This document discusses contextual identity and the need for multiple identities. It notes that many public figures like Josephine Baker and Snoop Dogg have used different identities for different contexts. However, some social media platforms require a single verified identity. The document also discusses examples of privacy issues that can occur when all of one's online activities and contacts are connected, such as when an abusive ex is revealed. It calls for better tools and models to support contextual identity and privacy across different online contexts and services.

1. Contextual Identity:
Freedom to be
All Your Selves
Monica Chew, Sid Stamm
Mozilla
{mmc,sid}@mozilla.com

2. Contextual Identity
Be who you want, when you want

3. Multiple identities abound!

4. Josephine Baker

5. Colleen Lachowicz

6. Snoop Dogg (Snoop Lion)

7. All your identities in one big identity
"Having two identities for yourself is an
example of a lack of integrity."
- Mark Zuckerberg, The Facebook Effect
"If you have something that you don't want
anyone to know, maybe you shouldn't be doing
it in the first place."
- Eric Schmidt, interview on CNBC

8. All your identities in one big identity
source: www.facebook.com/help/112146705538576/
“Facebook is a community where
people use their real identities. We
require everyone to provide their
real names, so you always know
who you're connecting with. This
helps keep our community safe.”

9. Mr. Burns is not pleased

10. A real world example
Bobbi Duncan Taylor McCormick
Outed when the choir director added them to a
public Facebook group, Queer Chorus

11. Fuck you, Google
I use my private Gmail account to email my boyfriend and my mother.
There’s a BIG drop-off between them and my other “most frequent”
contacts.
You know who my third most frequent contact is?
My abusive ex-husband.
Which is why it’s SO EXCITING, Google, that you AUTOMATICALLY
allowed all my most frequent contacts access to my Reader, including all
the comments I’ve made on Reader items, usually shared with my
boyfriend, who I had NO REASON to hide my current location or
workplace from, and never did.
All your services in one big service
source: www.fugitivus.net/2010/02/11/fuck-you-google/
catalyst: Google Buzz/Reader/Contacts integration

12. Twitter Direct Messaging Failures
sources: twitter.com/dmfail, wikipedia.org/wiki/Weinergate
catalyst: typing '@' instead of 'd'

13. What's in our privacy toolbox?
● Cryptography [RSA, AES, Diffie-Hellman]
● Contextual integrity [Barth et al.]
● Access control [Bell, LaPadula]
● Anonymizers [Dingledine, Marlinspike]
● Blockers [AdBlockPlus, Disconnect.me]
Our tools are necessary but not sufficient.

14. Access control: state of the art?

15. Changes are hard to track
source: http://mattmckeon.com/facebook-privacy/

16. Changes are hard to track
source: http://mattmckeon.com/facebook-privacy/

17. Changes are hard to track
source: http://mattmckeon.com/facebook-privacy/

18. Changes are hard to track
source: http://mattmckeon.com/facebook-privacy/

19. Changes are hard to track
source: http://mattmckeon.com/facebook-privacy/

20. Changes are hard to track
source: http://mattmckeon.com/facebook-privacy/

21. Be who you want, when
you want
How do we get there?

22. Call to action
Study mental models

23. What makes up online identity?
sites you visit once
devices you own
devices you borrow
devices you lend
sites you never visit
sites you often visit
topics you like

24. Call to action
Study identity management techniques

25. Multiple browsers

26. Multiple devices

27. Multiple profiles

28. Alternate identities

29. Privacy mode

30. Challenge
People value community

31. Challenge
People want their data everywhere

32. Popemobiles make it hard to share

33. Think different.
Hey, W2SP.

34. ● Obscurity can be enough
● Embarrassment reduction
● Troll avoidance
● Mistake recovery
Room for imperfect solutions

35. How can we make things better?
● Question our own notions of identity, privacy
and publicity
● Write software for how users are, not how
we wish them to be

36. Open questions
● How can we design privacy and sharing to
be less brittle, more flexible?
● How can we balance desire for spontaneous
interaction with the need for privacy?

37. Works in progress
● Blushproof [with David Keeler]
● Cookiemonster [with David Dahl]
● Behavioral segmentation [Mozilla UR]

38. Questions?