[LINK] "Identity Theft" [was: Copyright Infringement as Stealing: Pfft!]

Stephen Wilson swilson at lockstep.com.au
Tue Oct 28 08:55:16 AEDT 2008 

Stilgherrian wrote:

> In the case of what is called "identity theft", I never could  
> understand what was wrong with the good old words "impersonation" and  
> "impersonation with intent to commit fraud" and "fraud" and so on. You  
> know, the actual words which accurately describe the crime being  
> committed.

At the risk of being accused of "spin", I'd like to suggest that the 
deliberate choice of words "identity theft" serves a useful rhetorical 
purpose.  After all, words are powerful (which is an important principle 
to remember when people decry "spin" without qualification -- that is, 
"spin" is used for good as well as bad).

Using "Identity theft", in contrast to the "fraud", draws attention to 
several pertinent points, including:

- in its current forms, impersonation on the Internet is indeed novel,
   for it involves avenues of attack and a scale of attack that are
   unprecedented; so it demands a set of responses that are quite
   different from other anti-fraud measures to date
- we are known on the Internet (as opposed to the real world) according
   to very discrete digital identities that are quite often very easy to
   copy; while I take others' point about the uncertain semantics of
   "steal" vs copy, it is still very interesting and noteworthy that
   digital identities can be co-opted, in ways that the mundane term
   "fraud" doesn't really capture
- there is a compelling argument that in the digital world, we have
   multiple digital personae, and not just one organic identity;
   accordingly, it's useful to draw attention to the fact that these
   personae are vulnerable separately to takeover, or "theft"
- in the particular case of biometrics, where crazy claims are made
   about their 1:1 correspondence to "unique" biological traits and
   their *assumed* resistance to takeover, I feel it is rhetorically
   very useful to employ the term "identity theft" to describe what
   happens when someone copies and replays a template, or spoofs the
   measurement.

Some prefer "identifier theft" (or "identity takeover") to "identity 
theft" but I think that's splitting hairs.  I subscribe to the view that 
I possess a plurality of digital identities (bank accounts, memberships, 
personal mail accounts, employment episodes, avatars etc.) and I 
certainly feel that each of them is susceptible to theft.

Speaking of avatars -- don't they push the boundaries of the semantic 
argument concerning 'stealing' of identities (or IP for that matter)? 
If someone takes over my avatar in Second Life, and I lose control of 
it, and it is altered in ways that I don't approve of (as an extreme 
example, that avatar kills another) then surely I have "lost" it?  The 
same consideration might also apply to "reputation".  At a high level of 
abstraction, it seems to me that these intangibles start to behave like 
they do have physical properties, and that it is therefore sensible to 
talk in terms of 'possession' and 'theft'.  Yes, one can always employ 
low level functional language to describe what is 'really' going on when 
someone takes over an avatar, but then we run the risk of losing the 
richness of the virtual experience.  So it seems to me that we cannot on 
the one hand celebrate  virtual reality and other epiphenomena of the 
Internet, while on the other hand, complain about bending real world 
language like "theft" to describe the richness of the new world.


Cheers,

Steve Wilson.

More information about the Link mailing list