D2.13: Virtual Persons and Identities

D2.13 Virtual Persons PERSONS AND IDENTITIES

Persons and identities

The traditional simple model for identities consists in associating to each person a unique, if possible universal, identity:

This model presents several advantages, one of them being its simplicity. An identified person gets for example some rights, like the right to travel and to pass a border, the right to vote, or to be on welfare. Those rights are indeed strongly related to the person’s identity itself.

Traditional Identity Management Systems (IdMS) usually associate a list of rights, duties, obligations and responsibilities to each identified person, i.e., to each identity. The absence of such a strong identity model may prevent a person to be fully recognized as a citizen; such a person might be denied important rights given to identified citizens. That is one of the reasons why governments usually promote official registers where all citizens of their country are recorded exactly once; the social security number register is a typical example. These arguments are emphasized by people who consider the right to have a unique universal identity as a fundamental right.

Another advantage of the traditional simple model appears when we consider obligations and responsibilities. An identified person may use and enjoy some rights; he can also carry the responsibility of his acts and needs to fulfill his obligations. In case of fraud, a unique physical person is clearly identified and can be charged.

In the light of what precedes, the traditional simple model may appear very convenient from the point of view of both the person and society. However, this model has also some worrying drawbacks: a unique identity opens the door to the linking and analysis of a lot of information about its owner, about his actions and activities, about his preferences, etc. Profiles deduced from this information may be used to later deny certain services to the person: for example, a life insurance company may refuse a new customer because his profile suggests unusual risks. The convenience of a unique identity has a price which might overcome its advantages in the near future.

The simple model presents severe threats for privacy; moreover, as we will see, it is inadequate to represent the variety of new forms of identities induced by new technologies. 

To protect privacy, the link between one person and its identifying information should be weakened. Privacy preserving technologies promote, whenever possible, unlinkability between different actions, activities and preferences of a same person. One technique is based on pseudonyms, or even one-time pseudonyms. Each pseudonym may be seen as a kind of identity of the person; it does not usually reveal the true identity of its owner.

Nowadays, we all have several (partial) identities in our daily life. These identities are based on roles, actions, activities and may vary also depending on the context. New technologies have a direct impact on the very concept of “identity”, new forms of identities are appearing and the identity (r)evolution has already started. For example, the same person might have the following identities:

1. Dad, within his family; 

2. the director of a specific company;

3. the pseudonym “Shakespeare” as a seller (and buyer) on an electronic trade platform; 

4. the owner of a specific VISA card with a given number and expiration date; 

5. etc. 

In order to take into account these facts, some modern IdMS handle multiple identities for each person recorded in their system:

Actually, today’s situation is even more complex as an identity might also be shared in practice by several persons:

1. the guest account on a computer located in a library; 

2. the SIM card (Subscriber Identity Module) in a cell phone used by different persons; 

3. the e-bay account used by the staff of an e-shop; 

4. IP address; 

5. etc. 

Therefore, we also need to consider the following situation:

Shared identities can be considered, in some situations, as privacy enhancing tools as they hide a person within the group of people sharing this identity.

Our model will allow a faithful description of the variety of new forms of identities induced by new technologies. 

In order to maintain the traditional idea of a strong link between an identity and a specific entity while describing new forms of identities, we propose to introduce an abstract layer that creates an indirection between identities and the corresponding physical entities. Entities in this abstract layer will be called “virtual entities”. A virtual entity corresponds to an abstraction, a perception, a thought, a concept or an illusion. Physical entities belong to the physical world. Virtual entities belong to the virtual world.

Some physical entities are physical persons; others not: for example, stones, buildings, animals, etc.  

Some virtual entities can have rights, duties, obligations and/or responsibilities associated to them in some context; such virtual entities will be called “virtual persons”.

In particular, virtual entities that could represent or be represented by a physical person are virtual persons. Not all virtual entities are virtual persons; the virtual entity described by “a white sheet of paper” is not a virtual person, for example.

In this abstract layer – the virtual world – we impose the following condition:

This is in particular true for virtual persons. A physical person having several (partial) identities is replaced by a physical person linked to several virtual persons, each having a unique identity:

Figure : Multiple identities

A “virtual identity” of a physical person is the identity of a virtual person linked to it:

Figure : Virtual identity

Pseudonyms form an important family of virtual identities. Indeed, a pseudonym is the identity of its corresponding virtual person, which in turn is linked to the user(s) of the pseudonym. The virtual person creates an indirection between the pseudonym and its user(s).

Virtual persons play the role of a mask. In front of the mask, we have the identity. Several physical persons can hide behind the mask.

When several persons share an identity, they are all linked to the same virtual person. The shared identity becomes in our model a shared virtual identity.

Figure : Shared virtual identity

In doing so, we keep some of the advantages of the simple traditional model. For example, we can associate a list of rights, duties, obligations and responsibilities to each virtual person. But we loose the direct link between the identity and a physical entity (for example a physical person). This indirection helps to describe important concepts such as anonymity, pseudonymity, unlinkability which play an important role in privacy enhancing technologies. Moreover, as we will see, this indirection describes more faithfully what happens in today’s reality.

Last but not least, a virtual person continues to exist whatever happens to the physical person(s) once linked to it. It survives its corresponding physical entities. 

The introduction of an abstract entity – the virtual person – can lead to further development. Let us consider two examples to examine more thoroughly what is behind the mask.

First example:

“Zeus” is the identity of an abstract concept in the Greek religion. The corresponding virtual person is described by “the one who is Zeus”. What is behind the mask? Is there a physical person, a physical entity or nothing? This answer might vary depending on one’s belief.

Figure : Is there somebody behind the mask?

Second example:

“The sender of a given email” is the identity of the actor, a virtual person. What is behind the mask? Is it a physical person? Is it a computer program? Is it a dog?

Figure : Physical persons are not the only one that can hide behind the mask

The introduction of “virtual persons” allows the description of situations where an action is not necessarily initiated by a physical person but possibly by a computer program or an animal for example. Therefore, physical entities behind the virtual persons should not be reduced to physical persons only. We introduce the concept of subjects in order to include the possibility of having non-human physical entities behind virtual persons.

Intuitively speaking, a subject is any physical entity that can “hide” behind a virtual person. Physical objects can be subjects too.

Figure : Different types of subjects

Note that we could make a distinction between a “human being” and a “physical person”. A human being or an animal might be more than its living physical body. The soul, for example, might be neither physical, nor virtual. However, these questions are more related to religion and philosophy than to the identity in the Information Society. In the scope of our model, we consciously do not cover entities that would be neither physical, nor virtual: a physical person is the living body of a human being. It can be seen as a kind of mask too:

A legal person is an abstract entity with its own, unique identity, which has a legal status. Rights, duties, obligations and responsibilities can be associated to a legal person. To guarantee the uniqueness of the identity, legal persons are usually recorded in official registers. In some situations, the responsibility is carried directly by the legal person and not by any of the physical persons representing it. To shift the responsibility is also one of the reasons why legal persons have been created. Another one is that a legal person continues to exist even after the death of its “owner(s)”.

A legal person is a virtual person according to our definition. Actually, a virtual person generalizes the well-accepted concept of legal person: it is an abstract entity that can have rights, duties, obligations and/or responsibilities associated to it.

Figure : A legal person is a virtual person

The term “virtual person” often refers to characters in a MUD (Multi User Dungeon), MMORPG (Massively Multiplayer Online Role Playing Games), or other computer games. Section , on avatars, has introduced this important use case for virtual persons. The relation between the players and the avatars (virtual persons) has been described from different perspectives. Avatars interact in a game; some of them rely on human beings (players) for their actions and/or behavior, while others might be directed by the game itself. Avatars are virtual persons according to our definition too; indeed, they can have rights and obligations associated to them within the game.

For an external observer, it is often hard to decide whether the subject behind such a virtual person is a real player or just a computer program. We see these virtual persons (characters) as masks used by subjects (human players, computer programs) to act or interact within the game.

Even though avatars are also virtual persons according to our definition, the concept of virtual person is much broader and should not be reduced to avatars only.

Figure : Avatars are virtual persons too

A group of physical persons, as an abstract concept, describes a virtual person too. For example, a couple, as an abstract entity, is a virtual person. Categories resulting of profiling also describe virtual persons.

Profiling techniques allow the creation of categories of physical persons sharing similar attributes. These attributes and their corresponding values define the category and therefore the identity of the category.

Figure : Profiling: a category is a virtual person

In other words, the category is a virtual person whose identity is defined by a set of information: a set of attributes and their corresponding attribute values. Several persons may belong to this category, i.e., may hide behind this virtual person. As an example, we could consider the category defined by “People who are older than 45 and that earn more than 100K€ per year”.

We have seen that virtual persons can hide subjects in the physical world. Nothing prevents a virtual person from hiding another virtual person in the virtual world. Indeed, such a situation is not exceptional.

Consider the example of “the first owner of a given car”. This is a virtual person described by its role. The entity behind this virtual person could be a physical person, a couple or a legal person. Couples or legal persons are two types of virtual persons.

Virtual persons can hide virtual persons hiding other virtual persons and so on. This creates chains of virtual persons. 

Figure : A virtual person hiding another virtual person