Digital identity is used online not only in contexts requiring strong authentication, such as e-government or online banking, but also in less formal interactions where anonymous, pseudonymous, and disaggregated identities can suffice. Increasingly, social networking service (SNS) operators are harnessing their broad user base and wealth of personal information to become vital components of the Internet's identity layer. (See today's article in the New York Times on Facebook's deactivation of Salman Rushdie's account for violating its "real name" policy.) The provision of identity management tools by SNS operators for purposes of authentication, identification and authorization raises thorny problems of privacy, security and user control.
In a new article, which will be published in the forthcoming issue of the Journal of International Commercial Law and Technology, I explore some of the legal issues arising from the transformation of SNS operators to providers of digital identity. I consider the implications of the involvement of private sector entities in the field of identity management and discuss some of the privacy implications, as well as the prospects for conciliation between online anonymity and pseudonymity, on the one hand, and the need for identifiability and accountability on the other hand.
You can download the article on SSRN here