Think strong identity is the best option to preserve a drama free environment?† Think again.† The drama -- even with recent days' uproar -- hasn't begun.
RealID isn't even likely to be effective.† No one is anonymous on forums -- your forum name is a pseudonym.† Revealing your verified identity and email address to fellow forum members doesn't protect Blizzard -- they already know who you are.† They wield the banhammer.
Blizzard may think RealID will chill misbehavior, and save time for their community managers.† If I were more generous, I'd say they want to raise the level of discourse on the forums for the sake of the community.
RealID exposes information that will not be bottled up once made available to peers on battle.net.† Peer access gives Blizzard inevitable plausible deniability on breaches ("it wasn't released by us, it was probably one of your RealID contacts").
Releasing personally identifying information (such as an email address and real name) in the way that RealID does may violate European privacy laws. Implementing RealID may well violate Blizzard's claim to safe harbor.
An organization must offer individuals the opportunity to choose (opt out) whether and how personal information they provide is used or disclosed to third parties [which would include fellow users] (where such use is incompatible with the purpose for which it was originally collected or with any other purpose disclosed to the individual in a notice).† [this might actually be ok -- they gave notice, after all]
Organizations creating, maintaining, using or disseminating personal information must take reasonable measures to assure its reliability for its intended use and reasonable precautions to protect it from loss, misuse and unauthorized access, disclosure, alteration and destruction.†
Effective privacy protection must include mechanisms for assuring compliance with the safe harbor principles, recourse for individuals to whom the data relate affected by non-compliance with the principles, and consequences for the organization when the principles are not followed. At a minimum, such mechanisms must include (a) readily available and affordable independent recourse mechanisms by which an individual’s complaints and disputes can be investigated and resolved and damages awarded where the applicable law or private sector initiatives so provide; (b) follow up procedures for verifying that the attestations and assertions businesses make about their privacy practices are true and that privacy practices have been implemented as presented; and (c) obligations to remedy problems arising out of failure to comply with these principles by organizations announcing their adherence to them and consequences for such organizations. Sanctions must be sufficiently rigorous to ensure compliance by organizations.†
Legality aside, Blizzard is setting the stage for a privacy nightmare.†
If you follow the references in that link, you will find an amazing store of geekery on how once your private information becomes less private, it's pretty much destined to become public. In Internet privacy circles, this is known as Norlin's Maxim.
And above all, you should have a choice as to how your personal information is used and disclosed.† Changing those rules capriciously shouldn't cut you off from your community.
Those of you who know me through the gaming community may or may not know that a few years ago, I was executive director of an open source project called The Tor Project, which is one of the best solutions for online anonymity.† I got involved in the project because, as a second generation card carrying member of the ACLU and a first generation member of the Electronic Frontier Foundation, I am a strong advocate of civil liberties.† Privacy is an important aspect of freedom of interference from government or big corporations.
People have all kinds of legitimate reasons to want to remain anonymous. Anonymity shouldn't be flatly defined as a shield for misbehavior, or something that evokes "fear of other."† Elsewhere, blogs have brought up children's safety (and legal compliance with COPPA), women's privacy and witness protection, but the problem can be much more broad than that (even though that would seem to involve more than half the population already), depending how daft your neighbors are.
Not everyone is comfortable being identified as "a gamer," and in some communities, that's no joke.† They ban Harry Potter and (as some of you may assume) not just in southern fundamentalist backwaters, and intimidated TSR/WOTC/Hasbro into taking the dieties and demigods out of D20, so what do you think they're going to do with cheerful undead necromancers and sexy night elves? Don't you know that WoW and cosplay will destroy your child? Teachers can be fired for doing prestidigitation with toothpicks -- it's wizardry, you know -- so what would happen if they are playing WoW?
Not all of us live in places like Irvine, NYC, and Paris -- and those places don't always fit our assumptions of "places like" them either. Someday (if not today) you might be turned down for a job because you play WoW, and authorities say that playing MMOs makes you slack.
Systems like RealID rarely work even when professionals try to anonymize data that can be shared outside the company. If even 5% of Blizzard's users (and that's probably less than the numbers of minors in their user base) want some semblance of privacy, they should be allowed to keep it -- which means a system like RealID where fellow users have access to personally identifying information should never be implemented.†
Privacy should not be designed like a sieve.† You can tell them that directly.† You don't have to flame the forums.
Please be aware that we cannot control the activities of third parties to whom we provide data, and as such we cannot guarantee that they adhere to the same privacy and security procedures as Blizzard.
Blizzard, through its parent company, is a licensee of the ESRB's Privacy Online Program. If you believe that we have not responded to your inquiry or your inquiry has not been satisfactory addressed, please contact ESRB directly at http://www.esrb.org/privacy/contact.jsp or:
ESRB Privacy Online
Attn: Director, Privacy Online
317 Madison Avenue, 22 Floor
New York, NY 10017