Who Controls Your Online Identity?

How do people identify you online?

  • some-name on WhatsApp.com / Facebook.com / Twitter.com / etc.?
  • some-name@gmail.com / @hotmail.com / @outlook.com / @icloud.com / etc.?

Whether we call these our id’s, addresses, accounts or handles, most of our identifiers look like these. The bad news is these identifiers are not ours. They don’t belong to us. We are just borrowing some-name from some.company .

If they so choose, some.company can block our account, or start charging for it, or give it to someone else, or change how “our” account works, or start posting adverts on it. They can mine “our” identifier for marketable metadata about ourself and our contacts, or censor what we can and can’t use it for, or sell the management of it to another company, or delete the data we stored there, or do anything else they choose. It’s neither legally nor practically ours. It’s one of their business assets, and they owe us no loyalty whatsoever. If the service is “free” then we and our attention are the product being sold to their real customers such as advertisers. [1]

Most of us are trusting people expecting to live in a stable world. We trust it will just continue to work, for free, for as long as we want it. Especially if we’re the president of the United States of America [2]. Oh, how the world proves us wrong.

Owning One’s Identity

There is a better way.

By owning our identity, we can set our own rules when a silo’s ToS do not suit us. For one example among many, some of us might want to talk to our children. If I am using WhatsApp, signing up my children is forbidden. I am not allowed to use the same silo to talk to my children that I use with my adult family and friends. But when we run our own matrix server for our family, then we can give our children their own accounts, under our supervision, and exchange messages and photos and make calls with them.

There are two sides to owning our online identity (or identities). We need to have both legal ownership — to be allowed to use it — and practical ownership — to be able to use it.

  • Legally owning our identity means we must use identifiers such as myname@myname.org where the domain name part (myname.org) is registered to us personally, rather than borrow a name that is issued by some.company and therefore remains under their control.
  • Practically owning our identity means we must have the ability to communicate without requiring both ourselves and our contacts to be customers products of some.company. Our communications technologies need to be “open” in the sense of freedom-respecting and universal, like email is, in contrast to the “silos” or “walled gardens” like WhatsApp, Twitter and all the rest whose users can’t talk to anybody outside them.

Legally owning our identifier means retaining the rights to that identifier, even when we change providers of any services. In practice today we are talking about identifiers based on DNS domain names. Years ago, domain names like example.com were the preserve of companies, universities and governments, but nowadays anyone can register one for around £10 to £30 a year. A domain name remains ours for as long as we pay the domain registration fee. The domain name registrars are strictly regulated, giving us about the highest level of guarantee we could achieve in today’s world. (In principle of course they could be overruled or changed by governments, as could anything.)

Practically owning our email is quite straight forward, because email is based on standards that are non-proprietary and universal. (Companies like Google have tried to put their own hooks and claws into the process but they have not gone quite so far as to make gmail incompatible with standard email, thank goodness.) Because of this, we can independently register our own domain, choose our own email address at our domain, and rent an email service from an independent email service provider (such as Fastmail) and attach it to our email address(es). We can even copy our email history onto it, set up forwarding from the old email account to the new one, and so on. And the important part about “ownership” is if this rented service should ever become unavailable or unsuitable, we don’t lose our email address, and we can rent an equivalent service from some other company, transfer the address, and so keep on using our own same email address without our contacts even noticing the transition.

Practically owning our social media and instant messaging had been not impossible but mostly impractical until, at last, around 2020 there has been massive development and uptake of freedom-respecting and universal options, and their names are now becoming well known. The ones I want to call out are:


Footnotes:

[1] Even if we were to pay rental for one of these silo services, that would not change much: they tend to offer no real service level obligation, and can still stop it or change it or do pretty much as they wished in all other regards.

[2] I wrote this article at the start of 2021, after President Trump’s Twitter account had been “permanently suspended” (cnn.com, nypost.com).

[3] Who Controls Our Data? A Puzzle.