Here is a draft article by David Post of Georgetown Law Center. He offered it on the Cyberia list and it includes permission to redistribute. I thought it had some interesting ideas on anonymity and pseudonymity, as well as our old bugaboo "reputation capital". I have reformatted it slightly to improve readability but made no changes to the content: Pooling Intellectual Capital: Anonymity, Pseudonymity, and Contingent Identity in Cyberspace DRAFT OUTLINE October 31, 1995 David G. Post [NOTE 1] Most discussions of "anonymity" in cyberspace focus on whether or not to regulate the availability of "untraceably anonymous" messaging functions -- anonymous remailer services and the like -- and the related question of how, in the special circumstances of cyberspace, one might accomplish such regulation). To be sure, this is an important perspective; although we are embedded in a world in which anonymous transactions are pervasive, we have never before been able to manipulate anonymity, or to undertake as wide a range of anonymous transactions, as cyberspace allows us to undertake (and we have, therefore, only begun to think about the implications of being able to do so). At the same time, however, the technology offers, it would seem, new prospects for eliminating anonymous communication, i.e., for requiring (and enforcing the requirement for) completely "traceable" communication. We need, in the first instance, to understand more about the costs and benefits of anonymity in this new environment before we can sensibly talk about the best way to regulate it (or whether to regulate it at all). Harms associated with an anonymous messaging regime include, notably, the inability of "law enforcement" (broadly defined to include both public and private enforcement) to obtain information on persons responsible for harm perpetrated by individual actors; benefits include the ability of individuals to engage in communicative activity without putting any aspects of their "identity" at risk (see below for additional discussion of the reasons for the quotation marks here). My thesis here is that, because of the close links between anonymity and pseudonymity in cyberspace, new elements need to be added to this equation -- primarily on the benefits side. This requires disentangling, at the outset, three related concepts: anonymity, pseudonymity, and traceability. We can define an "anonymous" communication as one in which the message itself contains (and hence the recipient of the message receives) no information regarding the identity of the sender.[NOTE 2] Although there can be truly anonymous messages even in this strict sense -- messages containing no information about the originator -- it makes more sense to talk about anonymity as a continuous rather than a binary attribute (present/absent) of messages: even messages we ordinarily think of as "anonymous," after all, contain some information about the author (e.g., graffiti scrawled on a subway platform informs us that the author was literate, and was geographically located in a certain place within the last x months/years, all of which probably effects a significant reduction in the reader's uncertainty about the identity of the author by ruling out the vast majority of individuals in the world as possible authors). Messages, however, rarely contain a fixed amount of information about the sender's identity; [NOTE 3] the degree to which a message may be considered "anonymous" is rarely (if ever) an inherent characteristic of the message itself. Relevant information about the originator's identity may well often be available, but only at some additional cost. For example, an "anonymous" note slipped under the door may be covered with fingerprints from which, were we able easily to access both a fingerprint reader and the FBI's fingerprint database, we could obtain significant information about likely originators. "Traceabililty" measures the cost of obtaining information about the identity of the sender in addition to the information that is "readily apparent" -- i.e., obtainable at (virtually) no cost -- from the message itself.[NOTE 4] Finally, we can define a pseudonymous message as one that contains information (of varying reliability, to be sure) about the identity of the originator -- the cognizable entity responsible for transmitting the message -- without simultaneously providing information about the actual, biological, individuals responsible for transmission of the message. Pseudonymity, like anonymity, shields aspects of the identity of the "real" actor from view; information that a book was written by "Mark Twain" by itself gives you no more (or less) information about the true identity of the author than does the information that it was written by "Anon." Indeed, if Samuel Clemens had chosen to publish each of his novels under a different pseudonym, that would have been the essential equivalent of publishing all of the novels under the pseudonym "Anon.," or "John Doe." Pseudonymity allows each message to carry additional information, cumulative over time, about the pseudonymous actor; i.e., the difference between pseudonymity and anonymity is that the former, but not the latter, allows the accumulation of reputational capital in the pseudonymous entity. The use of the a single pseudonym "Mark Twain" allowed Clemens to invest a single entity with reputational capital, built up over time and across different novels; "Anon." will not serve that purpose, primarily (if not exclusively) because it is unprotected and used by any number of other authors (many of whom might not be quite as talented as Clemens).[NOTE 5] In other words, pseudonymity, like anonymity, allows individuals to act without putting at risk any aspects of their own, personal identity (including their physical assets, reputational capital, financial capital, and the like); pseudonymity differs, however, from anonymity in that it allows the accumulation of reputational capital in the pseudonymous entity. Both anonymity and pseudonymity are thus forms of "limited liability," and the extent to which they serve that function effectively is determined, in both cases, by whatever traceability requirements are imposed. To illustrate, take the extreme case, e.g., a requirement that all messages contain certain information about specified aspects of the originator's "identity." This would not only eliminate anonymous messages (at least to the extent it could be enforced), but it would make certain forms of pseudonymity effectively unavailable as well; the reputational capital belonging to "Mark Twain" and to "Samuel Clemens" would be identical, and whatever aspects of Clemens' identity had to be revealed would no longer be shielded in the course of any transactions in which "Mark Twain" was involved. Most discussions of "the regulation of anonymity in cyberspace" are really discussions about traceability requirements. The potential benefits and harms that accompany an anonymous messaging regime are directly related not to the availability of "anonymity" per se, but to the availability of untraceable anonymity. I know of no serious proposals, for example, to prohibit individuals from leaving their electronic mail messages unsigned; the hard questions all concern the nature of the traceability requirements that will be put in place in regard to those messages, i.e., how easy or difficult will it be for the recipients of such messages, third parties, or law enforcement officials, to obtain additional information about the identity of the message originator. But traceability requirements will have an impact -- possibly a profound impact -- not merely on the availability of anonymous communication, but on the availability of pseudonymous communication as well. For example, a sufficiently high degree of traceability eliminates both anonymous and pseudonymous messages; requiring all authors to provide information about their "real" identity not only makes it impossible for them to communicate anonymously, it is, in effect, impossible for them to communicate pseudonymously as well. Analyzing the consequences of a "ban on anonymity" in cyberspace needs to take more than the benefits and costs of anonymous messaging into account; it needs to be evaluated in light of the benefits and costs of pseudonymous communication as well, considerations that have received less attention from those looking at these questions. So the question "what is the best traceability requirement to apply to electronic communication" needs to consider not only the harms and benefits flowing from anonymous communication but these additional considerations as well. Because all communication in cyberspace is entirely machine-mediated -- i.e., because the "identity" of the relevant actors in a biological sense is necessarily at one remove from the communication itself -- everyone acts "pseudonymously," at least in the sense that you can only be identified by a stream of bits when you act in cyberspace [NOTE 6]. The prospect for more creative uses of pseudonymous action -- the ability for individuals to pool their individual intellectual capital with great flexibility and with very low start-up or transactions costs, into a wide range of new kinds of actors and entities, each capable of accumulating reputational capital -- is a profound and exciting feature of this environment.[NOTE 7] The "limited liability" metaphor now becomes a bit more useful. Just as limited liability in the corporate context was designed to encourage the pooling of physical and financial assets into corporate entities, assuring investors that their personal assets would not be placed at risk, so, too, should protection against traceability (i.e., protection for pseudonymous action) encourage "investors" to pool their intellectual capital into pseudonymous entities, assuring those investors that only the reputation of the pseudonymous actor, and not their own personal assets, are at risk when the entity acts. This approach probably answers none of the hard questions about the proper scope of regulation; it may, hopefully, lead to a consideration of those questions that need to be answered before any regulatory actions are undertaken. If there are benefits to be gained from the actions of these entities -- if the pooling of intellectual capital into entities leads to new and valuable forms of intellectual undertakings (itself a question open to discussion) -- we should seek to design our rules of limited liability to simultaneously induce "investors" to form these new entities while minimizing the costs that may be associated with their formation? Analyses of corporate limited liability are useful analogues for this inquiry; when should "piercing the veil" of pseudonymity be permitted or required? Can we disaggregate the various aspects of personal identity that should receive more, or less, protection from disclosure? ************************************************ NOTES. 1. Visiting Associate Professor of Law, Georgetown University Law Center, and Co-director, Cyberspace Law Institute. Email: Postd@law.georgetown.edu or DPostn00@counsel.com. Permission is hereby granted to freely copy and distribute this paper; please retain the "Draft" designation as well as attribution to the author. 2. I use "information" in the information-theoretic sense, in which information is measured as a reduction in uncertainty; that is, a message that contains information about the identity of the sender is one that, by definition, lowers the recipient's uncertainty concerning the identity of the sender. 3. "Identity," of course, is not a static, context-less piece of information, but is, rather, a complex cluster of characteristics attributable to an individual, subsets of which may be more or less relevant in particular contexts (and information about which may be differentially transmitted in particular messages). Consider the graffiti again -- even assuming that this may be an "untraceable" message, in what sense is it an "anonymous" one? The reader may obtain a great deal of information relevant to (certain aspects of) the originator's "identity" -- information about the originator's political views, perhaps, or familiarity with certain historical events. On the other hand, the original message provides no information (i.e., it is "anonymous") with regard to the originator's state of domicile (or where the originator went to school, or how many children the originator may have -- all attributes relevant, in other contexts, to the question of the originator's "identity"). And while we ordinarily think of "identity" in the context of individual biological persons, that is far too restrictive a view. Consider my receipt of an (unsigned) notice from the Department of Motor Vehicles, or an (unsigned) advertising flyer from my local McDonald's restaurant. Each of these messages is "anonymous" in one sense: I obtain virtually no information about the "identity" of the (biologically-relevant) individual who typed the notice or otherwise caused it to be transmitted to me (if indeed there is any such person). But it is hardly anonymous in another (and probably more significant) sense: the letterhead clearly identifies the "identity" of the more relevant actor (the DMV or McDonald's). The relevant actor here, i.e. the DMV or McDonalds, has a reality unconnected with the physical "identity" of any of its individual constituents (employees, officers, etc.); indeed, a notice from the DMV that is mistakenly placed on non-letterhead stationery (but that is signed by the typist) surely has less reliable information about the originator's "identity" than the reverse (i.e., an unsigned note placed on DMV letterhead). 4. Traceability itself is highly context-dependent, insofar as both the cost of obtaining additional identification information, and the value of that information in reducing uncertainty regarding identity, will vary, possibly greatly, from one situation to another. It may, for example, be relatively easy for a law enforcement official to obtain information regarding the identity of the individual who placed a particular phone call; the same information may be prohibitively difficult for other individuals to obtain. Traceability is also affected by the (1) whether or not relevant identification information exists in the hands of third parties (i.e., parties other than the originator and recipient), (2) the third party's duty (or lack of a duty) to keep the information secret, and (3) the ease with which disclosure can be legally compelled (by process, subpoena, etc.). 5. Anonymity can thus be regarded as a subset of pseudonymity, with the critical difference being, for my purposes at least, that pseudonymity allows the accretion of reputational capital in the pseudonym. 6. This stream may have a high degree of traceability -- if my electronic mail address is "Postd@law.georgetown.edu," for example, there at least appears to be information allowing the message to be traced to a real individual (though query, as always, how reliable that information may be). Or it may not -- the use of a screen name on America Online, or, in the extreme, the use of anonymous remailers. 7. Examples: the Cancelmoose; the Cyberspace Law Institute. 8. I use "regulation" in the broad sense, to include not only State action but the "regulatory" activities of e.g., individual system operators. 9. Note, in this regard, that protecting the "limited liability" features of pseudonymity does not necessarily mean that harms imposed on third parties by pseudonymous entities must go unredressed (as is the consequence of limited liability in the corporate context); because reputational capital is not transferable, i.e., is not useful for the purpose of compensating victims of harms perpetrated by pseudonymous entities, redress can be achieved by exposing individuals' financial assets, though not necessarily their personal identities, to risk when the pseudonymous entity acts, and there are various insurance and authentication/certification regimes that I will discuss to accomplish this.