Decade after decade our identity becomes increasingly integrated with computer systems. It is at the core of our life on the internet. This systematization will have radical effects on society on par with the emergence of artificial intelligence.

Much of what is useful about our identity is paradoxically formed by other people. This includes everything from reputation to certification. Our identity and the benefits it bestows is more fragile than it appears. A change in your reputation can ripple through the fabric society; a new credential can open new doors but an ad hominem attack can close countless others.

A trip through time on the public networks will reveal the evolution of priorities when capturing our lives in data. This could be done with any identity, but I chose to focus on the history of the best-selling author Diana Gabaldon.Diana Gabaldon’s best known work is probably Outlander (1991). It was adapted for television on Starz in 2014.

The story starts on July 20, 1988 when she was known as 76530,523 and continues to the present day.

Identity archaeology peels back the historical layers of the internet - sort of the Triassic, Jurassic, and Cretaceous periods of cyberspace. Humble beginnings have brought about social credit scores in China and pervasive systems of surveillance capitalism in the West. A little perspective will help project what is on the horizon and how it can be met with the most ethical and humanitarian approaches.

Prehistory: Finger

⊕ Lester Earnest in 1976 via Visitor to SAIL on Wednesday 21 April 1976

Finger, originally created in 1971 by Lester Earnest, is the granddaddy of status updates. Running finger /a-persons-username/The command can be run on TCP port 79 to find someone on another network via the internet.

“return(ed) a friendly, human-oriented status report on a particular person in depth.”

The original version only worked on the DEC 10 at the Stanford Artificial Intelligence Lab. But it was enough to help users “locate potential volleyball players when you wanted to play, Chinese food freaks when you wanted to eat, and antisocial computer users when it appeared that something strange was happening on the system.”From Sean Colbath in personal correspondence with Les Earnest on February 19, 1990. Posted publicly on alt.folklore.computers (Usenet) the following day.

Once “Plan files” were added, finger “evolved into a forum for social commentary and amusing observations.” The protocol swiftly spread across the Arpanet and later, the internet.Ibid.

Finger introduced early digital privacy and security concerns. The protocol could divulge when a person last logged into their computer and when they last checked their email. It also listed full names and eMail addresses in many configurations. In systems that used usernames and passwords to identify individuals, finger essentially provided half of what a hacker needed to authenticate (the username). The second Finger RFCRequest For Comments. RFCs are one of the most important documents for setting new standards on the internet.

, #1288 (1991), explicitly mentions these concerns.

The shifting priorities from RFC #742 (1977), the first Finger RFC, and RFC #1288 (1991) reflect the widening breadth of the internet community. Privacy was becoming an increasing concern across the growing internet as a wider variety of people came online.

It’s worth nothing that finger, unlike many privately owned social networks built on the world wide web, still works. Typing finger schmudde@tilde.club at the command line provides this information:

Login: schmudde                         Name:
Directory: /home/schmudde               Shell: /bin/bash
Last login Sun Feb 14 22:50 (UTC) on pts/47 from 2001:b07:ae6:7d19:a519:5691:a52a:dc49
No mail.
No Plan.

CompuServe CB Simulator

⊕ CompuServe’s communications offerings in 1987.

Finger was one of the first tools for finding other people on a computer network; eMail was one of the first ways to send them messages.The cost of maintaining an identity is a fundamental concern here. Early on, only appointees in the US Department of Defense, related research institutions, and universities could use finger and eMail. These digital services were largely funded by the American taxpayer.

Public messaging came in the form of message boards (such as Usenet) and real time chat networks. A person’s identity is the core component of each of these technologies.

The first broadly public chat hangout was CompuServe’s CB Simulator, launched in 1980.Maher, Jimmy. “» A Net Before the Web, Part 2: Service to Community.” The Digital Antiquarian (blog)

The CB that the service was simulating was Citizens Band (CB) Radio.“Modeled after CB Radio, CB Simulator is the hottest electronic, interactive communication medium online today. Seventy-two channels host CBers of all backgrounds, ages and intellects. […] If you like, you can chat in private with a new friend or scramble a conversation for all but invited guests.” ~ CompuServe IntroPak (February 1987)

CB Radio was a phenomenon of the 1980s that offered a way for strangers to connect over the airwaves. CompuServe drew the skuomorphic analogy to its novel online chat program.

But CompuServe didn’t feel like a CB Radio; the people using the service were very close to the underlying DEC PDP-10 computer. In the early days, some users would sometimes accidentally login to another person’s session because the TOPS-10 operating system did not automatically logout a user if someone disconnected. The essence of their identity on CompuServe - all their files and privileges - would be available.Sandy Trevor [70000,130] recalled this in a correspondence with Joe Dempster on 31-Aug-88 15:44 EDT. See We Call Them 10’s: A Brief History of 36-bit Computing at CompuServe

Furthermore, people’s identifiers online were a reflection of the addressing architecture of the DEC PDP-10. Here’s an excerpt from 76530,523’s conversation with 73367,1267 on July 20, 1988 in a CompuServe forum. 76530,523 is better know as the best-selling author Diana Gabaldon:

20-Jul-88  02:09:44
Fm: Diana Gabaldon 76530,523
To: Margaret J. Campbell 73367,1267

Dear Margaret–

Nice premise for a novel (of the more modern type, to be sure). […] I have the sort of face that induces total strangers to tell me their intimate secrets (which are generally pretty tame, though the lady who spent three hours over the Atlantic Ocean telling me about the ways in which her husband’s midlife crisis was manifesting itself was pretty interesting).

CompuServe Information Manager 1.0 (November 20, 1989)

CompuServe’s identifiers were only usable within the CompuServe system at first. This changed the year after Gabaldon’s post. CompuServe IDs could be addressed on the internet using the compuserve.com domain (e.g. 76530.523@compuserve.com).Cost must be considered when calling something “broadly public.” I’ll provide 1994 numbers to give some sense of the cost. CompuServe was $8.95/month for unlimited use of the standard services. Incoming Internet electronic mail, including spam, cost $0.15 per item. Other services ranged from $4.80 to as much as $22.80 an hour, for use of “extended” services. (Lewis, Peter H. “The Compuserve Edge: Delicate Data Balance.” The New York Times, November 29, 1994, sec. Science.)

Assigned numbers are difficult for people to remember. CompuServe made their service more friendly by allowing user-created handles in the mid-1990s. My original CompuServe number was 103625,1027, my username was dschmud, and my handle on the forums was snap347. That’s three levels of identity: machine readable, account level, and public name.

World Wide Web

⊕ Diana Gabaldon’s original homepage (1997)

The World Wide Web helped make the internet available to millions and millions of people around the earth. The Domain Name System (DNS) makes it possible to find a single person or entity out of the billion+ people online today.

An author like Diana Gabaldon could have stayed on CompuServe. But CompuServe and contemporary cousins like Facebook limit who a user can address: rather than anyone on the internet, you’re limited to a subset of people who have accounts on the system. It’s archaic.

Gabaldon had established her presence on the World Wide Web by 1997 at http://www.cco.caltech.edu/~gatti/gabaldon/gabaldon.html.This caltech.edu URL is still valid, nearly a quarter-century later. Visiting the link will helpfully inform you that “The Diana Gabaldon website has moved to a new location.” This is because the original webmaster, Rosana Madrid Gatti, still has an active Caltech account.

Domain names are the quietly powerful and permissive identity engine of the internet. dianagabaldon.com first appeared in 2001 as an anti-abortion website showing graphic imagery.Most domain names are relatively affordable today. But .com domain names were originally free, reflecting the values held by early internet citizens. Only 1151 .com domains were registered by October 1990. Registration happened through an eMail form to the InterNIC Domain Registrar. When InterNIC became a private company, Network Solutions in 1995, it became $100 for two years. By 2000, some domain names were as inexpensive as $9.99/year.

It’s almost certain that the author was not involved; the original owners were attempting to leverage the identity of a New York Times best-selling author to spread their message. Records from the Internet Archive show that Diana Gabaldon took over the domain in 2002 redirected the domain to her university website at http://www.cco.caltech.edu/~gatti/gabaldon/gabaldon.html (HTTP 302).

⊕ The original dianagabaldon.com webpage (2001)

Having a memorable name to host your online identity has become incredibly valuable. Tens of millions of dollars have been spent to control a domain name.Voice.com was sold for $30 million in cash in 2019.

Names were not formally specified until RFC #608, Host Names On-Line, in January 1974. These were a little different than domain names. A <host-name> originated with a request made to the Network Information Center (NIC) at Stanford. Only alphanumeric (A-Z, 0-9) and the minus sign (-) were valid characters. If approved, it would be added to an ASCII file HOSTS.TXT. Now your machine could be accessed by a human-readable name. Other hosts would navigate to <NETINFO>HOSTS.TXT using FTP to download updates to the HOSTS.TXT file. As published in the RFC, the login was GUEST and the password was ARPA - such was the security on the network at the time.

HOSTS.TXT was essentially maintained by one person, Jake Feinler. Getting a new identity amounted to giving Jake a call. The need for a more advanced system of naming on a global information network is obvious. Today’s Domain Name System (DNS) emerged in 1987 (RFCs #1034 and #1035) and was soon adopted across the entire internet.

The domain is an address that is machine-friendly. When combined with a handle, it can provide meaningful contact information for another person, such as webmaster@dianagabaldon.com. An eMail address can also be used as a username in another computer system. Finally, with technology such as IndieAuth, a domain name can be used to authenticate a domain owner in another computer system. All of this works because there is some way to prove that you control either the domain name or the username associated with the domain name.

Advertising Networks

But DNS isn’t the way that most people find most people on today’s internet, let alone message. Advertising networks stepped in an created the familiar user silos we have today. November 6, 2007: Facebook introduces targeted ads. “‘Facebook Ads represent a completely new way of advertising online,’ Zuckerberg told an audience of more than 250 marketing and advertising executives in New York. ‘For the last hundred years media has been pushed out to people, but now marketers are going to be a part of the conversation. And they’re going to do this by using the social graph in the same way our users do.’”

Diana Gabaldon snagged the Twitter handle @Writer_DG in 2010 and the Facebook url AuthorDianaGabaldon on January 31, 2011.

Gabaldon has amassed over a million followers across the two services. She is able to narrowcast information to her followers and, presumably, it provides them a conduit to interact with her. Unlike CompuServe and DNS, this arrangement is free to use, it only requires that each user allows their activity to be monitored and exploited by the host advertising network.Advertising-based networks have an advantage over paid networks. Compare the rollouts of TBS and HBO in the early years of narrowcast cable television in the 1970s. “In December 1976, Turner [TBS] became the second satellite delivered cable programmer [after HBO]. His channel was particularly appealing to operators and customers because, unlike HBO, it was an advertising-based service that could be offered to subscribers without additional charge.” Patrick Parsons, “The Evolution Of The Cable-Satellite Distribution System”, Journal Of Broadcasting & Electronic Media 47, no. 1 (2003): 1-17, doi:10.1207/s15506878jobem4701_1.

Even though advertising networks reduce the reach of an individual and surveil their every move, they became popular for two reasons: 1. the tools are easier and 2. they presented clear states of identity.

First, registering a domain name and creating a webpage is harder than creating an account on an advertising network. Once an account is created, managing your relationships with your peers is easier than any open web equivalent.

Second, the internet’s original anonymity was due, in part, to its lack of state. Identity and security does not exist on the level of the internet protocol. Even higher-level protocols like the World Wide Web eschew state. It wasn’t until the invention of the browser cookie that websites could remember what you put your shopping cart.“The web was designed to be navigated by information, not host, using links to move through the network. As the first website describes on its “Dos and Don’ts” page: “There are no sessions between client and server. The client may retain state, (i.e. it knows which path it has followed) but the server may not. Each time a link is followed, a connection with the server is established, the request made, the server’s response sent back and the connection closed. Therefore there is no way that the server should know what it did with a client before the current request” (Implementation Guidelines, 1992).” Jones, Meg Leta; Ackermann, Kevin (2020). Practicing privacy on other networks: network structures, economic arrangements, and identity strategies before cookies. Internet Histories, (), 1–19. doi:10.1080/24701475.2020.1747344

Advertising networks had an incredible incentive to remember your every move for analysis. The actions you take provides deep insights into who you are. Better insights into identity are incredibly valuable to marketers attempting to sell you products.

What’s Next

Tools for identification promise to increase in resolution and precision in the coming decades.

At one point we were identified by a string of numbers: 103625,1027. Then a natural language username: dschmud. Soon thereafter we could have graphic avatars, leading to a book of faces that asked who our friends are and our relationship status.A progenitor of Facebook is Rob Pike and David L. Presotto’s “face server.” All computers with permission host the server could display the faces in eMail correspondence, etc…. As Unix hacker Jack Rusher pointed out to me, the big face in the screenshot below is Peter J. Weinberger, perhaps most well-known as the w in the Unix awk command. See also Steve Kinzler’s Picons.

A tracking of purchases made, websites visited, emails received, and how many steps were taken in which locations have become quiet noise in the background. Fingerprints and models of our faces from every angle imaginable are now stored in machines.

As the resolution of the medium increases, so does the power of our online identity. Yesterday’s two-dimensional images are today’s Snapchat filters and Memoji. These technologies are the foundation of tomorrow’s projected self.

Our digital proxies will be granted credentials that impact the privileges of our physical bodies. Locating and authenticating our digital proxy are the essential mechanisms in this process. Today it is largely done through DNS and username/password pairs. Tomorrow it will likely done by a unique address with no central assignment body and a key.

This has grave political and humanitarian consequences, which will be explored in the forthcoming post, The Identity Trap. Subscribe to the Beyond the Frame RSS or mailing list to make sure you don’t miss the next update.