Who Are You?

Who Are You?

Social media logos Graphic from Web Ad.vantage, Inc.

Why all the social accounts?

  • Each has a unique purpose
  • We present different facets of ourselves on each
  • Our presentation depends on our relationship with the audience

identity is about relationships

Identity = Relationships?

Identity is how you see yourself and how others see you
  • How you relate to yourself
  • How you relate to the world
  • How the world relates to you
Photo from buzzfeed.com

Technology makes it possible to publish, broadcast and receive information at any time

Sir
      Tim Berners Lee Olympic Tweet - This is for everyone Photo from Wikipedia

Our relationship with the world is changing

  • Our voice can reach a global audience
  • Public identities are established at an early age (sometimes before birth)
  • Digital footprints last forever
  • Expectations of privacy are changing

Online self supports offline self

Online identity is
          a partial and distorted view of one's self
Graphic Courtesy of Lindsay Kenzig and Mary Trombley

Many ways to experience and manage identity online

Ways of managing
      identity online Graphic Courtesy of Lindsay Kenzig and Mary Trombley

User types mapped to ways
      of handling identity
Tailors
experiment and try new things constantly
Curators
seek out the new
Waders
are curious but uncertain
Wallflowers
hang out on the edge of things
Visitors
might stop by to check it out

Are users concerned with security and privacy?

Ostrich with head in
      the sand
People are fearful but don't want to think about it. Graphic Courtesy of ostrichheadinsand.com

Convenience trumps safety

Cloud of most common
          passwords Graphic Courtesy of Mark Burnett of xato.net

User Comments

Someone's going to hack it. Someone's going to figure a way around it."

Janey

I really should start doing it differently... I try and keep everything as much in my head as I possibly can."

Matt

I actually have it set up somehow, and I don't know how I did it... I did it in some way where it just never records it down."

Jeffrey talking about passwords

Say somebody found my cell phone on the street... I wouldn't want them to be able to open it up and use it."

Maureen

Why?

We make it too difficult!

users are forced to make bad choices

First Great
      Western Railway Sign-Up form Screen clip from First Great Western

Anonymity is increasingly difficult

Facebook's dialog
      asking if your friend is using their real name Photo from @chapeaudefee

Choice of identity is restricted

Spotify login
Digg login Screen clips from Spotify and Digg

data collection is easy...

...but, security is hard

Trackers on
          a techcrunch.com Major Security
        Breaches in 2012 Trackers on techcrunch.com Infographic by dashlane.com

even the big guys have problems

  • SQL Injection attacks have not been stamped out
  • Some sites send authentication forms over HTTP
  • Phishing attacks are still successful
  • XSS is easy to miss
  • Our browsers contain vulnerabilities

Offline breaches are common too

  • Physical records are left, lost or stolen
  • Backups go missing
  • Laptops and phones are taken

We have an opportunity

As users, we want to feel safe and control our identity

but we don't want to think too hard about security and privacy
  • Authentication can and should be SIMPLE and SECURE
  • Identity choice is important
    • Some want to present a consistent persona
    • Others want to experiment with their alter-egos
    • A few want to drop offline completely
  • Verified digital identities are coming
  • We should know what data collected about us and where it is going

What is Mozilla Doing to Help?

  • Persona - Secure, decentralized authentication The Times UK Uses
          Persona for their corssword puzzle
Screen clip from The Times Crossword

What is Mozilla Doing to Help?

More experimentally

How You Can Help

  • Educate yourself
  • Stop writing your own authentication
  • Enable users to make good decisions
  • Allow users to be who they want to be
  • Use trusted third party libraries where possible
  • Only ask for data you really need
  • Purge data that is no longer relevant
  • Treat duplicate copies of data with care
  • Allow users to see and purge data about themselves
  • Use SSL for *any* sensitive info
  • Be transparent

A Million Thanks To

Mary Trombley and Lindsay Kenzig - two of Mozilla's best user researchers. Their hard work made this presentation possible.

Get Involved