Think strong identity is the best option to preserve a drama free environment? Think again. The drama -- even with recent days' uproar -- hasn't begun.
RealID isn't even likely to be effective. No one is anonymous on
forums -- your forum name is a pseudonym. Revealing your verified
identity and email address to fellow forum members doesn't protect
Blizzard -- they already know who you are. They wield the banhammer.
Blizzard may think RealID will chill misbehavior, and save time for their community managers. If I were more generous, I'd say they want to raise the level of discourse on the forums for the sake of the community.
RealID exposes information that will not be bottled up once made available to peers on battle.net. Peer access gives Blizzard inevitable plausible deniability on breaches ("it wasn't released by us, it was probably one of your RealID contacts").
Releasing personally identifying information (such as an email address and real name) in the way that RealID does may violate European privacy laws. Implementing RealID may well violate Blizzard's claim to safe harbor.
An organization must offer individuals the
opportunity to choose (opt out) whether and how personal information they
provide is used or disclosed to third parties [which would include fellow users] (where such use is
incompatible with the purpose for which it was originally collected or
with any other purpose disclosed to the individual in a notice). [this might actually be ok -- they gave notice, after all]
Organizations creating, maintaining, using or
disseminating personal information must take reasonable measures to assure
its reliability for its intended use and reasonable precautions to protect
it from loss, misuse and unauthorized access, disclosure, alteration and
Effective privacy protection must
include mechanisms for assuring compliance with the safe harbor
principles, recourse for individuals to whom the data relate affected by
non-compliance with the principles, and consequences for the organization
when the principles are not followed. At a minimum, such mechanisms must
include (a) readily available and affordable independent recourse
mechanisms by which an individual’s complaints and disputes can be
investigated and resolved and damages awarded where the applicable law or
private sector initiatives so provide; (b) follow up procedures for
verifying that the attestations and assertions businesses make about their
privacy practices are true and that privacy practices have been
implemented as presented; and (c) obligations to remedy problems arising
out of failure to comply with these principles by organizations announcing
their adherence to them and consequences for such organizations. Sanctions
must be sufficiently rigorous to ensure compliance by organizations.
Legality aside, Blizzard is setting the stage for a privacy nightmare.
If you follow the references in that link, you will find an amazing store of geekery on how once your private information becomes less private, it's pretty much destined to become public. In Internet privacy circles, this is known as Norlin's Maxim.
And above all, you should have a choice as to how your personal information is used and disclosed. Changing those rules capriciously shouldn't cut you off from your community.
Those of you who know me through the gaming community may or may not know that a few years ago, I was executive director of an open source project called The Tor Project, which is one of the best solutions for online anonymity. I got involved in the project because, as a second generation card carrying member of the ACLU and a first generation member of the Electronic Frontier Foundation, I am a strong advocate of civil liberties. Privacy is an important aspect of freedom of interference from government or big corporations.
People have all kinds of legitimate reasons to want to remain anonymous. Anonymity shouldn't be flatly defined as a shield for misbehavior, or something that evokes "fear of other." Elsewhere, blogs have brought up children's safety (and legal compliance with COPPA), women's privacy and witness protection, but the problem can be much more broad than that (even though that would seem to involve more than half the population already), depending how daft your neighbors are.
Not everyone is comfortable being identified as "a gamer," and in some communities, that's no joke. They ban Harry Potter and (as some of you may assume) not just in southern fundamentalist backwaters, and intimidated TSR/WOTC/Hasbro into taking the dieties and demigods out of D20, so what do you think they're going to do with cheerful undead necromancers and sexy night elves? Don't you know that WoW and cosplay will destroy your child? Teachers can be fired for doing prestidigitation with toothpicks -- it's wizardry, you know -- so what would happen if they are playing WoW?
Not all of us live in places like Irvine, NYC, and Paris -- and those places don't always fit our assumptions of "places like" them either. Someday (if not today) you might be turned down for a job because you play WoW, and authorities say that playing MMOs makes you slack.
Systems like RealID rarely work even when professionals try to anonymize data that can be shared outside the company. If even 5% of Blizzard's users (and that's probably less than the numbers of minors in their user base) want some semblance of privacy, they should be allowed to keep it -- which means a system like RealID where fellow users have access to personally identifying information should never be implemented.
Privacy should not be designed like a sieve. You can tell them that directly. You don't have to flame the forums.
Please be aware that we cannot control the activities of third parties
to whom we provide data, and as such we cannot guarantee that they
adhere to the same privacy and security procedures as Blizzard.
...If you have any questions or wish to file a complaint, please feel free to e-mail us at email@example.com, call us at (949) 955-1382end_of_the_skype_highlighting,
92618-3616. (949) 955-1382
Blizzard, through its parent company, is a licensee of the ESRB's
Privacy Online Program. If you believe that we have not responded to
your inquiry or your inquiry has not been satisfactory addressed,
please contact ESRB directly at http://www.esrb.org/privacy/contact.jsp or:
ESRB Privacy Online
Attn: Director, Privacy Online
317 Madison Avenue, 22 Floor
New York, NY 10017