Last week, Exxon had a weird situation on its hands: a fan set up an “official” Twitter profile and tweeted on behalf of the company. Suddenly, there are two mysteries: In $4.00 per gallon gas world, how does Exxon still have fans? And how can we ever be sure a person online is who they say they are?
The first one we’ll consider a natural anomaly of human behavior. After all, some people like to be punished. As for the other one, for 15 years or so, we’ve been satisfied with—well, tolerant of—the remote possibility we’re being duped, if not constantly, then significantly more often than in real life.
Anonymity online might as well be enshrined alongside the First Amendment: Congress shall make no law…abridging the freedom of speech, or of the press…or the right to be an anonymous jerk online.
Well, sometimes the anonymity is for protection, so it’s kind of important, and efforts to squash anonymity are doomed to fail. On the flipside of that, though, are impersonators. Which of these Twitter profiles is actually the official John McCain one? How do you know, at a glance, if this is John Mellencamp’s official MySpace page, or one a fan has set up? At least Fake Steve Jobs was up front about the fakeness, but how easy is it to spoof anybody or any organization online?
Currently, the only recourse for companies like Exxon is either a legal one—in Exxon’s case, they only needed an online press source to report the information—or a community of online investigators to call foul. One method is expensive and time consuming, and the other depends on a fluke chance somebody is aware and cares enough that somebody else is a fraud.
So what’s needed is some method for verification, especially when it comes to social media. New social media applications pop up every day: new micro-blogging services, new social networks, new video sites, new blogging platforms, you name it. Along with those free new services will come not just posers and pranksters, but also sploggers and infringers trying to capitalize for whatever motivation suits them.
Recently, our Twellow released a new feature that allows people to associate their other social networking profiles with their Twitter account. And while that’s very cool, and a step in the right direction, there is still, if a fraudster is persistent enough, no way to be absolutely sure a person is who they say they are.
I’ve kicked this idea around that we need some kind of social media authentication method and I thought Twellow would be the perfect base for that. I posed the idea to the boss, and he thinks I should, in true online community form, kick it around cyberspace and get some feedback from the Murdok community.
So here goes: We should create a one-stop directory of the different online presences a company or person has, which would include website(s), official blog(s), social networking profiles, etc., which becomes the official Internet resource for verifying those sources. How do we do that? We develop a model that is, in part, much like IMDB’s or Wikipedia’s. The other part isn’t quite so, well, free, but perhaps very necessary.
Stage One, Social Media Authentication Wiki: Harness the power of the wiki to create a profile of profiles for each entity. There are too many companies/online personas to manually try to verify and enter into a system, and too many to maintain. After all, we have other things going on. Crowdsourcing, then, becomes crucial. Using a wiki-model, the community, which includes not just the companies and personas in question, but anyone with an interest in this type of cataloging, could create and maintain a list of known official channels of communication for said companies and personalities. Who would want to? In Exxon’s case, Exxon would, and if they didn’t, fans of Exxon might—or of Courtney Love, for that matter, anybody who doesn’t like posers.
The flip side of that is, of course, a corresponding database of phonies and known furries. Just kidding about the furries. The community could create a place they can point to and say “This blog is legit, but that Twitter profile is not.”
One notes right away the wiki model is still not perfect for authentication purposes, especially with a publicly editable profile of profiles, not if you need something absolutely rock solid. Right, and it won’t be perfect based on that, but the community could, just like they’ve done with Wikipedia and IMDB, create a vast and likely accurate database of profiles in a relatively short amount of time.
And that’s when we bring in the business side of this, which is…
Stage Two, Official Profile Lock-In: Once the community has formed its profile of profiles database, the companies and/or personalities involved have a chance to make a final edit and lock it in as the complete list of their official online communication channels. How do we go about authenticating it is the actual company or person seeking to lock in that information? We charge them, of course, a subscription fee. I figure no imposter will pony up actual money to secure their kicks of pretending to be somebody else. For so much a month or year, profiles can be locked in and are no longer community maintained—unless the subscription lapses, and then all bets are off, which becomes motivation itself to renew. Locked-in profiles then can only be edited by those officials in charge of them.
The only remaining issue is blog comments, and I include this under the paid services part of the proposal because the wiki section would be primetime for abuse in this regard. I was proud of myself the day Sir Tim Berners-Lee told me in the comments section below an article I wasn’t quite grasping his semantic web concept . How do I know it was the TBL? Well, um, he sounded really smart and talked over my head the whole time. The profile of profiles concept could allow Tim, or others to include how they present themselves in blog comments. However, there’s no control for this in the wild, and posting your preferred commentary handle could only be further abused, and perhaps more effectively abused, by imposters. Another possible service presents itself in the form of authenticated comment handles, perhaps a line of code they could purchase or be issued that says, officially, “This is the real me commenting.” That might take some technological wizardry to pull off, though.
Okay, readers, how am I doing on this concept? What’s wrong with it? How could it be better? Is it worth a shot or am I kicking dirt out in left field?
