13, 2002 at 12:06:20 PM EST

It's clear that using a scalar won't capture enough. Trying to measure the number of good things that add up to one bad thing is hard.

A vector sure has advantages because you can keep track of the reputation with multiple dimensions, but this is a bit flawed. Some elements cross into multiple dimensions and they often have strange cross-dimensional interactions. You can always try to have a tensor, but things start to look very strange and hairy.

I've always liked tagged data structures that let people build up graphs. Good things and bad things can be tossed into a big tree with cross-linkages. Sometimes a number is just wrong. Theft is theft and the amount is not a big piece of the puzzle. A tagged data structure or graph would avoid this.

Now, after saying this, I don't want to discourage anyone from using scalars, vectors, tensors or anything else strictly numerical. The gain in simplicity can be worth the loss of precision. Ebay's reputation system has plenty of errors, but high scores generally mean good things.



[ Parent ]
Vectors, Tensors, et al. (none / 0) (#55)
by Otto Surly on Thu May 16, 2002 at 11:41:20 AM EST

Rather than vectors, tensors, and so on, I think you just mean "collections of numbers", or something like that.

Vectors are elements in a linear space: that is, a space in which there are addition and scaling operations that work in the usual way. It's not at all clear that reputations fit in a linear space. Likewise, tensors are (multi)linear transformations on vectors, not just big rectangular arrays of numbers.

If you really want to start thinking about reputations in mathematical terms, you probably want to start thinking about properties of "reputation space" instead. It's not even clear at this point that it's a topological manifold (i.e., that it has a meaningful "dimension"), never mind nifty properties like being a differential manifold or vector space.

[ Parent ]

eBay (none / 0) (#48)
by levsen on Thu May 02, 2002 at 05:56:06 PM EST

I always wondered whether eBay knew what makes the worth of their company. Users don't and never will switch for one simple reason. They can't take their points with them. If you've racked up a 1000 points on eBay, people will do anything, write a $1000 check off to you without worring and yes, feel free to send the merchandise whenever you like, you are the boss.

The numbers can be found in the one or two spectacular fraud cases where people worked themselves to a high status and then one day ran away with $20,000 worth of unfulfilled orders.


This comment is printed on 100% recycled electrons.

My thoughts from our digital reputation system. (none / 0) (#53)
by burtonator on Sat May 04, 2002 at 06:10:03 PM EST

"Our reputation may affect our lives more than any other identity construct we have. Anonymity, Pseudonymity, and other such constructs are ultimately all methods to deal with the effects of reputation. Digital Identity will create Digital Reputations, and how technology handles this has very significant privacy and security implications..."

...

"At any moment in time, our reputation is nothing more than a snapshot of our historical interactions with others. If the snapshot supports what we say about ourselves, then our reputation is enhanced (R+1). If the snapshot contradicts what we have said about ourselves, then our reputation is diminished (R-1)."

Yes... I don't think that reputation is represented by a non-bounded integer. Generally it is relative to each peer based on the internal reputation graph.

Of course this could have just been notation which is perfectly valid.

++reputation;

"Namedropping is nothing more than an attempt to place oneself in the positive glow of another's positive reputation".

Specifically this is an outward edge from a node which has a high level of indegree (reputation) to a leaf node on the outside of the trust network. In human reputation networks this is easy to falsify (which is why name-dropping doesn't always work).

The reason this works is that the person you are talking to (name-dropping) has a certification to the high reputation node and is able to build a path from this node to your identity.

The OpenPrivacy reputations system takes this into account. In fact this is a large part of our Distributed Patron Protocol.

"Reputations are likely the most important quality enabled by identity and I believe that digital reputations will likely become the core and central reason why individuals will choose to have a digital identity in the future."

I actually think your reputation *is* your digital identity.

"eBay uses a simplified version of digital reputation to allow individuals to quickly see whether or not a buyer or seller is trustworthy in their ecommerce transactions."

Oh.. yes. Massively simplified. In fact these centralized systems are somewhat easy to build; Kuro5hin has one. The problems scale exponentially when you need to incorporate reputations within P2P networks.

...

"The reason this is important is that I may be completely trustworthy within one context and completely untrustworthy within another. Let's examine the attributes of a reputation."

Yes... ontological based reputation.

This is another major consideration. The main problem here is that ontology is very complicated. There are a lot of efforts in this area. RDF Schema, DAML , etc

This is going to be hard for users to work with. Initially the reputation system deployed within Reptile will not support ontology until we have a decent control that can manage the relationships and is easy for users to work with.

"What You Say - To begin with, many people believe that a reputation can be created by what they say about themselves. Bragging is in essence nothing more than a naive attempt to short-cut the creation of a positive reputation, often eliciting the exact opposite, which is a reputation that we are insecure."

Really? I never thought of that. I am not sure if this makes sense. Of course I lack perspective because I have had my head in reputations for a long time.

Khallow notes: "Here's a particular reputation problem. I make a prediction about a future event. Should you listen to me?"

This is really hard to do in P2P systems due to the fact that we don't have a global secure digital time service. Hopefully in the future but not right now.

krek notes: "A person does not possess their own reputation, a persons reputation is held by the individuals and groups that they encounter. A person has a seperate reputation for each and every person and group that they have ever met (although some people might get together and collaborate on the reputation that they will hold for a particular person). Each of these people has built their interpretation of your reputation through the various experiences that they have had with you, directly or indirectly. These experiences form their opinion by massaging their brain in essence. The neural pathways in our brain are constantly under revision and each and every experience will have it's way with your neural pathways. If presented with a stimulus, in this case an oportunity to determine the trustworthyness or reputation of an individual or group, that stimulus will ignite a neuron or a group of neurons, this will in turn have the usual effect of igniting or suppressing other neurons or groups of neurons."

Yes... Reputation is specific to local communities. These communities are ephemeral and their membership changes often.

Your comment on Neural Nets is a good one. Reputation systems to resemble neural nets in many ways. You should check out the Neurogrid project. I have been talking a lot with Sam Joseph so that OpenPrivacy and Neurogrid can work tighter together. At this stage I am waiting to get my reputation paper done before we move forward. (hopefully soon, certainly before ETC )

The spanning search stuff which will make it into Reptile/JXTA is interesting and you may want to read up on it. This is essentially how we are going to handle P2P neurological hookup.

Cro Magnon notes: "Most cyberpeople have at least 2 identities, maybe more."

This is why reputation is backed by a Nym (public key). This allows you to make as many identities as you want and they can all gain/loose reputation. Ideally you would want to keep nym creation to a minimum since it is hard to gain reputation.

...

Anyway. I am working hard to get our reputation paper out the door. I should be done a rough first draft by the end of the weekend.



Empirical reputation -quantitative approaches (none / 0) (#56)
by toddboyle on Mon May 27, 2002 at 12:45:04 PM EST

The goal of a reputation framework in markets is to provide the user with predictive information about the reliability of their prospective trading partner. That is the same thing as providing the individual with a mechanism for publishing progressive layers of our reputations in a way that is robust against abuse, and comprehensive against omissions of previous misdeeds. The most useful evidence in predicting anybody's future behavior is the volume of transactions faithfully performed in the past, over long periods of time, and having characteristics similar to the buying or selling we want to engage in today. Accordingly what is most important is a means of memorializing today's transactions, with timestamps and signatures, in a way making them useful in the future. Every individual concerned about the theft of your reputation by the financial services industry, and their exploitation and aggregation of all humanity's creditworthiness for their own unearned provits, ought to be thinking of saving yourselves from the trap by accumulating a robust history of you own transactions. I don't know how this will all be achieved but here is more, http://www.arapxml.net/reputationXML.htm, hth, Todd Boyle CPA kirkland WA www.gldialtone.com

Pondering Digital Reputations | 56 comments (44 topical, 12 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!