Line Dancing

I Saw It On the Internet So It Must Be True

I Saw It On the Internet So It Must Be True

Understanding Confirmation Bias

When you see a story on the Internet that matches what you already believe, it feels true. Right. Everything you’d expect to see in the world. And when you see a story that doesn’t match your beliefs, you’re more likely to be skeptical and doubt the veracity of the information. That’s what confirmation bias is all about. It’s about confirming what you believe, whether or not it’s actually true.

According to Psychology Today, confirmation bias “occurs from the direct influence of desire on beliefs.” It makes sense, really. Who goes around thinking, “I’m wrong! I’m wrong!”? If you think you’re right, you’ll naturally tend towards information confirming your beliefs. Technology LOVES to enable that for you!

How Technology Makes Confirmation Bias Worse

Confirmation bias isn’t new, but technology today makes it easier to experience. Content providers like YouTube and Instagram want you to spend time on their sites. The more time you spend with them, the more money they make. And they encourage you to spend that time by feeding you stories or posts related to what you’ve viewed and spent time on in the past. (We talked about this in our post on Information Silos.) The more times you see posts that align with your beliefs, the more confirmation you’ll receive that your beliefs are true.

Technology does more than just guide us towards material it thinks we’ll want to see. The sheer amount of information out there means people have to make pretty hard choices about what they pay attention to. The World Economic Forum recently reported that people spend an average of 2.5 hours a day on social media. Expand that to just surfing the web, and that goes up to an average of 7 hours a day! With that much information flowing through our devices into our heads, is it any wonder people will key into what makes them feel better about what they think they know?

So what, though? Why is it a problem that the Internet confirms my belief that cats are gods and rule the world? As long as that’s as far as it goes, it isn’t. Unfortunately, there is a lot of evidence that confirmation bias feeds more than viral memes. It also feeds extremist viewpoints and scary organizations. 

What Can You Do About Confirmation Bias in 5 Minutes

  • Rather than searching for information that matches what you know, try looking for information to refute the idea. For example, don’t just search for the “best.” Also, try the corresponding search for the “worst.”
  • Before you share a post or an idea online, stop for a second and ask yourself whether you’d still believe and share this information if the opposite was published by the same experts and sources?

What Can You Do About Confirmation Bias in 15 Minutes

  • Rather than trying to prove something to be true, spend a few minutes trying to prove it false, either by searching for different terms or becoming your own “devil’s advocate.’
  • Spend time looking through the sites listed on Media Bias/Fact Check and pick at least one news source outside your usual preference. 

What Can You Do About Confirmation Bias in 30 Minutes (or more)

  • You can do this one by yourself or with a team. Try running your belief through an exercise called the Six Thinking Hats. This technique takes a while to work through, but the idea is that you approach solving a problem or thinking through an idea in six different ways: structured, creative, positive, emotional, critical, and factual. The point is to do all six because they’ll each allow for exploration of a different facet of the topic. By the time you’ve gone through all six, you’ll be closer to a more well-rounded truth than you were before.

Wrap Up

Confirmation bias isn’t a technology problem, though technology definitely offers the perfect environment to feed this way of thinking. As long as you’re aware of it and willing to step back when needed, you can go on being quite certain that cats are gods. After all, you saw that truth on the Internet – it must be true!

Posted by heather in Communication, Line Dancing, 0 comments
Your Digital Body: Bias and Biometrics in Tech

Your Digital Body: Bias and Biometrics in Tech

What can possibly be more uniquely you than your physical body? Fingerprints, iris patterns, voice… These (and more) are what biometrics is all about. Biometrics are generally used in two ways: to determine if a person is who they claim to be or to find out who a person is by searching a database.

Believe it or not, the use of biometrics as a means of identification has been documented back nearly 4,000 years ago, when Babylonians used fingerprints to sign contracts. Since then, fingerprints and other forms of unique physiological data have been used to identify individuals for a variety of reasons, such as to identify criminals or to authorize access to a resource like a document or a physical location. With modern computers (including smartphones and tablets), it is easier than ever to automatically take a complex image and compare it in detail to an image on record. Sounds pretty much perfect… or does it?

Bias in Biometrics

True story: a friend of mine tried to use one of the automated passport scanners to get through customs. It kept telling him that it didn’t see his face for a photo, even though he could clearly see himself on the screen. The officer minding the queue walked over and put a piece of paper over my friend’s head to add just a bit of shade, and suddenly everything worked. My friend is white and bald, and the glare from the overhead lighting on his head tricked the software into thinking his face wasn’t there. 

There are lots of stories out there about biometric-based services unable to handle dark skin tones, light skin tones, congenital disabilities, transgender faces, and so on. Much of the earlier modern bias resulted from the use of very limited datasets that contained more of one type of image than any other. For example, a database might have thousands of fingerprints to use for testing purposes, but they would include just one skin tone for the hands. Or a database might have a million faces, but mostly from middle-aged white males. Anyone that fell outside the parameters of what the developer tested for might be identified as “not white,” but uniquely identifying them would fail. 

The good news is that, at least when it comes to biased datasets causing havoc, there are efforts to improve the space. This has been a particularly important area of research for Artificial Intelligence and Machine Learning (AI/ML) and organizations like the Organisation for Economic Cooperation and Development (more commonly known as the OECD; think high-powered, treaty-based, international organization) have guidance for how these types of systems should be designed. Microsoft, a company that does quite a bit with AI, has some pretty extensive guidelines and governance as well. So there is hope and some established guidelines out there. These guidelines, if followed by everyone, would greatly improve the computer bias in this space.

Other weaknesses of biometrics

If everything works as intended, biometrics are a great way to uniquely identify yourself to a computer. As long as no one does something gruesome to steal a body part, it’s all you, right? Well, sort of. The problem is that yes, your fingerprint (or face print, or iris pattern, or whatever) is on your physical body, but as soon as you scan it to be used for identification and access, it becomes an electronic asset. And as we all know, electronic assets can be hacked and stolen. Some call this the ‘fatal flaw’ of biometrics.

Back in 2019, a data breach of a company called Suprema exposed records affecting 1 million people, including fingerprint data, facial recognition data, face photos of users, unencrypted usernames and passwords, and more. And when those kinds of records are stolen, it’s not like you can actually change the information. You can change a password or PIN code, but you can’t (practically speaking) change your fingerprints. In those cases, all you can do is participate in identity theft prevention programs that will at least prevent new accounts that involve things like credit checks from happening without lots of hoops to jump through. All credit agencies have these kinds of programs (here’s one from Experian, and they’ll communicate things like fraud alerts to the other big credit agencies like TransUnion), as do some government agencies.

What you can do in 5 minutes

  • Make sure that the devices that are using biometrics have an alternative way to access the device, like setting a passcode for when facial recognition doesn’t work.
  • Use that passcode every once in a while so you don’t forget it!

What you can do in 15 minutes

  • Sign up for a credit monitoring service that will keep an eye out for when and where your information might be exposed in a data breach so that you’ll know when to take further action to prevent accounts from being opened with your information.

What you can do in 30 minutes

  • Interested in really learning more about the challenges of biometrics? Read this fascinating pre-print study submitted to the IEEE Transactions on Technology and Society to learn more!

Wrap Up

Biometrics are pretty cool, and if your accounts are using them as part of your login process, that means you’re using multi-factor authentication (MFA). You get a gold star! But, alas, biometrics are not perfect and while your physical attributes are yours, once they have been turned into bits and bytes on a computer, they can be stolen and used. 

If you have a choice between biometric MFA or no MFA, go ahead with the biometrics. If you have a choice between some other factor–like an authenticator app–and biometrics, go with the authenticator app. No technology is perfect, so the goal is to make it harder for hackers to get to your accounts rather than impossible.

Good luck! It’s a crazy world out there.

Posted by heather in Data Security, Topic, Subject Level, Line Dancing, 0 comments
Identifying Deceptive Communication: Deepfakes

Identifying Deceptive Communication: Deepfakes

From the cute visuals of the first full-length CGI animated movie (Toy Story in 1995) to special effects so realistic (I’m looking at you, Ex Machina, an Academy Award winner for Best Visual Effects Movies), it can sometimes be nearly impossible to knowwhat’s real and what isn’t. But that’s the unfortunate reality of modern technology: we create powerful tools that can be used for both good and bad. Welcome to the shady world of deepfakes.

What is a Deepfake?

Currently on Merriam-Webster’s Words We’re Watching list, deepfakes are described as: “a video that has been edited using an algorithm to replace the person in the original video with someone else (especially a public figure) in a way that makes the video look authentic.”

Gee, what possibly could go wrong?!

Sometimes, deepfakes are created purely out of fun, like the whole TikTok channel dedicated to Tom Cruise deepfakes. But sometimes, there is an agenda behind deepfakes to sow confusion, distrust, and doubt. For example, there are deepfake videos on both sides of the Ukrainian conflict that fall in that category. Because of real-life threats like this, schools like the University of Washington have developed entire courses dedicated to identifying all sorts of misinformation in online sources. It’s definitely not as easy as it used to be. 

Is It a Deepfake?

Norton, maker of a very popular antivirus software, has a fifteen point list around how to identify deepfakes. Unnatural body motion and weird postures are on the list, but so are things like:

  • Teeth that don’t look real. (Are individual teeth visible?)
  • Unnatural eye movement. (Did they blink?)
  • Misalignment of audio and video. (Does it look like a poorly dubbed old spaghetti western movie?)

Interestingly enough, the technology behind NFTs is something that could help clear up whether an image or video is a deep fake by keeping an immutable record of the origin of the files in question. When the image and all its metadata are stored in a blockchain, any further changes will be explicitly stored such that anyone can see the history of who, what, where, and when the image file was created and added to the blockchain.

Artificial Intelligence (AI) is another area that’s being explored to help control the deepfake problem. Several of the big tech giants are working on having AI identify deepfakes. Ironically, it’s AI and its sibling, Machine Learning, are what often generate the deepfakes in the first place. This adds a whole new dimension to cyberwarfare and computers fighting computers.

Pop Quiz!

So, think you can figure out which images are deepfakes and which aren’t? Microsoft has a fun online quiz you can take to see how well you do in identifying these types of images. Or, for even more fun, you and your friends can work through an escape room game called the Euphorigen Investigation, a project co-developed by the CIP, the Technology & Social Change Group at the UW Information School, and other partners.

Why We Care

The existence and growing prevalence of deepfakes is a huge problem. When it becomes too hard to figure out what’s real and what’s not, the safest choice is to assume it’s all not real and nothing can be trusted. People cannot make informed decisions when there are no trusted sources of information. Even where deepfakes are relatively obvious, their existence sows general distrust in the information available. 

There are a variety of fact-checking sites out there (here’s a good list) that can help, and it’s worth taking a moment both to find a reputable fact-checking service AND to make sure it has solid ratings with regards to political neutrality.

Good luck out there, and don’t forget to check your sources!

Posted by heather in Communication, Line Dancing, 0 comments
Information Silos – the First Click Down a Rabbit Hole

Information Silos – the First Click Down a Rabbit Hole

Human behavior, at a grand level, is often fairly predictable. While you’ll find exceptions for every single rule out there, for the most part, people want to be comfortable. They want a decent place to sleep (for their definition of decent). They want enough to eat (for their definition of enough). They want to feel safe (for their definition of safe). There’s an interesting theory called Maslow’s Hierarchy of Needs that touches on all of this, but what we’re going to focus on here is how people prefer to engage with other people like them. 

There are so many examples to point to of this kind of behavior. Ethnic neighborhoods in cities. University fraternities and sororities. Hobby groups like book clubs or knitting circles. People find comfort in being with people they feel like they understand. They like hearing messages that affirm what they believe. And that’s not always wrong. It’s not always right, either, but right and wrong aren’t the point. The point is, people LOVE this kind of thing. Not just in physical reality, but also in virtual reality. Media companies, advertising services, political parties, lobbyist organizations, they love it, too. They find this basic human tendency to want to be with like-minded people and have like-minded ideas validated absolutely the Best Thing Ever.

In previous posts, we’ve talked at a high level about how tracking happens on the web. And tracking is a part of building information silos. Tracking, however, doesn’t necessarily mean following you as you surf the web. It can also be a single company, following what you choose to see on their own site. The purpose of these platforms is to get you to spend lots of time there. The more time you spend, the more money they make. And they get you to spend time there by showing you what you, comfort-loving human that you are, what you want to see.

It’s not always about money, though. China is probably the most common example of when and how governments can get involved in building information silos. In those cases where censorship is a real and pervasive problem, the information silos are about explicitly controlling behavior by controlling information. 

But let’s get back to the drive of capitalism; government control and censorship is a topic for another time. When we’re talking about Western Culture and capitalism, it all boils down to making money. And keeping you on a single platform means that platform shows you all the advertisements, gets all the subscriptions, and generally makes out like a bandit.

YouTube has been studied quite a bit when it comes to how they tweak their services to show you what you (probably) want to see. Of course, a human isn’t on the other side of your screen, quickly flipping through content and deciding that you, Alice, would really like this cat video. They have a computer figure all that out, and computers make decisions using algorithms. Think of it like a whole lot of “if this, then that” decisions. A digital image is a bunch of dots. Where the dots are located, what colors they represent, all of that can be turned into numbers. Those numbers are then matched to say “this is like that” – that’s how pattern matching works. A computer can get pretty darn good (though not perfect) at matching cats to more cats. A digital image is also more than a bunch of dots. It also has information that says who uploaded the image, how they described the image, when the image was taken, and quite possibly. All that information is fed to the algorithms so it knows what it has to work with.

So, you have a big database of information about content. What other kinds of information can be added to this data soup? Ah, yes! Who has actually looked at the content in the past! Just like an image is more than dots – it’s the wide variety of information about what, when, where, and who uploaded the image – a visitor to the site is more than a single statistic. A visitor quickly builds a profile about themselves, starting with the information of what brought them there. 

I’m pretty sure my first visit to YouTube was to find bird videos for my cats, and to this day, the first thing YouTube shows me when I follow a link back to their platform is another video of birds for cats. In an effort to keep me on the site, there will always be bird videos for cats. And, hey, since I like cats, I will probably like videos about cats, too. I’ll probably also like videos about people who train cats to do tricks. Hours later, I am thoroughly enjoying all things cat, I have a cat on my lap watching the screen with me, and I have suffered through countless pet food commercials.

Which, for me, is pretty harmless. But it isn’t always. There has been some interesting research about how this kind of algorithmic content matching takes people down really ugly rabbit holes. These rabbit holes are extremely disturbing to me, but can be so validating to someone else. I have my silo of liberal, cat-loving people. They have their silo of conservative, end-of-world preppers. And without research, I’ll never have any idea of what kind of information they are hearing over and over and over again, because that’s not going to show up in any of my online content feeds. 

Information silos are good for business. Think about it: why on earth would a content platform want to make you uncomfortable? You won’t ever visit them again! You’re here for entertainment and comfort, not to be constantly challenged by stuff you think is absolutely insane (and not in a good way). 

Information silos are not, however, good for societal empathy. It’s a lot harder to understand the other side of the story if you never see it. And if you’re in a silo, anyone from outside who challenges the information that you’ve already decided makes you happy and comfortable has an uphill battle to get you to change your mind.

It almost sounds like an unwinnable scenario, but at least in this case there are a few easy, actionable things you can do.

  • Easy step: Follow a service like Ground.News that explicitly shows a variety of news stories and what political leanings those stories come from. More than once I’ve said “huh. If that’s what the people in that other information silo are reading, no wonder they’re making those bizarre decisions!”
  • Less easy step: Regularly watch the news of your least favorite popular news source. I’ll admit, I struggle with this one because it makes me crazy. But it’s very effective in helping understand other viewpoints (even when I vehemently disagree with them).
  • Hard step: Go international. If you see a news article on war in some foreign country, go look for how the news is being reported elsewhere. Are you getting the same information in the U.S. that is being shown in France? What’s being reported in the English language version of the newspapers in Malaysia? It’s fascinating what’s considered important outside your silo.

Information silos are absolutely a thing. They are a comfortable thing. They make day-to-day living a lot simpler. They give you what you want. And there’s nothing wrong with that… as long as you realize that a) you are in a silo and b) you really need to leave that silo every once in a while.

Good luck! It’s a big world out there.

Photo by Jim Witkowski on Unsplash

Posted by heather in Communication, Line Dancing, 0 comments
All About Memes: Origin, NFTs, Identity Theft, and More

All About Memes: Origin, NFTs, Identity Theft, and More

Ahhh, memes. Those funny images that go viral on social media. Would you be surprised to learn that the concept of a meme predates the Internet? It’s true. So then, just what is a meme?

The word “meme,” according to, was coined in 1976 by the evolutionary biologist Richard Dawkins to describe the cultural transmission of ideas. The latest definition is as follows:

  1. an element of a culture or system of behavior that may be considered to be passed from one individual to another by nongenetic means, especially imitation.
  • a humorous image, video, piece of text, etc., that is copied (often with slight variations) and spread rapidly by internet users.

You could argue that memes are actually a concept far older than the word itself. Case in point: folklore. The main purpose of folklore is to share ideas across generational and social boundaries, very much like memes, and that activity can be documented as far back as 6,000 years ago. WAY older than the Internet!

The First Modern-Day Meme

Enter the first modern Internet meme:  Baby Cha-Cha-Cha

Now whether it’s actually the first is open to debate, but the Dancing Baby is most commonly known to be the first viral video on the Internet. Since memes are an expression of culture, exactly what you might think of as a meme will vary as culture evolves. Baby Cha-Cha-Cha is a great example. In its day, it was absolutely a meme, a resounding new idea that spread everywhere and expressed the crazy design possibilities of the Internet. Today? Eh. Where are the catchy words to go along with it? The phrase that will make it the perfect amount of snark?

Memes, Copyright, and NFTs

If you create a meme, and it goes viral, you become rich, right? Nope. You probably won’t get bragging rights either since people will have no idea where the meme came from once it spreads fast enough through the interwebs. 

Memes generally fall under the heading of “fair use” when it comes to things like copyright protection. Public Knowledge has a great article that describes the whys and wherefores of that, but at the end of the day, creative expression that takes an image and turns it into something new (new meaning, new interpretation, new insight) will almost always fall under fair use.

This is a good moment to point out how owning a meme and NFTs can overlap: 

Artists create things, but once their thing is sold (and sometimes even before that), they lose all control over that asset. If the asset is resold, the original artist usually doesn’t see any commission. An NFT can serve as a receipt that makes sure that every future transaction gives the artist some additional compensation for their creation. This is a potential game-changer for artists, but it’s not perfect. (Learn more about NFTs in this post.)

Artists (and let’s assume that people who create memes count as artists) have already started exploring selling their memes as NFTs. The idea of owning the original digital file of a meme is compelling to some. One of the challenges here, though, is that owning the original digital file does not necessarily give you copyright ownership of it, and it doesn’t mean you own any of the copies. The idea of NFTs as a way to give artists more control over their work has merit, but the idea hasn’t quite worked the bugs out. 

Memes and…Identity Theft?

And what about memes and identity theft? As cute as they are to see in your media stream, those little image files can contain malware—code that can help a hacker compromise your computer or mobile device. They can also encourage you to respond with personal information. How many times have you seen a meme like “Porn star name generator!” with a list of crazy names next to various dates? It is hilarious and absurd. It is also data harvesting with an eye toward identity theft.

Some memes build on a picture of a person who will forever be associated with that one image. Decades later, when a potential hiring manager does a search on their name, it’s still that one image that somehow defines them for the rest of their lives. The image of Disaster Girl is a perfect example of that. Zoë Roth was a child when that photo was taken over twenty years ago, and yet, that’s her legacy as far as the Internet is concerned. 

So, Why Should You Care?

Memes aren’t going to go away, nor should they! They are hilarious and they express information in ways words can’t. They’re fun to see, fun to use in presentations, and fun to have as shorthand to express agreement, disgust, sarcasm, and support; they are just that powerful a form of expression.

But this wouldn’t be the Identity Flash Mob blog if we didn’t have a few suggestions for you to keep yourself safe online, even where memes are concerned.

  • If someone sends you a file that you don’t expect, don’t open it. If it’s someone you know, ask them to send you the link where they got it, or at least where they created it (if they’re the originator).
  • If you are posting photos of yourself online, either lock down the permissions as to who can see them or accept that someone might pick up that image and run with it in ways you never imagined. 
  • If you are posting photos of your children online, really, really lock down those permissions. Please. Your child will thank you when they’re older. If you can’t resist sharing the cute, listen to or read the transcript of this excellent Vox podcast.

With that, it’s time to go see what new creative memes have been created. Catch you on the flip side! 

Photo by Brooke Cagle on Unsplash

Posted by heather, 0 comments
Security in the Metaverse: What You Need to Know Now

Security in the Metaverse: What You Need to Know Now

Ahh, the metaverse. Depending on who you ask, it is either an impressive evolution of the online experience or a poorly defined marketing ploy. And, at least for now, there isn’t just one metaverse, which has lots of implications for how to protect yourself from one to another  Regardless of how many there are or what side you take on whether any of them will succeed, you can sum up the idea like this:

The metaverse is almost like a parallel dimension—it blurs the lines between the physical world that you and I know and the virtual world…like artificial reality and cryptocurrency. –  from IFM’s metaverse blog post

Wouldn’t it be fantastic if we could plan for digital identity and security in the metaverse even while the metaverse is still being figured out? When the Internet was first designed, it missed the boat when it came to building in digital identity and security. Everything we know about how to verify someone’s identity online was added long after the bones of the Internet were set. 

Owning your security in the metaverse

The old saying is, “On the Internet, no one knows you’re a dog.” In the metaverse, no one will know if the “person” they are interacting with is really a person or a computer simulation. Creating digital accounts is really pretty easy. Making them realistic is just as easy, as humans don’t do a good job of protecting their personal information. Birthdates, location data in photographs, responses to Internet memes—it’s all out there waiting to be used to either hack existing accounts or create new ones that look like a real person for the purposes of fraud or harassment

Several of the companies working on their version of the metaverse hope to include identity and security by using Web3 technologies like blockchains that guarantee the uniqueness and ownership of a piece of information online. Which is good as far as it goes, but it doesn’t go far enough (yet). NFTs, built on supposedly secure Web3 and blockchain technologies, have already seen their fair share of fraud despite the technology. Still, we’re in the early days of figuring out how to make NFTs and Web3 long-term useful ideas, so there may be something there. Or not. We’ll see.

Regardless of whether fancy new technology will try to come in and save the day, you as the human actually have a lot you can do to help make your experience more secure. The good news is that what you can do to secure yourself in the metaverse are the same things you should do to protect yourself online today:

  • Control the information you share online (and don’t respond to silly memes, no matter how much you want to know what your name should be on the next royal wedding invitation).
  • Use good passwords. (We have a post about that.)
  • Never assume that the new person you’re talking to is who (or what) they say they are. 

Authenticating when you’re already there

Let’s look at where the metaverse is closer to reality: virtual reality! Those companies already branching out into metaverse products, like VR meetings or immersive games, now have to figure out how to authenticate users in VR (remember, use good passwords!). They could try and go old-school and have someone type on a virtual keyboard…except most users will only be using the VR headset. So, what are they supposed to do? A laser pointer at a virtual keyboard, hunting and pecking for each key? Uh, no. There are always biometrics, of course. Retinal scans, voice scans, fingerprints…But each of those needs a fallback for when the physical reality means biometrics aren’t feasible

No problem! Let’s make the VR device itself be your password! That actually has some promise and is an area already being explored, but there are still issues with how to handle shared devices (as anyone with more than one kid can tell you when it comes time to share the game controllers) as well as the reality that gamers rarely sign in as themselves. Also, the idea of moving away from traditional passwords is not without its challenges. Hacks are still possible (drat those hackers!), and there are questions as to whether it’s even a good idea to tell users to just “trust the magic” of what they don’t see.

At the end of the day, there’s just a lot that needs to be explored to make the metaverse a more safe and secure experience for everyone. 


The metaverse is expected to be THE online experience of the future. Right now, it seems like it is not only inheriting the security flaws of the Internet, but it’s coming up with new ones all on its own. CNBC has a great article on what kind of dangers are being introduced, which is scary, but it’s also an opportunity. We know the dangers (at least, we know some of them) which means we can plan for them. 

Posted by heather in Web3, Data Security, Line Dancing, 0 comments

The Anatomy of a ‘Persona’

What is your persona? Well, before you can even answer that question, we’d need to assume that you understand what exactly we’re even talking about—because it’s certainly a lot more than a person’s personality. Rather, in the digital context, personas are little bundles of information that are gathered about you and grouped together to create a ‘you-shaped’ digital representation that is used to try and predict what you will do in certain situations. The goal, of course, being to influence that outcome. Some version of this happens in real life too. (Have you ever been sized up by a really good salesperson?) However, the breadth and depth of creating these digital personas can have long-standing implications to nearly every aspect of our lives.

Image extracted from an interactive session conducted by Identity Flash Mob in March of 2022. It contains several overlapping rectangular areas, each labeled with roles such as sibling, parent, friend, volunteer, provider, learning, and so on. within the boxes are small round avatars (that look like playful monsters) that were used by participants to indicate the roles that they play.
IN REAL LIFE (IRL) ROLES – Mozilla Festival 2022, The Context of You – The Many Facets of Your Digital Identity

In real life (IRL) we each assume different roles as we go through our days. At an interactive session during the 2022 Mozilla Festival, we asked participants to note the roles that they play.  For example, in the image above, the person using the orange avatar to represent themselves selected five different roles that they identify with:

  • Sibling
  • Mentor
  • Volunteer
  • Consumer
  • Provider

These roles are examples of the “faces” that we wear in specific situations—we assume these roles to help us adapt to and be successful in these situations. They ensure that we are acting appropriately, assuming the right level of assertiveness, “looking the part” that we are assuming, and much more. You’re not a different person in these cases; you are just being selective in the moment about how you are presenting yourself. 

In real life being selective about what you present works pretty well. That information might be interpreted in a continuum between two extremes: 

  • THE FIRST TIME MEETING: When someone is meeting you for the first time, the information that you present to them at that moment becomes their whole picture of you. Each new piece of information helps to fill in the gaps to form a more complete picture. Things that they particularly like or dislike are more likely to be remembered more strongly. As a result, you often are able to influence others’ impressions of you based on what you present, particularly when you take into account what reactions you perceive from the receiver of this information.
  • THE LONGER TERM RELATIONSHIP: If someone has known you for a long time, they will take the information that you are presenting at the moment and compare it to all of the other things that they know about you. If it matches their current ideas about who you are, those ideas are reinforced, otherwise it is discounted.  It would take quite a bit of unmatching information to change what they already think about you.

But, the digital world is different in two significant ways. First, you usually have limited choice in what you present in a digital transaction. And second, the information that you provide can be combined with information from other sources to try and influence your behavior in the moment. Consider the difference between buying something in person vs online.

In PersonOnline
Purchasing powerYou might pay by cash which indicates your ability to buy the item, but not much more.your choice of payment may convey if you might be able to buy more based on if you used one of those convenient payment plans or purchased with a platinum credit card
Where you liveOne can tell where you are shopping, but generally doesn’t know where you liveYour purchase must be sent to you so your address is shared. 
What you look likeHeh – it’s in person. They can see you.But, don’t think that online is blind to how you look. By combining your address information with generalized demographic information and purchase statistics available for that location for a small fee (that many retailers pay), it is likely that you are revealing plenty of information about your gender, race, age, etc even if you don’t explicitly provide it.
What you like and don’t likeIf you browse a store, someone would need to follow you around and take notes about what you considered buying before you made an actual purchase. This would be expensive and unwieldy to do.Online every search and item that you look at are captured and cataloged inexpensively and efficiently. They can be contrasted to your purchase choices, not just for this purchase, but for every purchase made at this online store and sometimes at others.
Non-purchase infoMaybe you shopped at a small local business where the store owner knows you and your family, and maybe you have chatted about pets, vacations, and more.An online store may also know this information, but not because you told them any of it. Sites that capture information about you give away, buy, and sell information with other sites and data sources to get a similar depth of knowledge of you, even if the info has nothing to do with your purchase.

Why? Personas in Marketing

In the 1950s, Wendell Smith advanced the field of marketing to incorporate the economic concept of “segmentation”, the practice of dividing your target market into approachable groups based on demographics, needs, priorities, common interests, and  behavioral criteria. (Dr Smith’s paper is publicly available.) This idea took flight by the mid-1970s when an academic marketing science research group centered around Wroe Alderson started talking about market segmentation as a way of both tying marketing investments to sales revenue, and as a way of guiding approaches to target marketing strategies to specific groups of people. Today, every course on marketing includes a discussion of segmentation. 

Each market segment is expressed in terms of a “persona”, a description of a fictitious “sample” person from the segment. These descriptions are used by companies to make decisions about the needs of this persona and what marketing messages would resonate. Real people are then grouped and seen through these lenses. You can see an example of a marketing persona below.

An image of a Persona that was created by Reboot and the Wikimedia Foundation. It describes "Femi" a 35-year old Engineer from Lagos, Nigeria. He has a high awareness of Wikipedia and high access to the internet. He has high digital confidence and moderately high economic status. The devices Fermi uses are an iPhone 6, blackberry Z10, iPad, and Macbook Air. The primary use, network, apps used and other details are included for each. A 6-paragraph biography is also included. The text in the image is too small to be easily read.
EXAMPLE OF A MARKETING PERSONA – Reboot and the Wikimedia Foundation, CC BY-SA 3.0, via Wikimedia Commons

An Example: The Norah Jones Problem

There are many music services these days that will create playlists for you based on what you like to listen to. The idea is that they profile the music that you listen to, and present other music with similar profiles for your listening pleasure. Many years ago, I discovered that, no matter what I started listening to, music by Norah Jones would end up in my playlist. I have nothing against her beautiful voice – it’s just that, to me, the music profile of her songs do not match that of the songs that I was listening to. I had been assigned the “Norah Jones Persona”, and just like in middle school when you get a nickname that sticks even though your last name isn’t actually pronounced that way, I don’t seem to be able to shed this assigned persona.

When your choices are A) buy this item online because you can’t get it locally (and have the transaction be tracked), or B) do without (and avoid the tracked transaction), you really may not feel that this is a choice at all and may go ahead with the transaction. As a result, information about the transaction will be collected and stored, including things like what you bought, your credit card number or other purchase identifier, perhaps an account sign in, your computer’s IP address, maybe a history of what else you searched for during that transaction, and more. That recorded transaction may be grouped with other transactions that match similar characteristics. Sometimes that information provides insight about the object purchased such as ‘of all of the things searched, product A is the most popular.’ And, sometimes that information provides insight about you such as ‘this person usually buys blue items when there is a choice.’ A computer algorithm might assign you the “Blue Lover” persona, even if you only bought blue things because all of your favorite colors had been sold out. Alas, now you too have the Norah Jones problem.

This A Big Deal

This sticky assigned persona could just be a minor annoyance or it could have significant repercussions when used to discriminate, punish, exclude, target, surveil, or if the data are used with an unintended context or in a way that the data subject objects to.

In the 1990s, Latanya Sweeney, Ph. D. wrote and defended her PhD thesis about a then-emerging field of study, Data Privacy. (The next week she was testifying before the US congress about this topic!) Through simple experiments, she found that seemingly anonymous data that was publicly available could re-identify a person with just three pieces of general information with a high (97%) degree of certainty. If you hear Professor Sweeney speak, it’s hard to NOT want to learn more about how this significant use and aggregation of data into personas impacts civil rights, credit reporting, health privacy, equal employment, elections, and more. If you have 30 min, I highly recommend watching one of her fantastic talks.

So, what can we do?

This is another question that we posed in our interactive session during the 2022 Mozilla Festival. The participants provided GREAT answers. Look out for our “What can you do to control your persona” resources soon. In the meantime, enjoy these suggestions from the conference participants:

Question1: What strategies can we use to control our persona? Sticky Note Responses: 1. use a spammer email, and phone number; stop clicking on "like"; don't post locations and limit cookies? 2. Set boundaries on who can access your profile (e.g., reviewing who can friend/follow you, set account to private, only share limited personal info); 3. Deploy tracking systems; 4. Use tools such as browser extensions, privacy oriented apps, etc.; 5. Sandbox your browsing and use; 6. Use GDPR to understand what’s collected and why; 7. Switch devices; 8. SSI and related technology; 9. Not sharing identity
Question 2: What rules of engagement should be in place? Sticky Note Responses: 1. Consumers should have the option to opt in or out; 2. Be transparent about who else has your data 3. Obligations on consumer councils and to some extent human rights bodies; 4. Regulation that is easily understood by all members of society; 5. Genuine oversight; 6. Transparency; 7. Clear laws; 8. Modern norms; 9. Modern expectations
Question 3: Who needs to be involved to affect change? Sticky Note Responses: 1. Everyone needs to play a part in this for it to be successful but everyone needs to understand exactly what it is first so that they will participate, 2. Consumer bodies! Definitely!; 3. Everyone!!; 4. Policymakers; 5. Developers; 6. Citizens; 7. Designers; 8. Companies; 9. Public entities
MANAGING PERSONAS – Mozilla Festival 2022, The Context of You – The Many Facets of Your Digital Identity
Posted by Laura Paglione in Personas, Line Dancing, 0 comments
So, About Those NFTs…

So, About Those NFTs…

NFTs, or Non-Fungible Tokens, are almost as popular to talk about as cryptocurrency these days! But where crypto has at least some analogy to the physical world (it’s all about the forms money can take), NFTs are an entirely different kettle of (virtual) fish. NFTs are about establishing a virtual asset that is unique in and of itself and has no interchangeable equivalent.

Coming back to one of my favorite resources, Investopedia, they say:

“Non-fungible tokens or NFTs are cryptographic assets on a blockchain with unique identification codes and metadata that distinguish them from each other. Unlike cryptocurrencies, they cannot be traded or exchanged at equivalency. This differs from fungible tokens like cryptocurrencies, which are identical to each other and, therefore, can be used as a medium for commercial transactions.”

A great definition, but that’s only if you know what “cryptographic asset,” “blockchain,” “fungible,” and “cryptocurrencies” mean. Let’s start there.

  • Cryptographic asset: A digitally expressed piece of information that uses cryptography such that it cannot be copied or duplicated
  • Blockchain: A technology in many ways like a database that has pieces of itself distributed across the internet that cryptocurrencies use to support their claim of being uber-secure and highly resistant to fraud.
  • Fungible: This basically means mutually interchangeable with another item. A dollar bill is a fungible asset—any one modern dollar bill (or bitcoin) is completely interchangeable with another modern dollar bill (or bitcoin).
  • Cryptocurrency: See more about this in our previous blog post. We describe crypto “as defined by Investopedia … is “a digital or virtual currency that is secured by cryptography, which makes it nearly impossible to counterfeit or double-spend.”

Back to what that means for an NFT: an NFT is a unique digital record for an object. You can buy or sell the NFT, but you can’t make duplicates of it, nor can you change it. And if you do buy or sell it, the original record gets a note that the exchange happened. Every future exchange adds another note, thus keeping the full record of everything that’s happened to that unique digital record.

The technology that enables this is called a blockchain, which as described above is a very special kind of technology that has no single, centralized “home” where all the data is ultimately stored. Blockchains are (often) decentralized, and everyone who engages with that blockchain is part of the process to validate the addition of any new information (or block) to the chain.

Now let’s talk a bit more about what you can do with an NFT. One popular use case is that of artists. Artists create things, but once their thing is sold (and sometimes even before that), they lose all control over that asset. If the asset is resold, the original artist usually doesn’t see any commission. An NFT can serve as a receipt that makes sure that every future transaction gives the artist some additional compensation for their creation. This is a potential game-changer for artists, but it’s not perfect. Here’s where we touch on some of the biggest misunderstandings in the NFT world:

The NFT is the receipt. It is not necessarily the actual item. Someone can create an NFT for a digital or physical object; that does not necessarily give the purchaser the right to have and hold that object. They may just have some percentage of the object or, in more nefarious situations, they may have been sold something the creator of the NFT has no right to actually sell. And for digital objects, assigning the object an NFT does not mean that all copies of that object are magically associated with that NFT.

Think of it this way. You have a photo on your phone that you received fantastic feedback on from your friends when you posted it to Instagram. You decide you want to make it into an NFT so you can sell it. You can do that … but all those copies already out there, which are visually indistinguishable from the original, are not protected. Don’t confuse an NFT with copyright!

That said, you may still have questions. After all, SURELY something that has net a person $3 million US dollars (way to go, Jack Dorsey of Twitter) must be something big! Right? Well, to be honest, I can’t explain that. The problem content creators like artists have when it comes to being fairly compensated for what they do is a problem. And if the world were a fair and reasonable place where NFTs would magically make the assets the NFT provides a receipt for somehow different (like different in appearance, or different in how people might see them online) then maybe this would justify the NFT craze.

The NFT is the receipt. It is not necessarily the actual item. Someone can create an NFT for a digital or physical object; that does not necessarily give the purchaser the right to have and hold that object.

Alas, the world is not a fair and reasonable place. Today’s use of NFTs often enters into the realm of the absurd. What many people are hoping for, however, is that NFTs will provide a powerful mechanism in the world of Web 3 to encourage more content creation with fair and enforceable concepts of ownership and compensation. 

If you’d like to watch a particularly entertaining skit on NFTs, Saturday Night Live recorded a fun session on it. If, however, you’ve got time and want a really deep dive into a skeptic’s view of NFTs, there’s a two-hour video on YouTube for you. Still, never let it be said that there aren’t some really strong voices out there in favor of NFTs: read about Animoca’s success in the NFT economy.

And if what you’d really like to do is to start investing now, well, as ya like. You might want to talk to your financial advisor.

Photo by Shubham Dhage on Unsplash

Posted by heather in Web3, Line Dancing

Cryptocurrency: Creepy…Or Awesome?

Crypto. Blockchain. Digital Currency. Bitcoin. From the front page of the New York Times to Reddit posts, lots of terms are floating around that most people know have _something_ to do with money and tech, but they aren’t quite sure of the details. And, given the host of ads that ran in this year’s Super Bowl, people are bound to become even more crypto-curious.

If you are one of them, this article is for you. We’ll start with a list of some of the more common words used in the media, and then talk about what this all actually means for the world today.

  • Crypto used to be (and still is in some circles) short for cryptography, the study of making communications between two parties absolutely secure (there’s usually a lot of math involved). But these days, crypto is almost always about cryptocurrency.
  • Cryptocurrency, as defined by Investopedia (great resource if you’re not already familiar with it), is “a digital or virtual currency that is secured by cryptography, which makes it nearly impossible to counterfeit or double-spend.”
  • Digital Currency, coming back again to Investopedia, is “a form of currency that is available only in digital or electronic form. It is also called digital money, electronic money, electronic currency, or cybercash.” Some organizations in this space insist that there is a difference between digital currency and cryptocurrency, saying the former has national backing in the same way that governments back the euro, the dollar, the peso, and so on. They see the latter as outside any government backing, so you’re on your own if you invest in the cryptocurrency space.
  • Bitcoin is one expression of cryptocurrency, and is currently the one with the biggest market share in the crypto space. 
  • Ethereum is another big name you might hear, and it is a cryptocurrency like Bitcoin, holding quite a bit of the market share itself.
  • Blockchain is not a cryptocurrency. It is a technology like a database is a technology, though in this case it is a technology that cryptocurrencies use to support their claim of being uber-secure and highly resistant to fraud.

So now you have some basic terms, and for the sake of this article, I’m going to hold that  “cryptocurrency” includes digital currency backed by governments and cryptocurrency backed by anyone else.

Cryptocurrency is definitely a concept that’s making waves in the world, and more than with just the geeky crowd. There are entire countries getting involved in this space and making it a financial reality to be reckoned with. n an individual level, popular financial management companies like Betterment and Personal Capital are offering cryptocurrency options as part of their investment portfolios. Crypto is _everywhere_.  

OK, fine, but is it really REAL? I mean, how real can it be if it isn’t a physical asset, and it isn’t backed by gold, silver, or a government’s promise? Well, let me ask you a different question: Why do you believe the piece of paper in your (physical) wallet has value? Probably because when enough people believe in the value of crypto, the perception becomes a reality. When people stop believing in it, you have something like a bank run, and if you get enough of those, you can entirely trash a nation’s (or even a world’s) economy (there’s some interesting research regarding bank runs and the Great Depression, if you’re interested in some ‘light’ reading on economic theory—ha!).

Ironically enough, cryptocurrency started to take off as a popular topic of discussion around 2017, as the first big ‘bubble’ formed and then burst. Bitcoin dropped 65% of its value in 2018 to about $3500 per bitcoin, and everyone was talking about it. Enough people talked about it that they (apparently) got very excited about buying these new, speculative thingies while they were on “sale” due to the crash. Now Bitcoin is back up to being worth about $44,340. It’s an amazing rollercoaster of speculation.

As with all market speculations, you’re going to find people who believe Very Strongly in the thing they are buying. You’re also going to find people who believe Equally Strongly that it’s a scam. And, you know what? They’re both going to be right. Cryptocurrency has value as long as people believe that it does. Enough people currently believe this is the future of the finance industry that they’ve convinced governments to ride the wave, providing further apparent legitimacy to the idea. And, like every market-driven enterprise, the value will go up and down in cycles—it is no more a “sure thing” for investment than gold. (Example: Do a search on “can never go wrong buying gold” and you’ll find as many articles suggesting “never do it” as you will articles about how great of an idea it is to buy gold.) If you’d really like to geek out on the technology behind cryptocurrency and how some people argue that it’s better than humans at determining monetary policy, this article in Wired might be for you. 

Finally, just a note, this article is to offer you a quick reference for the key terms you’ll see in articles about the crypto space. It is not financial advice; your acceptance of risk in your investments is all up to you. But as with everything covered by IFM, we hope you’ll find our information helpful in making informed decisions!

Photo by Jp Valery on Unsplash

Posted by heather in Web3, Line Dancing, 0 comments
But How Did They Know? How Ad-Tracking Actually Works

But How Did They Know? How Ad-Tracking Actually Works

Now you’re probably thinking, “how on earth did all those sites know about my interests like that? And what else is using that information about me as I surf the web?” 

Friends, here’s what you—and your online identity—need to know.

It involves (among other things) cookies, decorations, and auctions.

First, let’s talk about cookies! …

Not all cookies are bad—nothing is ever quite that simple in the world of technology. They also make things like logging into a site work so that you don’t have to login again… and again… and again… every time you go to a different part of that site.

What can you do about this? Every web browser has a place in their preferences that lets you turn off cookies. If you like, you can do that, but be warned. You’re paying for your privacy by giving up some of the whizbang features on the web. You will have sites that say “we won’t work if you don’t feed us cookies!!!” 

Ah, cookie crumbs: They’ll let a tracker follow you everywhere, but they’ll also make logging in a lot easier.

Verse 2: Making Web Addresses Attractive… for Advertisers

OK, so maybe you have put your browser on a diet and are willing to pay the price of privacy. Lots of people who really don’t want that kind of tracking to happen do that. But cookies aren’t the only way to track a user. There is also something called “link decoration.” This lets a site learn what brought you to them. Was it an email campaign? A content aggregator like Pocket?

Here’s what link decoration looks like: 

So, that link tells the Seattle Times that I visited their site because I followed a link from their Morning Brief email list, and that I am an active subscriber. They’ll be able to tick their own marketing box to say “Yep, looks like email campaigns work with this one! Let’s do more of those!”

Just like cookies, though, link decoration is used for more than just tracking. It has important, legitimate uses for some pretty common authentication services, too. But wait, there’s more! This feature is also used for lots of search functionality.

Link decoration: It’s about letting the websites know what worked to get you in the door so they can do more of that, but it’s for stuff you need, too.

Verse 3: The Advertising Auctioneer

And now to blow your mind a little bit, let’s look just a bit into how specific ads from specific companies are put in front of you. This is the magic of something called Real-Time Bidding! This only works because the Internet is blindingly fast for most, especially compared to the days of old-school dial-up connections. The activity goes like this: 

  1. You visit a website. 
  2. The website has a space on it for an ad. 
  3. That space includes a piece of code that says “go to this ad exchange network, and take information about this website AND information about the user (either via cookies, or any uniquely identifying information about their web browser and how it’s configured) AND the physical location of the user ‘cause their phone knows that and send it all to the ad exchange.” 
  4. The ad exchange has a list of advertisers who have preloaded information on what they’re willing to pay to promote their ad based on specific criteria about the website, the user, and even who the user is physically close to. 
  5. The ad exchanger immediately figures out who wins the auction and returns the winning ad to be embedded in the website. 

All this takes milliseconds

Real-time bidding: the Internet is fast enough to stream movies… and to sell targeted ads in real time.

Coda (wrap up)

Here’s the thing. I don’t know about you, but I personally don’t care if the advertisements I see on the web relate to things I might actually be interested in. I’d rather see ads about cats than I would about diapers, for instance. (I really hope I don’t start seeing ads about diapers for cats now.) However, I do very much care if my information is used to target me for hacker attempts or political manipulation. The techniques used by legitimate advertisers to target ads are exactly the same as other groups might use for more nefarious purposes. The technology can’t tell the difference. So, because I care more about the possibility of bad actors than I do whether I see diapers for cats, I’m going to care a lot about how to protect my privacy on the web. 

If you’re reading this and vigorously nodding your head, here’s how to take back control of your online privacy. 

  1. Look at the configuration settings for all the web browsers you use and really think about the privacy and security options.
  2. Think twice about clicking on a link in an email. Instead, go ahead and type in the direct web address instead of letting a link take you there.
  3. Use a private or incognito window when you can so it clears out any cookies or history at the end of the day when you close the browser window. (And close that browser window Every. Single. Day.)

Photo by JESHOOTS.COM on Unsplash

Posted by heather in Surveillance, Line Dancing