Bob Blakley

A member of the Gartner Blog Network

Bob Blakley
Research VP
4 years at Gartner
31 years IT industry

Bob Blakley is VP, Distinguished Analyst, and Agenda Manager for IT1 Identity and Privacy Strategies Service. Mr. Blakley is past general chair of the IEEE Security and Privacy Symposium and the ACSA New Security Paradigms workshop. He was awarded ACSAC's Distinguished Security Practitioner award…Read Full Bio

Google+ Can Be A Social Network Or The Name Police – Not Both

by Bob Blakley  |  September 1, 2011  |  32 Comments

A little over a year after my son was born, we traveled back home to Texas for a Christmas gathering at my in-laws’ place. My family is part Irish, and we tend to give people Irish names – my son’s name is Sean Michael. But in my wife’s Czech and German family Irish names aren’t normal.

At the Christmas party, we introduced Sean to my wife’s grandmother for the first time, and she wasn’t having any of this “Sean” business. She said “Sean? What kind of a name is that? I’m going to call him ‘Mike’.”

We were a year and a quarter into the Sean Michael Blakley personality experience and it was already clear to us that calling Sean “Mike” was not going to be a winning strategy. So we laid out the facts. “You can call him whatever you want”, we said, “but if you don’t call him ‘Sean’, he’s just going to ignore you”.

In the end, Sean and his great grandmother reached an understanding. She called him “Sean”.

That’s the way it works amongst us humans – I choose what I want to be called, and you call me that.

That’s apparently not the way it works at Google+.

Google is currently trying to enforce a “common name” policy in Google+. The gist of the policy is that “your Google+ name must be “THE” name by which you are commonly known”.

This policy is insane. I really mean insane; the policy is simply completely divorced from the reality of how names really work AND the reality of how humans really work, and it’s also completely at odds with what Google is trying to achieve with G+.

The root of the problem is that Google suffers from the common – but false – belief that names are uniquely and inherently associated with people. I’ve already explained why this belief is false elsewhere, but for the sake of coherence, I’ll summarize here.

There isn’t a one-to-one correspondence between people and names. Multiple people share the same name (George Bush, for example, or even me: George Robert Blakley III), and individual people have multiple names (George Eliot, George Sand, George Orwell, or Boy George – or even me, George Robert “Bob” Blakley III). And people use different names in different contexts; King George VI was “Bertie” to family and close friends.

THERE IS NO SUCH THING AS A “REAL” NAME.

A name is not an attribute of a person; it is an identifier of a person, chosen arbitrarily and changeable at will. In England, I can draw up a deed poll in my living room and change my name at any time I choose, without the intervention or assistance of any authority. In California, I apparently don’t even need to write anything down: I can change my name simply by having people call me by the new name on the street.

COMMON NAMES ARE NOT SINGULAR OR UNIQUE.

Richard Garriott is COMMONLY known as “Richard Garriott” in some contexts (check Wikipedia), and COMMONLY known as Lord British in other contexts (go to a computer gaming convention). Bob Wills and Elvis are both “The King”.

Despite these complexities, Google wants to intervene in your choice of name. They want veto power over what you can call yourself.

Reversing the presumption that I choose what to be called happens – in the real world – only in circumstances which diminish the dignity of the individual. We choose the names of infants, prisoners, and pets. Imposing a name on someone is repression; free men and women choose their names for themselves.

But the Google+ common name policy isn’t even consistently repressive; it sometimes vetoes names which ARE “common” in the sense Google intends (Violet Blue is an example), it sometimes accepts plausible names based on clearly fraudulent evidence, and it even “verifies” fraudulent names.

Google+’s naming policy isn’t failing because it’s poorly implemented, or because Google’s enforcement team is stupid. It’s failing because what they’re trying to do is (1) impossible, and (2) antisocial.

(2) is critical. Mike Neuenschwander has famously observed that social software is being designed by the world’s least sociable people, and Google+ seems to be a case in point. Google wants to be in the “social” business. But they’re not behaving sociably. They’re acting like prison wardens. No one will voluntarily sign up to be a prisoner. Every day Google persists in their insane attempt to tell people what they can and can’t call themselves, Google+ as a brand becomes less sociable and less valuable. The policy is already being described as racist and sexist; it’s also clearly dangerous to some disadvantaged groups.

If you want to be the host of a social network, you’ve got to create a social space. Creating a social space means making people comfortable. That’s hard, because people don’t fit in any set of little boxes you want to create – especially when it comes to names. But that’s table stakes for social – people are complicated; deal with it. Facebook has an advantage here; despite its own idiotic real-names policy and its continual assaults on privacy, the company has real (i.e. human) sociability in its DNA – it was created by college geeks who wanted to get dates; Google+ wasn’t, and it shows.

If Google’s intention in moving into social networking is to sell ads, Google+’s common names policy gives them a lock on the North American suburban middle-aged conservative white male demographic. w00t.

The Google+ common name policy is insane. It creates an antisocial space in what is supposed to be a social network. It is at odds with basic human social behavior; its implementation is NECESSARILY arbitrary and infuriating, and it is actively damaging the Google+ brand and indeed the broader Google brand.

The problem is not flawed execution; it is that the policy itself is fundamentally unsound, unworkable, and unfixable.

Google can be a social network operator, or they can be the name police. They can’t be both. They need to decide – soon. If I were Google, I’d scrap the policy – immediately – and let people decide for themselves what they will be called.

Update:

Great reply by Nishant Kaushik here.

Update 2:

Botgirl Questi’s aggregator of #nymwars posts.

Kee Hinckley’s excellent overview of the issues (it’s worth reading the rest of what Kee has written on this issue too).

Skud’s explanation of how the Google+ name investigation process appears to work in practice.

Update 3:

Kaliya can’t use “Identity Woman” (a name by which she is COMMONLY known by everyone I know), and she also can’t use “Kaliya” unless she also wants to use her ex-husband’s name.

Google’s position on these issues is “G+ is completely optional. No one is forcing you to use it.

32 Comments »

Category: IAM     Tags:

Robin Wilton joins the IT1 Identity and Privacy team

by Bob Blakley  |  July 19, 2010  |  1 Comment

The Burton Group IdPS team has a new member and a new name.

As of today we’ve added Robin Wilton as our newest analyst. A lot of you know Robin from his work on identity, privacy, and security at Sun Microsystems and the Liberty Alliance. Most recently, Robin has headed his own identity and privacy consulting firm, Future Identity, and served as the global privacy and public policy director for the Kantara Initiative.

Robin will continue his work on privacy here at Gartner, joining Ian Glazer as the European half of our privacy practice. He’ll also be taking on our PKI coverage, as well as other topics as we move forward. Robin is a great addition to the team, and we’re very excited to have him; if you’re at Catalyst next week, we’ll be happy to introduce you to him.

We’re also changing our name. From now on we’re the Gartner IT1 Identity and Privacy team. Don’t fret; this is a branding exercise, and everything about our coverage and team structure will remain the same. You can still call us IdPS if you want to. Think of it as a nickname.

We’re looking forward to seeing you at Catalyst in San Diego next week. If you haven’t registered yet, there’s still time. It’s going to be our best event ever, so don’t miss it!

1 Comment »

Category: Uncategorized     Tags:

More Good News: Blizzard Founder Realizes DRM is Useless

by Bob Blakley  |  May 28, 2010  |  1 Comment

Starcraft 2 will be released without boneheaded DRM restrictions – and Frank Pearce (founder of videogame giant Blizzard) admits in an interview with Videogamer magazine that DRM is a losing battle.  With more business acumen than most “content” executives, he observes that “We need our development teams focused on content and cool features, not anti-piracy technology.”

Yes you do.

1 Comment »

Category: Uncategorized     Tags:

UK Finally Scraps Useless ID Scheme

by Bob Blakley  |  May 28, 2010  |  2 Comments

The UK Government today announced its definitive plan to scrap the National ID scheme.  This is good news; the scheme had no clearly articulated goals, and the previous UK administration was never able to state what identity-related problem it was trying to address.

The new government is binning the scheme for the right reasons. In explaining the decision, new deputy prime minister Nick Clegg said: “The wasteful, bureaucratic and intrusive ID-card scheme represents everything that has been wrong with government in recent years. By taking swift action to scrap it, we are making it clear that this government won’t sacrifice people’s liberty for the sake of ministers’ pet projects.”

And the news gets even better – it looks like this government will roll back more stupid and wasteful plans in the future.  Home secretary Theresa May is quoted as saying: “This bill is a first step of many that this government is taking to reduce the control of the state over decent, law-abiding people and hand power back to them. With swift parliamentary approval, we aim to consign identity cards and the intrusive ID-card scheme to history within 100 days.”

2 Comments »

Category: Uncategorized     Tags: , ,