Identity Theft

iCloud is out in the wild as of today, and a whole bunch of us will now be tied to yet another “online identity”.

Back in the early days of the web most people got email service, and hence their email address, through their ISP. This was an early, and potent, form of lock-in. At some point some web sites appeared offering “permanent” and “portable” email addresses (i.e. you’d go to my_silly_name.com and get an email address like tonio@my_silly_name.com and it would be “yours forever” to redirect as you saw fit). I joined one such site (I can’t even remember what it was called) thinking this was a genius idea and the company folded before I had managed to convince all my friends to use the email address.

How many people stuck with AOL simply because that was their email address?

Lock-in of this kind continues to this day of course, typified by the gmail / hotmail / yahoo account that you’ve been using so long that simply downloading everything somewhere and then backing it up sounds too painful to think about. The IMAP protocol, which allows us to read and update our email without downloading everything, hugely facilitates this. (And no, I do not want to go back to the days of downloading all my email and then needing to move the files around, not to mention realizing that my desktop computer at home had sucked email off the server and deleted it before I could read it on the road.)

Once you recognize this phenomenon, you realize it’s everywhere:

  • Physical Address
  • Phone Number(s)
  • Fax Number (haha still have one of those?)
  • Email Address
  • Web Address
  • Twitter ID
  • iCloud ID (and its precursors such as MobileMe and Mac.com)
  • AIM ID
  • Skype ID
  • Facebook ID
  • Linked In ID
  • Google+ ID

And so on down the line.

It actually kind of boggles my mind that Apple, of all companies, has failed to unify and abstract out all this crap. Why, for example, do I have one app to check my voicemail messages, another to check my skype messages, another to check my SMS messages, and another to check my email? By the same token, when I decide to send a message to Bob, why do I first have to decide which communications channel I shall employ? Isn’t that the kind of thing a computer would be good at? I could understand if Apple only supported that subset of the above which had tractable APIs, or even excluded some because it didn’t like them for some arbitrary reason (strategic, aesthetic, or whatever).

A company called GrandCentral — long since acquired by Google, renamed Google Voice, and largely ignored — tried to address this issue for the rather obvious case of phone numbers. It provides you with a phone number that’s “yours forever” which you can then plug into a kind of virtual PABX which does all the neat kinds of things that call center systems can do (e.g. ring multiple phones simultaneously and then stop them all when one picks up, or ring one phone for a while and then another, or pick up the phone for you and let you identify yourself to the recipient before he/she agrees to take the call). It’s neat, it’s free, and it does a fairly good job of solving a tiny part of the problem — phone numbers, SMS, and to some extent email.

But we’re still left with the large and constantly evolving collection of pseudo-identities of which the list above is merely a transitory snapshot.

The flipside of all this is, of course, lock-in. Or, to put it another way, identity theft. If Google, say, solved all of this by letting your “google id” (your gmail address, say) act as router for all your communications then you’d really be at the mercy of Google, wouldn’t you? (And, of course, Google would be able to collect data on ALL of your communications. Hmm, people who call these numbers are usually shopping for cars, while people who call those numbers are probably interested in insulin.)

This seems like a problem that might need a bit of government intervention. By all means we might want to let private enterprise implement identity-based services, but we probably want the government to ensure that any such implementation doesn’t become a digital prison.