Being seen as unsafe may be an even bigger risk than being uncool.

I’ve been saying this for years and have been on a soap-box about it for the past couple of months (too many meetings with social networking product managers). The problem is that cool becomes risk if it is a game meant to profit on your curiosity, let alone desire, especially when you lack any means of authenticating “friends”.

On the one hand articles like the one in Fortune could make my job much easier, but on the other hand it’s not clear they know what they’re dealing with. For example, the article reports that MySpace has responded to critics by hiring a litigator to “secure its borders”. However, you’ll note that the crisis is from members within a community — they operate inside the MySpace borders.

…on May 1 MySpace hired a lawman: 41-year-old father of four Hemanshu Nigam, whose entire career seems to have led to this point. Born in Kanpur, India, Nigam moved to Connecticut at age 3 and later studied law at Boston University. He began his career in Los Angeles County as a prosecutor who busted gangs and sexual predators.

Then he worked as a federal prosecutor in Washington, D.C., specializing in child-pornography, child-predator, and child-trafficking cases. “I prosecuted over 100 child-molester and Internet-predator cases,” he says. “The things I have seen you don’t really want to write about.”

Nigam took a break of sorts to spearhead antipiracy strategy for the Motion Picture Association of America, but in 2002 he joined Microsoft as head of its child-safety security team. When MySpace came calling, Nigam’s friend Ernie Allen, president of the National Center for Missing and Exploited Children, encouraged him to take the job. “We’re one of the first sites to face the challenges most people will face in a social-networking environment,” Nigam says. “This is a leadership opportunity.”

Seems like he’ll be good at detection and enforcement, but what about prevention? Is he introducing new identification controls for participation in the MySpace community or just helping them crack-down on abuse more efficiently? My guess is the latter.

The magic bullet for MySpace would be the ability to verify a user’s identity and age with absolute certainty, but even if that were possible (think: invasive biometrics), there would still be no telling someone’s motives. It’s a puzzle for Nigam and a critical test for a gawky site in transition. There’s a reason, after all, why the kids keep going back to MySpace. It’s where a person can be anyone he wants to be.

Wonder why they judge biometrics as “invasive”. Could it be because it might be tied directly to an actual person? “Absolute certainty” will probably never exist, especially with current biometrics, so that seems like a fruitless objective. Interesting to consider that if they used fingerprint readers they could do a scan of the registered offender database during registration…but who among the teens would want to join a social networking site tied directly to law enforcement? Might as well start holding rock concerts at the local police station.

“Magic bullet” seems like a poor choice of words to me in this highly charged topic, but in any case I think it should be fairly obvious that “be anyone he wants to be” and “be a predator” are overlapping but not synonymous; even if you do not know motives. The simple answer, ironically, could be to take advantage of the way the system gained popularity in the first place and allow people to indicate other’s identities as trusted/cool/friends (beyond acquaintance). If someone has a large circle of trusting friends, some or many of whom you already know and verified, then they have a higher social value. Outsiders are thus, by definition, untrusted and a warning can easily be associated with their profile.

Above all, one has to look at consumer experiences from the MPAA and wonder if the man who “spearheaded” it will generate the same guilty-until-proven-innocent policy for MySpace:

Nigam also told me that if I told him my friend’s IP address, he could find out exactly what had happened in his case. I told him I’d have to check with my friend first. Kutner then said that if my friend were truly innocent, he wouldn’t have anything to hide.

The thing is, he didn’t have anything to hide in the first place, and he was still accused.

My boyfriend doesn’t actually care so much about his good name. He is angry that a service he pays for was interrupted for no reason. And he is worried that the MPAA will harass him some more if he reveals his IP address. Perhaps his fears are groundless, but if you had been wrongly accused and penalized, you would be worried, too.

A large, powerful organization managed to stick its nose in our business and cause us days of inconvenience and aggravation. We weren’t given the chance to defend ourselves until after action had been taken against us. If we are accused again of distributing copyrighted material, we lose our accounts for two weeks instead of one, and face banishment from our ISP. And not a bit of this is under our direct control.

Can you believe the MPAA really says “If you are innocent, you have nothing to hide”? Schneier has made several valiant attempts to rebuke this phrase, in support the right to privacy, such as this one.

MySpace will not be seen as “safe” if privacy is completely obliterated for the sake of finding a few abusers. As a famous Chinese philosopher once said, “when one nail bends, do not throw out the whole bag”.

One thought on “Being seen as unsafe may be an even bigger risk than being uncool.”

  1. This really seems like an inefficient way to deal with the problem. Any information a child can provide, a determined adult can spoof. As such, the obvious solution to child predation through websites is to continue teaching children about the dangers that exist, along with a certain level of parental monitoring until they reach such an age that they can be trusted to decide for themselves.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.