This work is licensed under a Creative Commons Attribution 4.0 International License.
Andy Oram
December 14, 2007
A common lament is that the early Internet was invented without a view toward security, much less reputation. Considering that the first intended use of the Internet was a kind of 1970’s-style grid computing (time-sharing on supercomputers), the inventors should have had both security and reputation in mind. Nowadays we need reputation even more.
It may be possible to write an article at O’Reilly on social topics without mentioning Web 2.0, but I just blew my chance. I can’t avoid it; the tidal wave of grass-roots contributions to the Internet over the past decade is what drives web administrators and users to ask the fundamental questions in reputation:
And on the other hand, we worry about our own reputations:
The last question points to the ideal hovering over all these questions: that of a universal reputation we can accrue over the years and use in every community we join. As several speakers pointed out, online and offline reputations are merging, causing our academic careers, jobs, and personal associations increasingly to rest on what we do online.
These sorts of issues drew some 90 to 100 lawyers, technologists, librarians, and others to a Symposium on Reputation Economies in Cyberspace at Yale University’s Information Society Project this week. The fog surrounding reputation is clearing, but the emerging landscape is different from what many of us expected. The goal of a universal reputation may be unachievable in both theory and practice. More to the point, it may be undesirable.
As the presence of the word economies in the title of the conference indicates, reputation can be seen as a market in which people invest in reputation, store it, exchange it, and expend it as necessary for other goods.
Reputation also has a crucial impact on real economies. Recently, SourceForge.net opened a Marketplace where free software experts can offer services and support. Marketplace offers a reputation system where buyers and sellers can rate each other’s performance. This happens to be the same business that CollabNet tried many years ago (CollabNet was partly funded by O’Reilly). According to Brian Behlendorf, a founder of CollabNet, it had a reputation system too and was fairly successful, but the company decided to focus on another core business.
Reputation can potentially alter our politics as much as our buying habits. Flexible rating and ranking systems aimed at communities that form online can help them determine who is trusted in the community, where members disagree, and how much support each position has. People may therefore be able to organize over the Internet more quickly and with greater transparency and clarity.
Several presenters at the conference, including Hassan Masum (a researcher at the McLaughlin-Rotman Centre for Global Health) and Harvard Law School’s Urs Gasser, pointed out the complexity of reputation and asked us to consider such issues as what effect we want reputation to have, how long a rating holds its meaning, whether reputation should be meaningful among a small group of peers or on a more global scale, and how to encourage honest ratings. They listed concerns such as preserving dissenting points of view (avoiding “mobocracy”), giving the subjects of reputation the right to air their views, and putting in place frameworks that allow different communities to talk to each other.
Auren Hoffman of Rapleaf listed three criteria we should ask of reputation systems:
You should know what your reputation is and what information it’s based on. This calls for transparency on the part of the site maintaining the information. “Nobody should know more about you than you know about yourself.”
You should be able to correct wrong information and remove personal information you don’t want others to see.
You should be able to reuse the reputation stored by one service or social network on another.
All three of these, however, are subject to debate and counter-example.
Information equity is certainly a major problem today. (One audience responded to Hoffman by suggesting, “Nobody should know more about you than you know about them.”) To digress for a moment, this is one of the outrageous aspects of a recent court ruling that email users have no reasonable expectation of privacy. This apparently overrules an opinion issued four months earlier by the court.
In addition to the damage done to civil rights by this ruling, it is supremely cynical because it doesn’t apply to you or me. According to the court, you have no right to hide your email from me. But I can’t act on that. It’s a doctrine that, conveniently, only governments (and ISPs) can benefit from.
At the conference, by and large, everybody agreed that your data should be available to you and that the heuristics used to generate reputation should be open. But participants pointed out that search engines are the only really robust reputation systems available, and proposed that they work only because they keep their heuristics secret.
Can we ever design a transparent system that resists fraud and gaming? Ashish Goel, who does Operations Research at Stanford University, says no: “It’s an intractable problem to detect collusion that inflates reputation.” Yet he still supports transparent reputation systems.
Darko Kirovski of Microsoft Research further pointed out that a reputation system can’t predict fraud because fraud is a sudden shift in behavior: fraudsters behave honorably up to the moment when they strike their victim.
Vipul Ved Prakash described Vipul’s Razor, a distributed spam-blocking system that has proven to be popular, effective, and resistant to attack. It works because everybody online can identify unsolicited bulk email, and because they mostly agree on what’s spam and what’s not. People simply mark mail as spam when they receive it, and when a critical mass builds up identifying a particular email as spam, other participating systems delete it.
Prakash created a reputation community using a classic technique of seeding it with trusted people. It’s very hard to bootstrap a stable and trustworthy reputation online without such seeding.
New people who consistently rate email like the trusted community get added to that community. On the other hand, anyone who rates an email message differently from the trusted community gets downgraded severely. Over time, a an extremely reliable set of trusted people who act very quickly to flag spam builds up. Spammers who try to break into the trusted group have a high barrier to entry (it requires many accurate ratings) and are dumped quickly when they stop rating spam correctly.
In general, panelists argued that computational systems are unlikely to create better ratings than human beings, and human beings are notoriously inconsistent in their ratings. But as Goel says, computational systems can aggregate human ratings to facilitate their perusal and application.
It’s obvious that people, hotels, web sites, etc. change over time and need to be re-examined. And those viewing the information also change, so the value of information degrades over time even if a rating is still correct. But even Hoffman’s Rapleaf doesn’t let you change a comment after you post it. (You can, however, add new comments to adjust your rating.)
Changing information can be hard. For example, public-key certificate systems include revocation protocols, but they’re rarely used. Like any distributed information, certificates are resistant to attack by antibodies once they enter the Internet’s blood stream.
There is also a social dimension to changing information. Who says what’s right and wrong? Just because a professor doesn’t like your assessment on RateMyProfessors.com doesn’t mean she has a right to remove it. Jonathan Zittrain (of Oxford University and Harvard Law School’s Berkman Center) pointed out that the Berkman Center’s StopBadware site (used by Google to warn people away from sites infected by spyware) is a reputation engine of a sort. It’s obviously one that many people would like to eliminate—not only sites being accused of infection, but the spammers and others who broke into those sites in the first place.
Debates that sprang up in the 1980s (or even earlier) about privacy—privacy versus free speech, opt-in versus opt-out—have returned as overgrown brambles when reputation becomes an issue.
Nobody at the symposium offered a great solution to the balance between privacy and free-speech, which have to be rejudged repeatedly in different contexts. Rebecca Tushnet of Georgetown University Law Center pointed out the disparity between provisions for copyright holders and provisions for others who claim unfair behavior on the part of online sites. The safe-harbor provision of the DMCA requires ISPs to take down content immediately when someone claims copyright over it (and the person who put up the content rarely succeeds in getting it restored). But a well-known provision upheld as part of the Communications Decency Act (USC Title 47, Section 230) exempts ISPs from being liable for content posted by users.
So you’re much better off claiming copyright on something than trying to get an ISP to take down a defamatory or threatening post. Tushnet would modify both laws to move them somewhere in between these extremes.
On the other hand, we don’t always have to assume opposing and irreconcilable interests. Zittrain suggested that a lot of Internet users would respect a request to refrain from propagating material. He envisions a protocol by which someone says, “I am posting a picture of myself in drunken abandon to amuse my friends on Facebook, but please don’t publish it in a news article.” More generally, a lot of people enamored of the mash-up culture grab anything amusing or intriguing to incorporate into their work, but would be willing to leave something alone if they could tell the originator wanted them to.
Zittrain pointed to robots files and the Creative Commons as examples of voluntary respect for the rights of authors. He also said that the private ownership of social networking and blogging sites—and the consequent ability to enforce terms of service—can be used for good or ill, and that in this case some protocols for marking content and policies for enforcing them could be beneficial to the user privacy.
Hoffman pointed out that privacy advocates lobby for opt-in systems, because few users care enough about privacy to opt out of data collection. (“If consumers are responsible for protecting their privacy, there is no privacy.”)
The latter point was underlined by a fascinating research study presented by Alessandro Acquisti of Carnegie Mellon (Information Technology and Public Policy). When survey takers were presented with a detailed privacy policy assuring their confidentiality, they were far less likely to volunteer sensitive personal information than when they were given the survey with weak confidentiality guarantees or no guarantees at all. In other words, people didn’t think about the safety of providing personal information until Acquisti’s researchers forced them to confront it.
Several panelists, including Mozelle Thompson, a former commissioner on the Federal Trade Commission and an advisor to Facebook, confirmed that consumers need to be protected by privacy laws, just as they need seat-belt laws. When Thompson was on the FTC, it asked Congress to pass comprehensive privacy legislation, but of course they didn’t. Even the European countries, known for their strong privacy directives and laws, “put themselves in a box” according to Thompson, because they focused on individuals’ self-determination.
So an opt-in world is necessary to protect privacy, but Hoffman pointed out that opt-out is required to develop most useful databases of personal information. If search engines depended on opt-in, we wouldn’t be able to search for much of value.
Nevertheless, our current opt-out regime is leading to such heights of data collection—and eventual abuse—that Hoffman believes a reaction is imminent. Either government regulation or a strong consumer movement will challenge opt-out, and we need to offer a well-though-out combination of regulation and corporate good behavior in order to avoid a flip to a poorer opt-in world.
Although portable reputations, like single sign-on, appear to be Internet’s golden future (both in terms of user participation and commerce), they’re not likely to happen.
The first reason, of course, is that people have multiple reputations. Judging from the polls, Bill Clinton had a good reputation as a politician; he had a less enviable reputation as a sexual partner. Your own reputation on a technical site may be quite different from your reputation on a political discussion site, and your reputation on Republicans’ forums will be different from Democrats’ forums.
Michel Bauwens of the Foundation for P2P Alternatives saw little value to generalized, global reputation systems. If we collect ratings indiscriminately from everybody about everything, we come out with a lowest common denominator, taking no account of interesting diversity and personal taste. (Interestingly, I remember George Gilder making a similar complaint about broadcast TV in the 1990s.) Bauwens said that we need to implement small reputation systems within affinity-based groups, and that the Internet is moving reputation from its former locus in the family or community to widespread groups based on common interests.
Beth Noveck of New York Law School built further on the idea of groups holding on to reputation. She would like to see eBay reputations owned neither by eBay (which can currently wipe out years of reputation with no recourse on the part of the user) nor by the user himself, but collectively by the community that created the reputation. The group should also be able to determine the rules that govern reputation, such as when it can be transfered to another group.
Noveck also raised the problem of boot-strapping reputation. Social networks rely on endorsements by friends. But what if you go online where you have no friends, or your friends all abandon your network for the next big thing?
Another way to build reputation is to contribute a lot—but that works only if you have stuff to contribute that other people appreciate.
On the one hand, I respect the attitude that you have to bring something to the table if you want respect. This has always been the modus operandi of the hacker movement. If you code something good, you’re allowed in. And why shouldn’t you have to prove yourself to earn respect?
Still, I recognize that the hacker ethos assumes people have access to computers, as well as access to training in programming. Furthermore, hackers have trouble recognizing that coding skills aren’t always coterminous with ethics—or maybe ethics just aren’t their concern.
Similarly, depending on recommendations from friends works great if you earned a degree from Carnegie Mellon and worked at Google for three years. But what if you got your degree from RMIT University in Melbourne, Australia or from JMIT in Radaur, India, and the only places you’ve worked are small firms that most programmers in Europe and the U.S. haven’t heard of?
Noveck said that if we invest in groups, we can use those groups to derive the benefits of reputation (such as finding jobs) without depending on the wider ebb and flow of reputation such as people find by Googling.
More generally, reputation is becoming more and more clearly tied to the goals of each site that maintains reputation. Just as standardized tests in school are best suited to predicting your ability to take standardized tests, reputation systems on a site determine only your performance on that site.
Another metaphor is the theory of evolution. Some of the (sophisticated) critics of evolution complain that “survival of the fittest” doesn’t predict what’s desirable. Are white moths or black moths more “fit”? The answer depends entirely on the environment. When trees are light-colored, white moths dominate, and when they become covered in soot, black moths proliferate. Your reputation has to adapt to the sites you visit in similar ways.
A good example was provided by Mari Kuraishi of GlobalGiving Foundation. As part of their goal of linking potential donors to deserving non-profits, they look for ways to help donors choose from a bewildering variety of deserving organizations around the world. Kiraishi apologized a bit for the crudeness of their measures: they calculate how often a project puts a report up on their site, and how successful the project is at raising money on their site. They also ask donors to rate the value of the information posted by a project.
None of those simple measures really determines whether a project is meeting the needs of its population. But I don’t believe we should disparage the measures, because they do reflect one important criterion: how well the project uses GlobalGiving. In short, the rating system is self-referential, and that’s a legitimate goal.
A more general principle of making reputation site-specific was articulated by Goel, who has created a system that he believes would encourage more user participation in rating systems such as the ones maintained by eBay and Amazon.com.
The system would be funded by revenue-sharing from the sites’ profits. Users would be asked to assign both positive and negative ratings. When a user assigns a positive rating to a product that is later bought, the user gets a reward.
An audience member pointed out that unusual tastes are penalized. What if very few people like the books you do? Goel explained that the rating system should not be seen as a moral judgment upon the individuals doing the rating. The fact is that if an individual chooses products or vendors that most people dislike, that individual is of no use to the site. It’s a purely instrumental view of reputation—and it may be the most viable.
Despite the benefits of restricting reputation to affinity groups, we currently depend more and more on the Googling sort of reputation. This can be hard on people who become notorious for silly reasons. Daniel Solove of George Washington University Law School offered several amusing examples. He recommended that people avoid using the Internet to shame others, because news spreads beyond the point where it’s productive and it lasts forever.
But the most disturbing presentation of the day was by Danielle Citron of the University of Maryland’s School of Law, concerning harrassment of women online. She hammered home the extent of the problem with alarming anecdotes (such as the famous history of the death threats against programmer/author Kathy Sierra) and statistics.
A lot of women write under gender-neutral pseudonyms that don’t permit them to be identified by name, or go offline altogether. This denies them the benefits discussed so far of reputation, including the reputation that potential employers measure by doing online searches.
Citron looked at the history of terror as well as the sociological literature on group harrassment, and pointed out that all the contributory factors are accentuated in the online world, while inhibitory factors are reduced. Online, it’s easy for harrassers to find each other and work together; they can remain anonymous; they face little risk of being found and prosecuted or of facing retaliation by the victim; and so on. Like Tushnet, Citron would like to put more of the burden on ISPs to do something about harrassing content, because that’s where the power over the harrassers lies.
In response to the Sierra incident, Tim O’Reilly has proposed a blogger’s code of conduct. Although it hasn’t been picked up by bloggers, Zittrain said a system like that could be valuable if it’s simple and its value becomes easily understood.
Bauwens pointed out that most online work, like other peer-generated information, is done by volunteers without financial remuneration. This is clearest in expressive communities such as YouTube. In commons-oriented production, such as Linux and Wikipedia, everyone derives a shared benefit without money exchanging hands. (Most Linux kernel hackers are now paid to do their work, but most companies who pay them don’t get their investment back directly by selling Linux.)
Money becomes a factor in peer production when it gets integrated into a company’s value chain, as with Amazon.com rankings or the kinds of user innovation networks researched by Eric von Hippel. Bauwens recognized that people will “cash in” their reputations at some point, but urged sites to try somehow to maintain some distance between the systems that solicit ratings and the material rewards for such ratings.
Kuraishi categorized rating relationships three ways, following psychologist Steven Pinker: authority ranking, rating to support exchange (as on eBay), and communal sharing (as on book or restaurant reviews).
William McGeveran of the University of Minnesota’s Law School said that reputation and privacy used to be a top-down affair between the collector of information and the person being tracked. Rules get more complicated in an age of Amazon.com ratings and Facebook Beacon, where the collector uses the reputation of the individual to affect the decisions of third parties. Even people on social networks take advantage of others’ reputation as they ask their friends for recommendations. The attempt to stretch reputation to support the reputation of other people or companies could lead to spam-like annoyances as well as privacy concerns.
Bob Sutor, VP of Open Source and Standards at IBM, pointed out that people’s bad reputations can drag down the reputations of the things they rate. I’m not sure that’s quite true, but would restate it to say that you don’t benefit from being rated highly by people who lack high reputations themselves.
Rishab A. Ghosh of United Nations University’s UNU-MERIT center picked up on the theme of unremunerated contributions. Peer-to-peer networks sharing free contributions lack the kinds of guidelines that pricing offers. Whereas pricing helps me decide where to put my time and energy in a market, I can’t use pricing as a decision about what community to join or what open source project to work for. Reputation is critical for such peer projects. And even in exchanges involving money, reputation is important. In general, Ghosh said, “reputation captures the value about people that is not caught by markets” (pricing).
Ghosh does not expect reputation to be easy to measure and use online. Formal systems are always subject to abuse. For instance, vegetarians can downgrade the rating of a restaurant they’ve never stepped in because they disapprove of its selling meat. Ghosh trusts the more subjective reputation that we use in everyday life, both online and offline. We listen to our friends, our professors, our more experienced colleagues. If we like meat, we listen to other carnivores and go to the restaurants they like, ignoring the opinions of vegetarians.
As Tushnet said, intellectual property restrictions can act like a tourniquet to restrict the flow of information and innovative information uses. She displayed a couple typical LiveJournal pages and pointed that nearly everything people used to establish their identity and attract friends—pictures of movie scenes and cartoon characters, references to pop artists, etc.—represented someone else’s intellectual property in some way. Our identities tend to be mash-ups, and yet they’re what we used to seed our reputations.
Eric Goldman of Santa Clara University’s School of Law laid out several ways companies try to keep other sites from discussing their products, such as copyrighting their product description texts and even their model numbers, and invoking trademark rights to take down poor reviews. He called for a few modest changes to current law to open up space for reputation sites:
The vision of a Semantic Web tries to make everything searchable through metadata, but this very metadata may be encumbered by intellectual property. John Clippinger of the Berkman Center said, “Metadata is a control point.”
A discussion of data sharing across social networks revealed that participants think attitudes are moving toward being more open, but that we haven’t seen any change yet.
To appreciate how far society has come from earlier times (even before the invention of telecommunications and the Internet), a delightful exercise is to view the French film The Return of Martin Guerre. This film is closely (though not exactly) based on true events in the 16th century. It concerns a man named Martin Guerre who left his wife and home, but returned three years later to take up with his wife again and work for the family patriarch. When he started to demand a share of the family homestead, complaints began to be aired that he was an imposter. All sorts of odd facts and memories about Guerre were dredged up by people on both sides. Two trials were held in a situation that nowadays could probably be solved by picking up the phone and calling a few government offices.
Even for someone like me who’s been following the field of reputation for a while, Yale’s Reputation Economies conference raised a lot of good new ideas. At a lunch break, Information Society Project organizers asked people with press passes a few reputation-related questions, which are related to a new initiative at Yale to set up a Law and Media program.
How do they decide whom to give a press pass to? Would it be useful to develop a code of ethics? If citizen journalists signed on to such a code, would it enhance their reputation?
Laura Denardis, incoming directory of the Information Society Project, laid out three types ways citizen journalists could be rated:
Some of us pointed out that reputation in journalism is built top-down as well as bottom-up. If you’re banned from the White House, you can’t build up a portfolio of articles about White House press conferences. Conversely, being allowed into this symposium allows me to prove I can write a compelling article about symposia and get myself invited to more.
O’Reilly Media is almost universally seen as the biggest reputation builder in our area of technology. Having this article published on the O’Reilly Network gives it much more credibility that circulating it as an anonymous email.
For many years we had it good at O’Reilly. To put it bluntly, we decided whose reputation to boost and who should have access to our readers. Our readers in turn trusted us (and obviously still do, to a large extent) to determine whom they should trust.
The burgeoning blogosphere, along with other forums for self-publishing books and smaller media items, threatens the gatekeeper role that O’Reilly built and that built us. As Bauwens said at the beginning of the symposium, “Institutions are faced now not only with individuals, but with self-organized peer groups.”
O’Reilly is trying to preserve some of its centrality in the reputation economy of the tech world. We have long experience in doing this, luckily—for instance, our relationships with user groups is unparalleled. But the power relationships and channels for communication are undergoing wild shifts. We’re learning to disentangle the elements of added quality in publishing from the elements of reputation gatekeeper, and over the next few years the shifts in reputation economies is going to change us as much as anyone.
This work is licensed under a Creative Commons Attribution 4.0 International License.