Real Names – to insist or not to insist? A cloudy issue…

| August 14, 2011
Cloud Computing topic of the month

When Google+ launched, Google insisted that its members use real names and aggressively closed accounts that it considered were not based on real names.

This reignited a debate that has periodically flared around the internet.

Answering it wisely will be essential if the individual citizen is going to take full advantage of the wonderful opportunities of Cloud Computing.

Outside of formal interactions, such as interaction with governments or banks online, the debate got going years ago when Facebook turned the internet norm of anonymity and nicknames upside down and stated that its members were expected to use real names. However, Facebook has not been too aggressive in enforcing that policy. We all know of examples where real names have not been used on Facebook, the account has not been revoked, all remains calm and generally the world has not come to an end.

Google has already watered down the policy somewhat as blogged by Bradley Horowitzthe VP Product, Google+. Even so, its current stance is still controversial.

So much has been written about this in the last couple of weeks, there is no need to add to the debate. Rather, I will list some articles that have shed particular light already. 

Cloud Computing topic of the month “Who is harmed by a “Real Names” policy”, Geek Feminism Wiki, as at 13 August 2011 which lists a staggering number of examples of where such harm is possible, including a long list of marginalised and endangered groups, other people with direct identity concerns, subject-related considerations, employment-related concerns, people whose “real names” are more complicated than you think, people with long-standing pseudonyms, and people whose “real names” are extremely common or extremely rare.  (My thanks to Roger Clarke for drawing attention to this wiki).

“Arrogant bullies versus Superheroine” in which Kim Cameron, who completed The Laws of Identity in 2005 and continues to produce his marvellous IdentityBlog, points out the ridiculous situation of where the well known Identity Woman could not participate in Google+, even though that is the only name by which she is known by thousands of people worldwide! 

“Here’s Looking at You, and You, and You …”, IEEE Spectrum, 25 July 2011 which illustrates perfectly the approach being taken far too often:  if anybody in authority or control draws the wrong conclusion and strikes you out, it is your problem to fix it and you will get very little help while you try.

“S. Korea plans to scrap online real-name system”, TMCnews, 11 Aug 2011 which completes the full cycle. Having discovered the hard way that holding personal information requires as much structured, focused attention as managing highly toxic chemicals in your business, the authorities in South Korea are reversing a 2007 policy that requires real names to be used when submitting commentary to large websites.

We need to take careful note of these developments as we watch a number of the governments in the English speaking world try to grapple with the issues, including the US with the National Strategy for Trusted Identities in Cyberspace (NSTIC) and the identity assurance model announced in a statement by the UK Minister for the Cabinet Office and Paymaster General (Mr Francis Maude) to the British Parliament on 18 May.

All of these initiatives are aimed at making cloud computing, mobile computing and generally leading our lives simpler and safer.

Making and relying on identity claims is a much more subtle and nuanced game than many imagine.

Evidence of the effort that will go into getting this right is already emerging. Gartner is quoted in ReadWriteCloud as predicting that "At least half of all organizations that host data on behalf of clients will change, or be forced to change, their privacy policies by the end of next year".

Australia has a unique opportunity to build on what we are learning worldwide in the context of developing the Cyber White Paper that was announced on 3 June 2011 by the Secretary of the Department of the Prime Minister and Cabinet.

Malcolm Crompton is Managing Director of Information Integrity Solutions (IIS), a globally connected company that works with public sector and private sector organisations to help them build customer trust through respect for the customer and their personal information. Malcolm is a former Australian Privacy Commissioner. He was also foundation President of the International Association of Privacy Professionals, Australia New Zealand,




  1. Trevor3130

    August 15, 2011 at 11:59 am

    Privacy rules

    Here we go again, Malcolm. Another login alias, another tricky password to write in the little black book.

    To scrape away at an old saw, I can’t see much happening until the Govt sorts out its strategy for legislating the APPs. One would have thought the impetus must come from PM&C, because the ramifications cross several portfolios. So, will the change of Secretary at PM&C make a difference?

    • Malcolm Crompton

      Malcolm Crompton

      August 15, 2011 at 12:25 pm

      Trevor – good point

      Trevor – apologies for you needing a new password to join Open Forum, but now you are here, welcome! 

      If the Cyber White Paper that PM&C has initiated can find a way in which we can exchange trustworthy claims about identity in a way that does not create a Panopticon or Digital God, then it will have made a huge breakthrough.  The US Government with NSTIC & a similar initiative in the UK show that other countries with which we easily identify want to solve the problem.  We should get to know more about those initiatives and see what we can learn from them

      Yes, a breakthrough in finalising and enacting the response to the ALRC report would help.  See my blog about it "Privacy law reform in Australia gets going again!". 


  2. Susiem

    August 17, 2011 at 8:58 am


    Well you could have your cake and eat it by using verified, but psudeononymous (to the service anyway) identities – then Google would know you’re real but you could then call yourself whatever you like.

    Of course, it’d mean Google having to invest in using real digital identity systems, rather than just a web login.

    There is a philosophical debate underlying teh technologocal one too though and Google should be careful about their foray inot the world of human rights but trying to forcbily define what a perosn name should be, a VERY sensitive area.

    But on the note about online protection. I know of several women who cannot use social networking becasue of being stalked by old boyfriends (sexual jealousy is a dangerous thing) – allowing them to be pseudononymous and private withn the confines of a group of friends of their choosing would be really useful for them.