Roger Clarke's Web-Site

© Xamax Consultancy Pty Ltd,  1995-2024
Photo of Roger Clarke

Roger Clarke's 'The Digital Persona 20 Years On'

This version has been superseded. Go to http://www.rogerclarke.com/ID/DP12.html


Promise Unfulfilled:
The Digital Persona Concept, Two Decades Later

Review Draft of 17 August 2012

Roger Clarke **

© Xamax Consultancy Pty Ltd, 2012

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at http://www.rogerclarke.com/ID/DP12-120817.html


Abstract

The term 'digital persona' was coined in the early 1990s to refer to models of an individual's public personality based on data and maintained by transactions, and intended for use as a proxy for the individual.

During the intervening 20 years, the concept has achieved only moderate impact in the academic literature, and less in industry and government. Two extensions to the theory are presented, one placing the concept more clearly within a comprehensive theory relating to human identification and authentication, and the other distinguishing hidden from open personae.

Systems that deal intensively in personal data have variously been driven and enabled by new information technologies. A succession of IT industry schemes seeking to manage identities have experienced considerable difficulties. It is argued that the problems the industry has encountered derive from failure to reflect the insights offered by the theory of the digital persona.


Contents


1. Introduction

In 1992, I coined the term 'digital persona', outlined initially in Clarke (1993a, 1993b). It was examined in depth in (Clarke 1994a), which appeared in a Special Issue of The Information Society (10, 2), on 'The Digital Individual' (Agre 1994). The purpose of the term was to provide an unambiguous way of referring to data collections about individuals that are sufficiently detailed to be used as a basis for decision-making in lieu of dealing with the individual themselves: "the digital persona can be monitored with thoroughness and frequency, and surveillance extended to whole populations" (Clarke 1994c).

The 20th anniversary of the term's coinage is an appropriate time to assess whether the term, and more importantly the concept, have entered the mainstream. Have they fulfilled the role of a meme, in this case to encourage understanding among consumers and business enterprises, and among citizens and government, and to influence business practices and public policy?

The paper commences with a recapitulation of the original concept. It then traces relevant developments in information technology and in politics since the early 1990s, as a prelude to an assessment of the term's adoption and use during the intervening two decades. Key developments in relevant theory are identified, in particular in relation to a comprehensive theory in support of 'identity management', and 'hidden personae'. The paper concludes with an outline of some actual and potential responses to the negative impacts of dataveillance phenomena.


2. The Original Concept

The context in which the term was coined was set by two earlier articles. One article documented the switch in surveillance techniques from physical and electronic means towards surveillance of individuals through the data trails that they generate. The term 'dataveillance' was coined, to refer to "the systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons" (Clarke 1988). (A later paper that distinguishes the various forms that surveillance can take is Clarke 2009c).

The second contextual article examined the nature of human identity and the identification methods used by organisations (Clarke 1994b). This explained the linkages among data, identities and human entities which underpin dataveillance techniques.

The 'digital persona' notion explained how dataveillance is enabled by an organisation's power over data rather than through observation of the individual themselves. The term was defined as follows (Clarke 1993a, 1994a):

"the digital persona is a model of an individual's public personality based on data and maintained by transactions, and intended for use as a proxy for the individual"

The Oxford English Dictionary declares the etymology as being classical Latin 'persona', meaning mask, character, role. A key reason for preferring it to the various alternatives was Jungian psychology. To Jung, the anima is the inner personality, turned towards the unconscious, and the persona is the public personality that is presented to the world: "The only persona that Jung knew was that based on appearance and behaviour. With the increased data-intensity of the second half of the twentieth century, Jung's persona has been supplemented, and to some extent even replaced, by the summation of the data available about an individual" Clarke (1994a).

No earlier and comparable uses of the term 'digital persona' have been uncovered. However, as with most neologisms, the meme was 'in the air' at the time. Other terms used in the very early 1990s to refer to the idea included 'data shadow', 'virtual identity' and 'epers' (from electronic persona - Karnow 1994). Fittingly, many of the fictional treatments pre-date my own instrumentalist analysis. The idea can be detected at least as far back as 1974 in John Brunner's 'Shockwave Rider', then as a 'construct' in William Gibson's 'Neuromancer' - "a hardwired ROM cassette replicating a ... man's [sic] skills, obsessions, knee-jerk responses" (Gibson, 1984, p.97) - and later as a 'recorded personality', and as 'partials' and 'ghosts' in Greg Bear's 'Eon' in 1985.

The key article was Clarke (1994a), referred to in the remainder of this paper as 'the original 1994 paper'. It distinguished a number of important characteristics of digital personae, which give rise to several category-pairs. They are brought together in Exhibit 1A.

Exhibit 1A: Categories of Digital Personae

Category
Description
informal persona
a persona based on human perceptions
formal persona
a persona constructed on the basis of accumulations of structured data
  
projected persona
a persona controlled by the individual it is associated with
imposed persona
a persona controlled by someone other than the individual it is associated with
  
passive persona
a persona that comprises data alone
active persona
a persona that has some capacity to act, on behalf of, or in substitution for, the individual it is associated with, cf. a software agent
  
public persona
a persona that presents a commonly-held, composite image of a person who is presumed to be well-known (e.g. Marilyn Monroe, Marshall McLuhan) or of an archetype (e.g. 'action man', 'drug mule', 'psychopath')

It is intrinsic to the notion persona, and to the notion digital persona, that an individual may project many of them, in order to "present themselves differently to different individuals or groups on the net; or at different times to the same people; or at the same time to the same people. One projection may reflect and provide close insight into the person's 'real personality', while other personae may exaggerate aspects of the person, add features, omit features, or misrepresent the personality entirely" (p.81). Many reasons were identified as to why individuals would want to adopt multiple personae, including to reflect their multiple real-world roles, to exercise artistic freedom, to protect against real or imagined risks, to experiment, to fantasise, and to commit fraud.

Imposed digital personae, controlled by others, were already familiar in such forms as the databases of financial services organisations and myriad government agencies. Projected digital personae, on the other hand, were at that stage limited to curricula vitae expressed in the then newly-available facility of Web-pages.

At the time, such active digital personae as existed were projected, in such forms as email-filtering rules and news preferences. The prospect was identified, however, of "imposed, active digital personae [enabling] people's interests or proclivities [to] be inferred from their recent actions, and appropriate goods or services offered to them by the supplier's computer program using program-selected promotional means" (p. 83).

The examples of 'public personae' offered included celebrities (at the time: Zsa Zsa Gabor, Elizabeth Taylor, Pierre Trudeau, Ross Perot and Donald Trump) and archetypes (the practical joker, the sucker who always takes practical jokers' bait, the 'wild idea' generator, the moral crusader).

The original papers identified a number of specific problems with the use of digital personae, especially of imposed, formal personae. A digital persona is a model - which is a simplification of a complex reality; and because it is incomplete, its use embodies a risk of mis-judgement. A digital persona is constructed from multiple sources, and because those sources are imperfectly compatible, 'artefacts' may result, i.e. unwarranted inferences may be drawn about the individual associated with the digital persona. It was noted how the kinds of procedures typically applied by government agencies created considerable risks for atypical, idiosyncratic and eccentric people (Marx & Reichman 1984, p.436), and made no allowance for a wide range of extenuating circumstances.

A further danger arises from the fact that a digital persona is not directly linked with a human entity, and hence the risks exist of associating a persona with the wrong person, and of adding new data to the wrong persona. In the case of identity fraud, such results are contrived, most commonly in order to achieve a financial advantage.

A particular focus of the initial paper was the use of digital personae as weapons of surveillance, against the interests of the individual - possibly to the benefit of society, but more commonly to the benefit of organisations. Many such uses were surreptitious, and hence the means whereby the digital persona was accumulated - such as access to data held by other organisations, including data matching - were obscured as well. A weakness in the original article was its failure to extend this analysis to identify a further category-pair. This omission is overcome by the addition of the definitions in Exhibit 1B. The overt / covert distinction will be further developed in a later section of this paper.

Exhibit 1B: Additional Categories of Digital Personae

Category
Description
open or overt persona
a persona whose existence, content and use are known to the individual who is associated with it
covert or hidden persona
a persona whose existence, content or use is / are not known to the individual associated with it


3. Developments - 1992-2012

The intervening two decades have seen substantial change. This section briefly highlights some key developments relevant to the digital persona, and to dataveillance more generally.

3.1 Technological Developments

In 1992, the world was only in the early phases of the digital revolution. That revolution comprised the elements outlined in Exhibit 2. It is now largely complete.

Exhibit 2: Elements of the Digital Revolution

In 1992, the proportion of the population that had an Internet presence was very small. From the mid-1990s onwards, billions have gained access to the Internet, have projected digital personae in such forms as 'nicks', 'handles', game personas, online bios and web-sites, blogs and micro-blogs/tweet-streams, and have been subjected to imposed digital personae. Since c. 2004, social media services have harnessed narcissism and voyeurism to greatly increase the volume of data that is captured.

As computer graphics improved, avatars emerged. The word originally referred to a manifestation of a Hindu God, but it was expropriated to refer to a visual representation of any persona - spiritual, physical or digital. Terminological confusions have arisen. It is now necessary to make clear that digital persona and avatar are distinct notions, with an avatar related to a digital persona much as a glyph is to a letter of the alphabet. There is generally more than one glyph for a particular letter - 'a' and 'A' in this font alone - and there may be many (or indeed no) avatars for any given digital persona.

There has been an ongoing increase in the variety of sources of data that is absorbed into digital personae. An important example is that transactions that had hitherto remained unidentified through the payment of cash have become identified through the use of loyalty card schemes, and more recently through reductions in the minimum amounts for which credit-cards and particularly debit-cards can be used, the removal of authentication steps such as the entry of PINs (which slowed down card-based transactions), and the introduction of contactless cards to enable even more rapid identified payment, on the move.

A crucial new form of data that is now being captured is location and tracking data, which is associated with a great many of the large numbers of economic transactions that people engage in each day. This is being added into digital personae - resulting in an enormous increase in their value for surveillance (Clarke & Wigan 2011). Moreover, the catchment has been extended beyond economic transactions to social activities, as social media companies have encouraged people to post text, audio, image and video, and associate with the data not just their own identity, but also their companions' names.

The explosion in the volume and intensity of data capture has been exacerbated by greatly reduced barriers to access by many organisations, achieved variously through legislation and by imposing permissive terms of service. There has been enormous pressure to liberalise access to categories of data that have long attracted very strong protection, such as information about conversations and conversation-partners (in telephony jargon, referred to as 'call records'), and even the content of messages, particularly of email.

There has also been an increasing tendency to deny nymity, by associating digital personae directly with the individual human entity, through the imposition of biometrics. This has occurred with passports, and with visas, among a range of employers, and even as a condition of entry to some social venues. Biometrics technologies rely on fuzzy matching, and a great many quality factors conspire to create errors, give rise to false positives and false negatives, and force trade-off between them. Hence masquerade, and mistaken associations between digital persons and physical persons occur even when biometric entifiers are used.

The problem has been exacerbated by the laxness of privacy oversight agencies, many of which have failed to enforce laws relating to excessive or unjustified collection of personal data, even in the case of particularly sensitive data such as not only biometrics, but also driver licence and passport data, all of which have great potential as enablers of identity and entity fraud. Similarly, data protection commissioners in those countries whose laws include an Anonymity Principle have failed to enforce it.

The digital persona meme has made further appearances in sci-fi literature, in such forms as 'copies' in Greg Egan's 'Permutation City' in 1994, and 'dittos' in David Brin's 'Kil'n People' in 2002. As humans become augmented by technology and become cyborgs, the digital persona notion has needed some reconsideration (Clarke 2005a, 2005b, 2011). If robots ever live up to their promise and convincingly move beyond the factory floor, yet further adaptations may be necessary to the theory of the digital persona.

3.2 Political Developments

Technological change to some extent drives developments, a phenomenon sometimes referred to as 'technological determinism'. To a considerable degree, however, technology is merely an enabler for initiatives whose drivers lie elsewhere, reflecting the natural desire of organisations to harness new capabilities in order to fulfil their missions. The two patterns can be mutually reinforcing, resulting in 'creep' in the mission-scope of some organisations in response to changing technologies. This sub-section highlights some important areas of such changes that are relevant to the theory and application of the digital persona concept.

The private sector has been very active in so-called 'Customer Relationship Management' (CRM) - or 'Consumer Relationship Manipulation' as the cynical retronym has it. The data-gathering has been facilitated by highly permissive Terms that marketers have imposed on consumers, generally with at best the merest token of consent. The intensive profiles of each individual's prior behaviours has been applied to the manipulation of consumer behaviour through targeted and timed advertising. This had been described at least as long ago as Packard (1964). See also Hanson & Kysar (1999). This has been despite the availability of alternative, more positive approaches to the marketer-with-consumer relationship (e.g. Kelly 1998, Levine et al. 2000).

The legal protections against use and disclosure have proven to be highly porous, with the result that a great deal of personal data is shared, gifted and traded among organisations. There has been a strong emphasis on the consolidation of individuals' multiple personae, and on denial of the freedom to interact separately with different organisations. This has involved the correlation of government identifiers and use of the pretext that 'real names' policies reduce anti-social and abusive behaviour.

A further development has been public-private partnerships, which blur the distinction between data compulsorily acquired by government agencies and data gathered, more or less consensually, by corporations from their customers. A major area of application has been toll-roads, the vast majority of which have reversed the historical position and currently deny anonymous use of public thoroughfares.

A related development is the application of Automated Number Plate Recognition (ANPR) technology to mass surveillance, most notably in the UK and Australia (Clarke 2009a), but also in the USA and Canada. Attempts have been made to supplement this source with data acquired from sources such as toll-road operators, car-park operators and parking infringement schemes.

In the public sector more generally, increased data intensity and consolidation of citizen data has been apparent among social control agencies, in such areas as taxation, social welfare administration, and nationalised health insurance and health care data systems, in recent years referred to as 'eHealth records'. A diverse range of justifications have been used, including administrative efficiency, control of waste, control over fraud, control over anti-social behaviour, public safety, road safety, and counter-terrorism. As each new 'idea in good standing' emerges, the collection and exploitation of citizen data has been hitched to it. For example, global warming has been enlisted, on such grounds as the need to identify energy-profligate consumers, and the likelihood of hordes of climate change refugees creating social and economic problems.

There have been attempts in many countries to establish national identification schemes, or expand existing inhabitant registration schemes. These have been in many cases unsuccessful, variously because of the intrinsic challenges and popular opposition, and in some countries multiple attempts have been serially unsuccessful. 'Progress' has been achieved in Malaysia and Finland, with world's best / worst practice in Denmark.

Among the most aggressive assaults on citizens' data have been responses to terrorist strikes, primarily those in 2001 (USA), 2004 (Madrid) and 2005 (London), although with some reinforcement particularly from Bali (2002) and Mumbai (2011). The opportunity has been grasped by national security extremists to recover from their Post-Cold War malaise, to the extent that, in many countries in the nominally free world, far greater intrusions into civil rights have been enacted since 2001 than ever existed in the period 1946-1990. For example, during the 6 years 2001-07, Australia passed scores of statutes expanding powers and reducing controls and accountability (PAPL 2007).

Given the explosion in data-gathering, use and disclosure since the concept was introduced, it would be reasonable to expect that the theory of the digital persona would have been applied, criticised, enhanced and extended.


4. Application of the Concept - 1992-2012

Great as the need may have been for the term 'digital persona' to become mainstream, it has not set the world alight. During its first 20 years, the primary article garnered only about 150 Google citations. To place that in context, however, there appear to be no more than 5 references in the surveillance arena that have more than 500 Google citations, and perhaps only 20 with more than 200. The publications that appear to be the primary current references are identified in Appendix 1.

In order to gain insight into the extent to which the notion has informed and assisted subsequent work, the following analyses were undertaken, and are reported on below:

  1. examination of publications that cite the original paper
  2. examination of other publications that use the term 'digital persona', in a manner closely compatible with the concept, but without citing the original 1994 paper
  3. examination of uses of alternative terms that refer to concepts closely related to the digital persona
  4. examination of web-pages that sorted high in a general Google search
  5. examination of media publications using the term 'digital persona'

4.1 Publications Citing the Original Publication

Google Scholar identifies c. 150 publications that cite the original paper. These were examined, with a focus on those that satisfied the following conditions:

This resulted in the identification of 21 significant publications, listed in Exhibit 3. The majority of the identified publications apply the concept in a particular context, and only a few contribute to the theory of the digital persona. Most consider only the imposed digital persona. Of greater concern is that none of the papers consider more than one or two aspects of the concept. Moreover, four of them - van der Ploeg (1999, 2003) and Wen et al. (2009) and Ma et al. (2011) - drastically reduce the notion, by referring to it as a singular, linked directly to the physical individual.

Exhibit 3: Well-Cited Publications That Cite Clarke (1994a)

Reference
Context
Citation-Count
Burkert (1997)
Privacy-Enhancing Technologies (PETs)
96
van der Ploeg (1999, 2003)
biometrics and privacy of the physical person
35, 68
Phillips (2002)
protection of sexual identity
24
Dodge & Kitchin (2004)
identification codes as tools of surveillance
59
Kim (2004)
'co-active' social control mechanisms
17
Zwick & Dholaika (2004)
consumer marketing
62
Simon (2005)
theoretical treatment of the panoptic
66
Banaves & deLuca (2005)
education
3
Koch & Möslein (2005)
identity management
35
McAlpine (2005)
university candidates' electronic portfolios
8
Nilakanta & Scheibe (2005)
description of an intermediary intended to enable consumers to control their own digital persona
0
Hildebrandt (2006)
theoretical analysis of the relationship between privacy and identity
25
Notoatmodjo (2007)
a framing concept in a thesis on Personal Password Security
10
Dennis (2008)
self-surveillance
14
Rubinstein at al. (2008)
data mining
42
Leenes (2008)
intellectual property law
5
Mordini & Massari (2008)
body, bioethics and identity
12
Wen et al. (2009) and Ma et al. (2011)
an architecture for a naive, comprehensive, singular, imposed digital persona
7, 7
Taekke (2011)
theoretical treatment of the digital panoptic, including Latour's 'inscription' and 'immutable mobiles' concepts
1

4.2 Other Publications Using the Term

The second approach adopted was the examination of publications that use the term 'digital persona' in a manner closely compatible with the concept, but without citing the original 1994 paper. In July 2012, Google Scholar identified about 1,000 publications in total. Only those publications were considered that satisfied the following conditions:

Application of this procedure identified a further 9 publications, listed in Exhibit 4. Almost all of them applied the concept as part of a broader frame of reference and within a particular context. A few of the articles provided some amount of theoretical criticism or theory extension, but few were focussed on those kinds of contributions. A number noted that the term was a foundation concept underlying the subsequently-emerged field of 'identity management'. The 2003 US Patent is noteworthy mainly in that it attempts to claim as an invention a number of ideas that were key parts of the Platform for Privacy Preferences (P3P) initiative of a World Wide Web Consortium Working Group in 1998-99 (Clarke 1998, W3C 2002).

Exhibit 4: Publications That Use the Term but do not cite Clarke (1994a)

Reference
Context
Citation-Count
Froomkin (1995)
anonymous payment
54
Henman (1997)
policy relating to the administration of social welfare
13
Kelin (1999)
a thesis on the implementation of an active digital persona
2
Beard (2001)
property rights in a digital persona
44
US Patent 6,581,059 (2003)
description of an active digital persona
22
Liu & Maes (2004)
generation of digital personae from 'personal texts' / natural language
33
Saebo et al. (2009)
social networking services
11
Ball et al. (2010)
an active digital persona in eHealth
8
Clark (2010)
teaching the composition of digital rhetoric
10

Less comprehensive scans were also undertaken of the concept in the computer science literature, and in the applied world of identity management software and services. These have generally failed to reflect the richness of the concept of the digital persona as expressed in the 1994 article. This has been a factor in the poor-quality support that computer science artefacts have provided to the people who depend on them. Many instances exhibit the worst of both worlds - dysfunctional design, but also harm to the interests of the individuals concerned. The public is having deficient models imposed on them, particularly in the all-too-common, maximally-naive form of a singular digital persona directly linked to a human entity. This has the effect of denying the individual the opportunity to create and maintain multiple identities projecting only parts of themselves.

4.3 Uses of Alternative Terms

The third analysis involved examination of uses of alternative terms that refer to concepts closely related to the digital persona. These were identified as a by-product of literature research at the time and subsequently, including during the preparation of this paper.

Exhibit 5 identifies eight such terms, together with the publication in which they appear to have originated. One term is used occasionally in a vague sense, but without any apparent underlying source. Another predates 'digital persona', and one is contemporaneous with it, while the remaining five emerged subsequently - and in four cases the publication cites the 1994 digital persona paper. In none of the eight cases does it appear that the concept to which the term refers has been examined closely, nor is any comprehensive theory put forward.

Exhibit 5: Terms Related to Digital Persona

Term
Origin
Citation-Count
virtual identity
origin lost, and its effectiveness confounded by many other, competing uses
?
dividual
coined in a 4-page philosophical piece that offers ambiguous obscurity rather than any usable definition: "The numerical language of control is made of codes that mark access to information, or reject it. We no longer find ourselves dealing with the mass/individual pair. Individuals have become 'dividuals', and masses, samples, data, markets, or 'banks'"
Deleuze 1986 / 1990 / 1992
807
epers
the electronic persona
Karnw 1994
40
shadow order
"the electronic memory-traces of mass society"
Bogard 1996
360
(for a wide-ranging book)
data double
"various concatenations of personal data that, like it or not, represent 'you' within the bureaucracy or the network ... the ongoing life of the data doubles now depends upon complex information infrastructures"
Lyon, 2003b, p.22
155
(for the relevant chapter)
capta shadow
capta (cf. data) are "facts that those constructing the database decide to `take' given that they cannot record or store everything"
a 'capta shadow' is "capta that uniquely represents people, objects, information and transactions"
Dodge & Kitchin 2004
59
databased self
"manipulable digital profiles of the inmate ... enabling a variety of deductive operations on individuals as elements of a known population"
Simon (2005)
66
Cyber-I
"a comprehensive digital description of an individual human in the cyber world ... the counterpart of the real individual in the physical world"
Wen et al. (2009) and
Ma et al. (2011)
15

4.4 Web-Pages from a General Google Web-Search

The fourth approach adopted in order to detect impacts of the concept was to examine the sources that sorted high in a search using Google's catchment area and precedence algorithm. Google's services are highly unreliable and unstable, but the mere fact that they are much-used makes Google the prime candidate for a test of popular impact. The fact that over 1 million hits are found suggests that the term has had some popular appeal. However, (at least when a search is conducted from within Australia), one other page precedes the 1994 article, and that is a US biometrics technology provider that has adopted the name for both the company and some of its products. Suppressing hits containing "Inc." reduced the count by 40% to 600,000, and further suppressing hits containing "fingerprint" reduced it by a total of 70% to 300,000.

An example of a use directly in line with the original intention is in a 'manifesto' published by a movie-producer in conjunction with his work 'Article 12' (Biain & Vaduvescu, 2010): "By Constitution, we have been granted freedom, the right to freely express ourselves and have control over our personas, and the same should apply to our digital selves. A new man - the digital man - has arisen and its emancipation depends on us. Writers, artists, philosophers, and many specialists in this field are talking about this transition and the powerful transformation we are facing. The way of being in this parallel world requires that we embrace technology and aspire for the better, but not without protecting our human rights and human dignity, both for our physical and digital personas".

Another aspect of relevance is a number of references to 'digital persona' in the marketplace for 'digital immortality' (e.g. Schneiderman 2012). On the other hand, a further indication of the 1994 article's limited impact is that Wikipedia mistakenly redirects the term to avatar - which is a graphical representation not a persona, and is a representation of any persona, digital or otherwise.

Further, as if seeking to confirm the negative tone sounded by the original article, a marketing company, zangbezang, uses the term digital persona to refer to its "complete and powerful customer view for each individual customer, derived from converging historical mobile data with contextual personal & social data to deliver meaningful, real-time and actionable insights ... [It is] the aggregate of information that defines each individual consumer's characteristics, interests, activities, habits and transactions across the operator, social network and mobile device domains [promising the consumer] targeted insight into their needs".

4.5 Media Publications Using the Term

A further indicator of the extent to which the meme has penetrated public consciousness is mentions in the media. Google News, which searches on a sub-set of the Google search-engine's catchment, provides a somewhat unreliable snapshot of the last month's media, and a highly unreliable and varying archive of media mentions in the recent past. It is, however, a readily-available and convenient tool that provides some sense of media usage of the term. In late July 2012, Google News appeared to identify 63 mentions in the last month. On inspection, however, the 65 collapsed to 32, and all but three were spurious, apparently deriving from the pseudonym of a business reporter.

Of the three, one was a report in an Italian newspaper on the conference on 20 July 2012 which stimulated this paper.

The second article referred to the increasing difficulties for undercover operatives to maintain "their false personas" (Heath 2012): "Memo to all budding undercover spies: start creating your second (false) digital persona the day you're born - you'll probably need it. Oh and only get photographed with the people that you plan on going under-cover with". The article is seriously deficient when assessed against the 1994 theory, in that it makes the (to national security extremists, conventional) assumptions that every person is limited to a singular digital persona, and that any other persona is 'false'.

The third article was a review of a new game for the iPhone and iPad called Mind of Man, which "[reveals] the dark side of your digital persona. By analyzing your text and behavior on Twitter, including your flaws and antisocial tendencies, the game creates a unique avatar known as a 'MindPrint'. This avatar is then pitted against your friends and favorite celebrities" (Farr 2012). Although populist, the article is not greatly inconsistent with the theory of the digital persona advanced in the 1994 paper.

Google News purportedly found 325 news reports in its archive containing the phrase 'digital persona'. However, that search only permitted display of the first 100, which dated back to April 2008. A few publications related to the biometrics company or its product. However, most used the term in a manner reasonably consistent with the 1994 conception, with the most common error being to confuse it with the concept 'avatar'. Many articles were banal, e.g. "It seems like nearly everyone you meet these days has a digital persona to compliment [sic] the real-life counterpart, but after spending countless hours curating your virtual life online, the site can seem a little bland. Thankfully, the world's most popular social network has a hidden treat ...". Others addressed important issues, such as self-management of the digital personae projected within various social media, including for economic reasons ('managing your personal brand online'), e.g. Mac (2012).

A series of searches were conducted, restricting the search-scope to prior, specific years. This identified what appeared to be the oldest news article detected by Google News - Adams (1997). This reported on a fairly superficial use of the term by an IT industry CEO, Eric Schmidt, then of Novell: "The new face of networking has a human face, and it has as many faces as there are users on the network today ... put the programs on the network and build 'digital personas' that give users customized access to the things they need to get jobs done". 18 months later, Novell launched a 'digital wallet' called digitalme, which stored identification and authentication data in order to give individuals more control over their identity on the Internet, and gave rise to the second oldest article detected by Google News mentioning the term 'digital persona' - Fidel (1999).

The lie inherent in the marketing spiel became increasingly evident as time went by. Schmidt became CEO of Google, and is to a considerable degree responsible for the massively-intrusive imposed digital persona and the associated, highly-intensive consumer-behaviour profile assembled by that company. He has also contributed one of the iconic anti-privacy aphorisms: "If you have something that you don't want [Google and its customers] to know, maybe you shouldn't be doing it in the first place" (Esguerra 2009).

From 2006 onwards, an increase was apparent in media usage. A telling article reported on steps taken by IBM to impose controls over the digital personae that its employees used when participating on the company's behalf in the (short-lived) virtual world called Second Life (StPT 2007). Uses in the media naturally lack the richness of the full theory, but the senses in which the term is applied have been generally consistent with the 1994 notion.


5. Theory Extensions

The theory of the digital persona presented in the original 1994 paper was sufficiently comprehensive that subsequent literature, while adding some depth, has not contributed all that much more to the theory itself. There are two areas, however, in which some theory extension is necessary. The need to distinguish open from hidden personae was mentioned earlier and is addressed in the second sub-section below. The first sub-section is concerned with the relationship between the digital persona and human identification.

5.1 A Comprehensive Theory of Identification

Business and government have attempted a long series of initiatives in relation to what has been called 'identity management'. This began with digital signatures during the mid-to-late 1990s. Little progress has been made, however, because the public key infrastructure (PKI) on which these depend is fundamentally flawed (Clarke 2001b). The attempts continued with private-sector portals, moved on to federated models, and to single-sign-on to multiple government agencies. These have mostly failed, or have been adopted by only a small proportion of the target audience, for reasons explained in Clarke (2004).

The fundamental reason why these attempts keep failing is that they embody assumptions about people and human identity that are manifestly wrong. Designers need to work from a model of the elements and their inter-relationships that reflects the realities.

In order to satisfy this need, the early work in Clarke (1994b) was progressively expanded into a comprehensive theoretical model, encompassing all aspects of identification and authentication. The digital persona is a crucial element of the model. Each instance of a digital persona, stored in a record, is distinguished by a signifier of some kind, such as a name, or a code. The term 'identifier' is commonly used for such a signifier. If the digital persona can be directly associated with a particular human person (e.g. because the digital persona includes a biometric measure), the signifier is more appropriately referred to as an 'entifier'. If the identity is not able to be associated with any particular person, it is a 'nym' - or more specifically an 'anonym', if association is not possible, or a 'pseudonym', if association is possible, but only subject to particular conditions being satisified.

Building on this basic set of concepts, the processes of identification and entification are capable of being described in ways that avoid misunderstandings and provide a foundation for effective business processes. The general concept of authentication, and its specific application to identity authentication and entity authentication can also be reliably described. For example, the concept of Identity Management can then be defined as a generic term for architectures, infrastructure and processes that support the Authentication of Identity Assertions. The mature model was presented in Clarke (2009b), supported by a Glossary and examples. Exhibit 6 contains the key definitions, extracted from the Glossary.

Exhibit 6: Key Terms from the Theory of Identification

ConceptDefinition
 
IdentityA real-world thing, but of virtual rather than physical form.
Includes a presentation or role of one or more human beings.
Also includes, for example, processes running in a computing device.
EntityA real-world thing.
Includes human beings.
Also includes computing devices, animals, vehicles, etc.
  
RecordA set of Data-items each of which relates to a particular Entity or Identity.
Digital PersonaConceptually, a model of an individual's public personality based on data and maintained by transactions, and intended for use as a proxy for the individual.
Operationally, a Record that is sufficiently rich to provide the record-holder with an adequate image of the represented Entity or Identity.
  
IdentifierConceptually, a set of Data-Items that are together sufficient to distinguish a particular Identity from others in the same category.
Operationally, most commonly a name or assigned code.
EntifierConceptually, a set of Data-Items that are together sufficient to distinguish a particular Entity from others in the same category.
Operationally, for a human being, a biometric.
PseudonymAn Identifier that may be able to be associated with a particular Entity, but only if legal, organisational and technical constraints are overcome.
AnonymAn Identifier that cannot be associated with any particular Entity, whether from the data itself, or by combining it with other data.
 
IdentificationThe process whereby data is associated with a particular Identity. This is achieved by acquiring an Identifier for the Identity.
EntificationThe process whereby data is associated with a particular Entity. This is achieved by acquiring an Entifier for the Entity.
  
AuthenticationThe process that establishes a level of confidence in an Assertion.
Identity AuthenticationThe process whereby a level of confidence is achieved in an Identity Assertion.

5.2 Covert or Hidden Personae

It is common for an individual to be aware of the various digital personae associated with them, including those imposed on them by organisations. A substantial body of neo-Benthamite 'panoptic' theory has been espoused in recent decades, stimulated by Foucault (1975). This is based on the proposition that an efficient way to sustain public order is to encourage individuals to impose self-discipline on themselves, by giving them the impression that they are subject to continuous surveillance. Information technology has greatly enhanced the symbolism and to some extent the power of visual surveillance, and has invented and continually extends the symbolism and power of dataveillance.

Panopticism involves overt surveillance of physical and digital personae whose existence and content are known to the individuals they are associated with, or are at least knowable by them. An additional category of digital personae exists - those that are covert or hidden. Sub-categories include the following:

The original 1994 article recognised the possibility of hidden personae, to the extent that it allowed for the possibility of individuals being unaware of the existence of a persona. It also identified instances of background databases that accumulated personal data from various sources then (and accumulate it now), including "credit reference data and ratings, insurance claims databases, consumer marketing mailing lists, telephone, fax and email address directories, electoral rolls and licence registers". To that should have been added consumer profiling companies such as Acxiom, and tenancy databases. The original article did not otherwise address the topic.

The number of such background databases has greatly increased during the last 20 years, and the intensity of the data that their operators gain access to has as well. For example, the consumer credit industry has worked assiduously towards its aim of having full access to all aspects of every consumer's indebtedness (so-called 'positive reporting').

Intelligence databases have always existed, but have become massively more intensive, and their operators have become even less accountable to parliaments and the public, particularly since national security extremists recovered the ground that they had lost at the end of the Cold War c. 1990, following the terrorist strikes of the first decade of the century.

Many such practices are more or less formally exempt from data protection laws, or effectively authorised by them, over the heads of citizens and consumers. This applies not only to public sector records, but also in the private sector. In Australia, for example, employment records, the media and small business are entirely exempt, and credit reporting and direct marketing consumer profiles are subject to special regimes that authorise the collection and exploitation of consumers' data by business.

Since the mid-1990s, web-traffic has also been manipulated in order to generate massive holdings of Internet-user profile data, by such companies as Doubleclick and Google (which subsequently acquired Doubleclick, thereby consolidating two parallel sources of data). Since the early 2000s, 'social neworking services' and other forms of 'social media' have emerged, whose business model is based on the encouragement of self-exposure and the exposure of others, in order to enable the exploitation of consumer data (Clarke 2012). Companies such as Facebook, and Google through Google+, are accumulating substantial amounts of additional data, much of it reasonably reliably associable with specific identities, and in some circumstances with specific human entities.

These background, hidden personae are giving rise to what de Kerckhove refers to as 'The Digital Unconscious', which he explains as "the sum of data available in a growing quantity of databases that individuals, institutions, companies and society in general are not conscious of", or "everything that can be known about you that you don't know". The term has been coined a small number of times, although the only relevant references found to date from prior to 2012 are Amiran (2008) and Reading (2009). The topic is being developed by de Kerckhove in a seminar series (de Kerckhove 2012).

The negative impact of hidden personae is a variant of the panoptic effect - individuals are being effectively encouraged to believe that 'they know all about you already', and hence to constrain their behaviour because of the fear of retribution. Longstanding examples of retribution unclude tax audits and the refusal of loan applications. As social media intrusions have proliferated, use of such personae in rejecting job applications has increased (e.g. Wortham 2009).

This broad chilling effect is of concern in a psychological sense, because it denies private space. It is of greater concern in a social sense, because it causes people to avoid associations with one another, and generates a prevailing climate of suspicion. It has a constraining impact on technological innovation, because most inventors and many innovators are 'deviants' by the norms of the sectors and even of the societies in which they live, and as a result the chilling effect has a negative impact on economic development.

From a political perspective, the chilling of speech, of assembly, and even of thought, are consistent with an un-free nation, and have a seriously detrimental effect in a democracy. Imposed digital personae, coupled with the denial of multiple pseudonyms, increases the capacity of powerful organisations, in both the public and private sectors, in order to suppress dissent (Clarke 2008).

In the mere two decades since the end of the Cold War and the collapse of East Germany and its Ministerium für Staatssicherheit (the Stasi), the 'free world' has lurched towards a significantly more efficient surveillance society than was ever achieved behind the Iron Curtain. Public sectors across the world remain dedicated to intrusiveness as the means to sustain social control. Encouraged by technology providers, many governments have attempted to impose national identification schemes, mostly with limited success.


6. Responses

Applications of imposed digital personae harbour great threats to consumers and citizens. The question therefore arises as to whether regulatory measures relating to personal data reflect the insights offered by the theory.

At least in common law countries, it might have been expected that extensions to the tort of appropriation would have emerged, at least to assist well-known individuals to protect the brand-value of their public digital personae. Yet, with the exception of the UK, legal reform in this area has been glacial.

Another example of a yawning regulatory gap is the failure by European Data Protection Commissioner to enforce laws relating to personal data collection, use, disclosure and the right of subject access. The Internet enables corporations to offer services across national borders, and hence Google, Facebook and other corporations breach laws in many countries, but avoid retribution by locating their operations in jurisdictions with very low levels of consumer protection, in particular the USA. Little evidence exists of any concerted effort to address the problem. Another indicator that all is far from well has been the recent European dialogue relating to an emergent 'right to be forgotten' (Lindsay 2012).

One small, positive sign has been the emergence of an anonymity principle, initially in the Australian Privacy Charter (APCC 1994), and subsequently in the laws of Germany (1997), Australia (2000) and four subsidiary jurisdictions within it (2000-2009), and South Korea (2011). However, the principle remains far from becoming an integral part of data protection frameworks.

Apart from legal measures, or 'East Coast Code' as Lessig (1999) described them, there is a significant role for elements of information infrastructure, or 'West Coast Code', to provide a buffer against aggressive application of imposed digital personae on consumers and citizens. Examples of relevant information technology measures include applications of cryptography, Pretty Good Privacy and its associated web of trust notions (PGP - Zimmerman 1995), 'onion-routing' (Reed et al. 1998), U-Prove digital certificates that authenticate an identity's attributes without disclosing any identifiers (Brands 2000), Freenet to obscure the origins of a message (Clarke et al. 2001), and Privacy Enhancing Technologies (PETs) more generally (Clarke 2001a).


7. Conclusions

The various aspects of the digital persona notion have potential applications in many fields, and to good and bad effect, from the viewpoint of the individual to whom the persona relates, of other individuals, and of organisations. Clearly there are legitimate applications of imposed digital personae as a tool of criminal investigation and intelligence. Abstract models of targeted categories of people can be derived or contrived, and digital personae tested against those models to generate suspects. Some scepticism is warranted, however. For example, a dispassionate analysis is needed of the effectiveness of trawling passenger data in order to detect drug-mules, and particularly terrorists.

The digital persona concept is an important element within a comprehensive model of organisational use of personal data and human identities. No aspect of the original, 1994 conception has been identified as being inappropriate. Some extensions to the original conception have been necessary, in order to reflect developments in technology and practice. The concept, and the broader model of identity of which it forms an integral part, appear to be intellectually efficacious, in that they provide a basis for understanding, describing, analysing, explaining and making predictions and recommendations about personal data systems and 'identity management' schemes.

Unfortunately, the body of theory has had limited impact in both the research literature and the practice of identification and identity authentication in business and government. There are multiple indicators of failure in the research arena. The original article has attracted only a modest citation-count. The term is not embedded in discussions in the relevant literature, and no other terms that substantially reflect the concept appear to be embedded in discussions in the relevant literature either. The meme has not been sufficiently aggressive.

From an instrumentalist perspective, the concept and the comprehensive model of which it is a part have been, at best, ineffective. It is not evident in policy discussions. It has no traction with government agencies, industry associations, corporations or even privacy oversight agencies. It has achieved only limited appreciation among the media. In addition, 'identity management' initiatives continue to emerge, which, on the basis of the model, can be readily shown to be both technically naive and highly privacy-invasive. Indicative of the poverty of the IT industry's conception of the digital persona is this 'Top 10 Technology Trend for 2012', published by Deloitte in late 2011 (Cox 2011):

"Digital Identities: The digital expression of identity is growing more complex every day. Digital identities should be unique, verifiable, able to be federated and non-repudiable. As individuals take a more active hand in managing their own digital identities, organizations are attempting to create single digital identities that retain the appropriate context across the range of credentials that an individual carries. Digital persona protection is becoming a strong area of cyber focus".

That text is committed to the interest of corporations and government in contriving a single, consolidated digital persona for each person, which they can control by denying nymous personae, and by denying multiple personae per individual. Moreover, the consultancy's prognostication overlooks more than a decade of successive failed attempts by IT services providers to deliver digital signature schemes, single-sign-on, and federated identity management. To the extent that Deloitte is an 'industry thought-leader', industry is still failing to understand either the real world or the theory of human identity presented to it, and is continuing to lead the IT industry, and business and government organisations, in the wrong direction.

The digital persona continues to be an important element within the web of theory needed to sustain human rights in the face of technological change and the corporatisation of the nation-state. The 1994 article concluded with the statement that "If information technology continues unfettered, then use of the digital persona will inevitably result in impacts on individuals which are inequitable and oppressive, and in impacts on society which are repressive". IT has continued unfettered, political tendencies are towards national security extremism and the repression of freedoms, and the serious negative impacts are increasingly evident. It is important that the concept and the associated model be nurtured, in the hope that it will be applied more effectively, in some future, less troubled, more tolerant, and freer world.


Appendix: Highly-Cited Surveillance Publications

In order to identify the surveillance publications that appear to have attracted the most attention from academic authors, the approach adopted was to conduct searches on Google Scholar. In comparison with alternative citation-count services, this offers a large catchment area, in return for being less discriminating in the documents in which citations are counted. Google's search-engine is poorly documented, uses various forms of fuzzy matching, and delivers different results from the same search-terms, at various times, and even at the same time, depending on various, undisclosed factors. The search strategy adopted here accordingly applied various means to identify highly-cited works whose subject-matter was primarily surveillance.

No attempt was made to find highly-cited publications that omitted the word 'surveillance' but used synonyms (such as 'monitoring' or 'systematic observation'). No attempts were made to search for highly-cited publications on subsidiary topics - which would use such search terms as 'wire-taps', 'electronic interception' and 'CCTV'. The public health and computer science literatures were excluded, because they use the term 'surveillance' in specialised ways, and generate large numbers of citations.

The searches were conducted in July 2012. The arbitrary threshold of 200 citations was selected primarily on the basis of manageability, in that substantial numbers of publications have between 100 and 200 Google citations. As with any evaluation based on cumulative citation-count, the resulting 'top 16' list in the table below is inherently biassed against publications that appeared within the last 5-10 years - and indeed it contains only one publication more recent than 2003. The list does at least pass the intuitive credibility test of containing many well-known authors in the surveillance space. (Remarkably, the most highly-cited five articles including the word 'panopticon' are only in the range 200-550. This reflects the fact that Google currently has no access to the text of Foucault (1975) - which has over 30,000 citations).

Because of the many limitations on the extraction process, considerable caution is needed in drawing conclusions on the basis of this data. Its primary function is to provide an indication of what constitutes a relatively high citation-count in the surveillance literature.

Lyon (1994)890
Lyon (2001)850
Marx (1989)570
Gandy (1993)540
Sewell (1992)530
Haggerty (2000)510
Norris (1999)470
Dandeker (1990)460
Lyon (2003a)370
Clarke (1988)330
Lyon (2003b)310
Boyle (1997)270
Lyon (2007)260
Rule (1974)230
Clarke (1999)230
Clarke (1994b)230


References

Adams B. (1997) '' Deseret News, 20 November 1997, at http://www.deseretnews.com/article/595933/Novell-introduces-goal-putting-a-friendly-face-on-computer-networking.html?pg=all

Agre P. (ed.) (1994) 'The Digital Individual' Special Issue of The Information Society 10, 2 (1994) 73-145

Amiran E. (2008) 'The Digital Unconscious' Seminar Announcement, Uni. California at Irvine, September 2008, at http://maillists.uci.edu/mailman/public/visgrads/2008-September/000417.html

APCC (1994) 'Australian Privacy Charter' Australian Privacy Charter Council, December 1994, at http://www.privacy.org.au/apcc/

Ball M., Callaghan V., Garnder M. & Trossen D. (2010) 'Pervasive Computing Technologies for Healthcare (PervasiveHealth)' Proc. 4th International Conference on Pervasive Computing Technologies for Healthcare, March 2010, Munich, at http://privatewww.essex.ac.uk/~mhball/docs/PervasiveHealth2010.pdf

Balnaves M. & Luca J. (2005) 'The impact of digital persona on the future of learning: A case study on digital repositories and the sharing of information about children at risk in Western Australia' Proc. 22nd Annual Conference of the Australasian Society for Computers in Learning in Tertiary Education, Brisbane, 2005, pp. 49-56, at http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=3671&context=ecuworks

Beard J.J. (2001) 'Clones, bones and twilight zones: protecting the digital persona of the quick, the dead and the imaginary' Berkeley Tech. LJ 16 (2001) 1165-1271

Biain J.M. & Vaduvescu I. (2010) 'Manifesto for the digital persona and Digital Habeas Corpus' Junco Films, 2010, at http://www.article12themovie.com/download/manifesto

Bogard W. (1996) 'The Simulation of Surveillance: Hypercontrol in Telematic Societies' MIT Press, 1996

Boyle J. (1997) 'Foucault in Cyberspace: Surveillance, Sovereignty, and Hardwired Censors' U. Cin. L. Rev. 66 (1997) 177

Brands S. (2000) 'Rethinking Public Key Infrastructures and Digital Certificates' MIT Press, 2000

Burkert H. (1997) 'Privacy-enhancing technologies: typology, critique, vision' Chapter in Agre P.E. & Rotenberg M. (eds.) 'Technology and Privacy: The New Landscape' NIT Press, 1997, pp. 125-142

Clark J.E. (2010) 'The Digital Imperative: Making the Case for a 21st-Century Pedagogy' Computers and Composition 27 (2010) 27-35

Clarke I., Sandberg O., Wiley B. & Hong T.W. (2001) 'Freenet: A Distributed Anonymous Information Storage and Retrieval System' Lecture Notes in Computer Science, 2001, Volume 2009/2001, 46-66

Clarke R. (1988) 'Information Technology and Dataveillance' Commun. ACM 31,5 (May 1988), at http://www.rogerclarke.com/DV/CACM88.html

Clarke R. (1993a) 'Computer Matching and Digital Identity' Proc. Computers, Freedom & Privacy, San Francisco, March 1993, PrePrint at http://www.rogerclarke.com/DV/CFP93.html

Clarke R. (1993b) 'CFP'93 - Personal Notes' Xamax Consultancy Pty Ltd, March1993, at http://www.anu.edu.au/people/Roger.Clarke/DV/NotesCFP93.html

Clarke R. (1994a) 'The Digital Persona and its Application to Data Surveillance' The Information Society 10,2 (June 1994) 77-92, PrePrint at http://www.rogerclarke.com/DV/DigPersona.html

Clarke R. (1994b) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Info. Technology & People 7,4 (December 1994), at http://www.rogerclarke.com/DV/HumanID.html

Clarke R. (1994c) 'Dataveillance: Delivering '1984' Chapter in Green L. & Guinery R. (Eds.) 'Framing Technology: Society, Choice and Change' Allen & Unwin, Sydney, 1994, at http://www.rogerclarke.com/DV/PaperPopular.html

Clarke R. (1998) 'Platform for Privacy Preferences: An Overview' Privacy Law & Policy Reporter 5, 2 (July 1998) 35-39, at http://www.rogerclarke.com/DV/P3POview.html

Clarke R. (1999) 'Internet privacy concerns confirm the case for intervention' Communications of the ACM 42, 2 (February 1999) 60-67, Special Issue on Internet Privacy, at http://www.rogerclarke.com/DV/CACM99.html

Clarke R. (2001a) 'Introducing PITs and PETs: Technologies Affecting Privacy' Privacy Law & Policy Reporter 7, 9 (March 2001) 181-183, 188, at http://www.rogerclarke.com/DV/PITsPETs.html

Clarke R. (2001b) 'The Fundamental Inadequacies of Conventional Public Key Infrastructure' Proc. Euro. Conf. in Infor. Syst., June, 2001, at http://www.rogerclarke.com/II/ECIS2001.html

Clarke R. (2004) 'Identity Management: The Technologies, Their Business Value, Their Problems, Their Prospects' Xamax Consultancy Pty Ltd, March 2004, 70 pp.

Clarke R. (2005a) 'Human-Artefact Hybridisation: Forms and Consequences' Proc. Ars Electronica Symposium on Hybrid - Living in Paradox, Linz, September 2005, PrePrint at http://www.rogerclarke.com/SOS/HAH0505.html

Clarke R. (2005b) 'Human-Artefact Hybridisation and the Digital Persona' Background Paper for Ars Electronica Symposium on Hybrid - Living in Paradox, Linz, September 2005, at http://www.rogerclarke.com/SOS/HAHDP0505.html

Clarke R. (2008) 'Dissidentity: The Political Dimension of Identity and Privacy' Identity in the Information Society 1, 1 (December, 2008) 221-228, PrePrint at http://www.rogerclarke.com/DV/Dissidentity.html

Clarke R. (2009a) 'The Covert Implementation of Mass Vehicle Surveillance in Australia' Proc. 4th Workshop on the Social Implications of National Security: Covert Policing, April 2009, Canberra, at http://www.rogerclarke.com/DV/ANPR-Surv.html

Clarke R. (2009b) 'A Sufficiently Rich Model of (Id)entity, Authentication and Authorisation' Proc. IDIS 2009 - The 2nd Multidisciplinary Workshop on Identity in the Information Society, London School of Economics, June 2009, Current Version at http://www.rogerclarke.com/ID/IdModel-1002.html

Clarke R. (2009c) 'A Framework for Surveillance Analysis' Working Paper, Xamax Consultancy Pty Ltd, August 2009, at http://www.rogerclarke.com/DV/FSA.html

Clarke R. (2011) 'Cyborg Rights' IEEE Technology and Society 30, 3 (Fall 2011) 49-57, PrePrint at http://www.rogerclarke.com/SOS/CyRts-1102.html

Clarke R. (2012) 'Privacy as a Strategic Factor in Social Media: An Analysis Based on the Concepts of Trust and Distrust' Working Paper, Xamax Consultancy Pty Ltd, April 2012, at http://www.rogerclarke.com/DV/SMTD.html

Clarke R. & Wigan M. (2011) 'You Are Where You've Been The Privacy Implications of Location and Tracking Technologies' Journal of Location Based Services 5, 3-4 (December 2011) 138-155, PrePrint at http://www.rogerclarke.com/DV/YAWYB-CWP.html

Cox M. (2011) 'Top 10 Technology Trends for 2012: Deloitte' eChannel Line, 11 December 2011, at http://www.echannelline.com/usa/story.cfm?item=27367

Dandeker C. (1990) 'Surveillance, power and modernity: Bureaucracy and discipline from 1700 to the present day' Polity Press, 1990

Deleuze G. (1992) 'Postscript on the societies of control' variously cited as 1986, 1990 and October 59 (Winter 1992) 3-7, cited in Dodge & Kitchin (2004), copy at http://www.mccoyspace.com/nyu/10_s/ideas/texts/week08-Deleuze.pdf

Dennis K. (2008) 'Keeping a close watch - the rise of self-surveillance and the threat of digital exposure' The Sociological Review 56, 3 (August 2008) 347-518

Dodge M. & Kitchin R. (2004) 'Codes of Life: Identification Codes and the Machine-Readable World' Working Paper 82, Centre for Advanced Spatial Analysis, University College London, May 2004, at http://www.casa.ucl.ac.uk/working_papers/paper82.pdf

Esguerra R. (2009) 'Google CEO Eric Schmidt Dismisses the Importance of Privacy' Electronic Frontiers Foundation, 10 December 2009, at https://www.eff.org/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy

Farr C. (2012) 'New discovery game is a creepy virtual popularity contest for Twitter (exclusive)' Venture Beat News, 6 July 2012, at http://venturebeat.com/2012/07/06/new-discovery-game-is-a-creepy-virtual-popularity-contest-for-twitter-exclusive/

Fidel S. (1999) '' Deseret News, 31 March 1999, at http://www.deseretnews.com/article/688633/BrainShare-introduces-digital-identity-wallet-called-digitalme.html?pg=all

Foucault M. (1975) 'Discipline and Punish: The Birth of the Prison' Random House

Froomkin A.M. 'Anonymity and Its Enmities' J. Online Law, Article 4, 1995

Gandy O.H. (1993) 'The panoptic sort: A political economy of personal information' Westview, 1993

Hanson J.D. & Kysar D.A. (1999) 'Taking behavioralism seriously: some evidence of market manipulation' Harv. Law Rev. 112, 7 (May 1999) 1420-572

Haggerty K.D. (2000) 'The surveillant assemblage' The British Journal of Sociology, 2000

Heath D. (2012) 'The new digital age makes life difficult for under-cover spies' 20 July 2012, itWire, at http://www.itwire.com/business-it-news/security/55818-the-new-digital-age-makes-life-difficult-for-under-cover-spies

Henman P. (1997) 'Computer Technology - a Political Player in Social Policy Processes' Jnl Soc. Pol. 26, 3 (1997) 323-340

Hildebrandt M. (2006) 'Privacy and Identity' in Claes E., Duff A. & Gutwirth S. (eds.) 'Privacy and the criminal law' Intersentia, 2006, pp. 61-104, at thttp://works.bepress.com/cgi/viewcontent.cgi?article=1005&context=mireille_hildebrandt

Karnow C.E.A. (1994) 'The Encrypted Self: Fleshing Out the Rights of Electronic Personalities ' J. Marshall J. Computer & Info. L. 13, 1 (1994), at http://www3.cirsfid.unibo.it/asmiur01/area/documenti/Karnow_1994.pdf

Kelin S.-A.R. (1999) 'Digital Persona: A Gateway to Personal Information' ME Thesis, MIT, February 1999, at https://el.trc.gov.om/htmlroot/ENGG/tcolon/e_references/NDLTD/Information%20and%20Technology%20Engineering/Thesis/Digital%20persona%20a%20gateway%20to%20personal%20information.pdf

Kelly K. (1998) 'New Rules for the New Economy' Penguin, 1998

de Kerckhove D. (2012) 'From Freud's unconscious to digital unconscious' Seminar Announcement, International Journal of McLuhan Studies, February 2012, at http://www.mcluhanstudies.com/index.php?option=com_content&view=article&id=485:from-freud-to-digital-unconsciuos&catid=78&Itemid=472

Kim M.-C. (2004) 'Surveillance Technology, Privacy and Social Control: With Reference to the Case of the Electronic National Identification Card in South Korea' International Sociology 19, 2 (2004) 193-213

Koch M. & Möslein K.M. (2005) 'Identities Management for E-Commerce and Collaboration Applications' International Journal of Electronic Commerce 9, 3 (Spring 2005) 11-29

Leenes, R.E. (2008) 'User-centric identity management as an indispensable tool for privacy protection' International Journal of Intellectual Property Management 2, 4 (2008) 345-371

Lessig L. (1999) 'Code and Other Laws of Cyberspace' Basic Books, 1999

Levine R., Locke C., Searls D. & Weinberger D. (2000) 'The Cluetrain Manifesto: The End of Business as Usual' Perseus, 2000

Lindsay D. (2012) 'The Emerging Right To Be Forgotten in Data Protection Law: Some Conceptual and Legal Problems' Proc. 8th International Conference on Internet, Law & Politics, Barcelona, July, 2012

Liu H. & Maes P. (2004) 'What Would They Think? A Computational Model of Attitudes' Proc. ACM International Conf. on Intelligent User Interfaces, January 2004, Madeira, Portugal, pp. 38-45

Lyon D. (1994) 'The electronic eye: The rise of surveillance society' Polity Press, 1994

Lyon D. (2001) 'Surveillance society' Open University Press, 2001

Lyon D. (2003a) 'Surveillance after September 11' Polity Press, 2003

Lyon D. (2003b) 'Surveillance As Social Sorting: Computer Codes and Mobile Bodies' Chapter 1 in Lyon (2003c)

Lyon D. (2003c) (ed.) 'Surveillance as social sorting: privacy, risk, and digital discrimination', Routledge, 2003

Lyon D. (2007) 'Surveillance studies: An overview' Polity Press, 2007

Ma J., Wen J., Huang R. & Huang B. (2011) 'Cyber-Individual Meets Brain Informatics' IEEE Intelligent Systems, Sep/Oct 2011, at http://cis.k.hosei.ac.jp/~jianhua/mahome/Cyber-Individual_Meets_Brain_Informatics.pdf

Mac A. (2012) '5 Tools For Managing Your Personal Brand Online' Fast Company, 17 February 2012, at http://www.fastcompany.com/1816823/5-tools-for-building-your-personal-brand-online

BY Amber Mac | 02-17-2012

McAlpine M. (2005) 'E-Portfolios and Digital Identity: Some Issues for Discussion' E-Learning 2, 4 (2005) 378-387

Marx G.T. (1989) 'Undercover: police surveillance in America' University of California Press, 1989

Marx G.T. and Reichman N. (1984) 'Routinising the discovery of secrets' Am. Behav. Sci. 27. 4 (Mar-Apr 1984) 423-452

Mordini E. & Massari S. (2008) 'Body, Biometrics and Identity' Bioethics 22, 9 (2008) 488-498, at http://www.danslab.nl/fileadmin/user_upload/documenten/pdf/frame-0809/mordini_massari-body_biometrics_identity_1248269115.pdf

Nilakanta S. & Scheibe K. (2005) 'The Digital Persona and Trust Bank: A Privacy Management Framework' Journal of Information Privacy & Security, 2005, at http://www.bus.iastate.edu/amt/Readings/MIS%20655/DP%20and%20TB%20(Townsend)%201.0.pdf

Norris C. (1999) 'The maximum surveillance society: The rise of CCTV, Berg Publishers, 1999

Notoatmodjo G. (2007) 'Exploring the `Weakest Link': A Study of Personal Password Security' MSc (Hons) Thesis, Computer Science Department, The University of Auckland, New Zealand, July 1997, at https://cs.auckland.ac.nz/~cthombor/Students/gnotoatmodjo/Thesis_Body_11_Dec_2007.pdf

Packard V. (1964) 'The Naked Society' McKay, New York, 1964

PAPL (2007) 'Terrorism Law' Parliamentary Library of the Parliament of Australia, August 2007, at http://www.privacy.org.au/Resources/APH-Lib-terrorism-071008.htm

Phillips D.J. (2002) 'Negotiating the Digital Closet: Online Pseudonymity and the Politics of Sexual Identity' Information, Communication & Society 5, 3 (2002), at http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.202.5212&rep=rep1&type=pdf

van der Ploeg I. (1999) 'Written on the Body: Biometrics and Identity' ACM SIGCAS Computers and Society 29, 1 (March 1999) 37 - 44

van der Ploeg I. (2003) 'Biometrics, and the body as information: normative issues of the socio-technical coding of the body' Chapter 3 in Lyon D. (2003b)

Reading A. (2009) 'The Globytal: Towards an Understanding of Globalised Memories in the Digital Age' In 'Digital Memories: Exploring Critical Issues' (eds. Maj A. & Riha D.), Inter-Disciplinary Press Oxford, United Kingdom, 2009, pp. 31-40

Reed M.G., Syverson P.F. & Goldschlag D.M. (1998) 'Anonymous connections and onion routing' IEEE Journal on Selected Areas in Communications 16, 4 (May 1998) 482 - 494

Rubinstein I.S., Lee R.D. & Schwartz P.M. (2008) 'Data Mining and Internet Profiling: Emerging Regulatory and Technological Approaches' UC Berkeley Recent Work, September 2008, at http://escholarship.org/uc/item/2zn4z6q4

Rule J.B. (1974) 'Private lives and public surveillance: Social control in the computer age' Schocken, 1974

Saebo O., Rose J. & Nyvang T. (2009) 'The role of social networking services in eParticipation' in Electronic Participation, Lecture Notes in Computer Science, 2009, Volume 5694/2009, pp. 46-55, at http://brage.bibsys.no/hia/bitstream/URN:NBN:no-bibsys_brage_19699/1/Sæbø_2009_Role.pdf

Sewell G. (1992) ''Someone to watch over me': surveillance, discipline and the just-in-time labour process' Sage, 1992

Schneiderman A. (2012) 'What Happens to Your Digital Persona When You Die?' Everplans Blog, 18 April 2012, at http://www.everplans.com/blog/what-happens-your-digital-persona-when-you-die

Simon B. (2005) 'The Return of Panopticism: Supervision, Subjection and the New Surveillance' Surveillance & Society 3, 1 (2005) 1-20, at http://www.surveillance-and-society.org/articles3(1)/return.pdf

StPT (2007) 'You know second life has become cool now: ibm has rules for employees who use it' St Petersburg Times, 27 August 2007, at http://imc.mbhs.edu/english/growinguponline/documentsfall09/secondlife.pdf

Taekke J. (2011) 'Digital panopticism and organizational power' Surveillance & Society 8, 4 (2011) 441-454, at http://library.queensu.ca/ojs/index.php/surveillance-and-society/article/view/4181/4183

W3C (2002) 'The Platform for Privacy Preferences 1.0 (P3P1.0) Specification' World Wide Web Consortium, April 2002, at http://www.w3.org/TR/P3P/

Wen J., Ming K., Wang F., Huang B. & Ma J. (2009) 'Cyber-I: Vision of the Individual's Counterpart on Cyberspace' Proc. 8th IEEE Intl Conf. on Dependable, Autonomic and Secure Computing, 2009, pp. 295-302

Wortham J. (2009) 'More Employers Use Social Networks to Check Out Applicants' New York Times, 20 August 2009, at http://bits.blogs.nytimes.com/2009/08/20/more-employers-use-social-networks-to-check-out-applicants/

Yen N.Y., Jin Q., Ma J., Huang R. & Shih T.K. (2011) 'Shift to Cyber-I: Reexamining Personalized Pervasive Learning' Proc. IEEE/ACM Intl Conf. on Green Computing and Communications, 2011, pp. 685 - 690

Zimmermann P. (1995) 'The Official PGP User's Guide' MIT Press, 1995

Zwick D. & Dholakia N. (2004) 'Whose Identity Is It Anyway? Consumer Representation in the Age of Database Marketing' Journal of Macromarketing 24, 1 (June 2004) 31-43


Acknowledgements

The stimulus to develop this paper was provided by an invitation from Derrick de Kerckhove for an interview by Skype during a conference in Rome on 20 July 2012. The conference was 'McLuhan: 100 Anni Dopo: Influenze trasversali sulla Persona Digitale: 5 scenari tra ieri e domani' (roughly, '100 Years On: Indirect Influences on the Digital Persona: 5 scenarios between yesterday and tomorrow').


Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in the Cyberspace Law & Policy Centre at the University of N.S.W., and a Visiting Professor in the Research School of Computer Science at the Australian National University.



xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.

Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 17 July 2012 - Last Amended: 17 August 2012 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/ID/DP12-120817.html
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2022   -    Privacy Policy