CDR: Non-Repudiation in the Digital Environment (was Re: First

Ed Gerck egerck at nma.com
Wed Oct 18 00:08:25 PDT 2000 


Tony Bartoletti wrote:

> > > The problem goes beyond simple impersonation in that the victims
> > > subsequently find it difficult to convince large institutions that
> > > they are who they say they are.   My understanding is that the term
> > > comes from victims' statements that they felt as if their identities
> > > had been stolen.  See http://www.consumer.gov/idtheft/. The question
> > > is relevant here, not as just another parallel question of semantics,
> > > but because exactly how the legal system treats "non-repudiation" can
> > > make the identity theft problem much better or much worse.
> >
> >No. The fact that people like to talk in dumbed down soundbites like
> >"identity theft", instead of using well-established words like
> >"impersonation",
> >does not mean that any legally relevant conclusions can be drawn from the
> >misuse of technical terms like "theft" in the soundbite.
>
> Other choices?
>
>    Identity Theft
>    Identity Pollution
>    Identity Vandalism
>    Identity Assault
>    Identity Misappropriation
>    (Slander in the First Person :)
>
> Would it matter if we substitute "reputation" for "identity".  Is my identity
> (to others) any different than the reputation with which it is associated?
>
> Call it what you will.  If institutions that once recognized me fail now
> to do so, I have lost something-in-general.
>
> Name that something-in-general.

Well, you have not lost it nor has it has been "stolen".  You are simply barred
from using it.  This is the result of impersonation, since now the other person
is the one that has access to it.

The use of "identity theft" instead of impersonation is thus utterly misleading,
even though lawyers and lawmakers are the ones perpetrating such use.  No
legally relevant conclusions can be drawn from the misuse of the technical
term "theft" in the soundbite.

In comparison, defining non-repudiation in terms of protocol messages and
only for protocol messages is, at most, a solipsistic endeavor. However, it is
IMO a most useful one so that others, including lawyers and lawmakers, are
prevented from using it in a perverted way just because RFCs are written in
English.

Cheers,

Ed Gerck

More information about the cypherpunks-legacy mailing list