Content-type: text/html Downes.ca ~ Stephen's Web ~ My Email to Netscape

Stephen Downes

Knowledge, Learning, Community

Mar 17, 1998

Posted to HotWired Wed, 18 Mar 98

Who does your digital identity belong to? Do you have the right to keep your identity private while you browse? Consider, in light of my email to Netscape's online community.

To: Member_Directory@netscape.com

This note addresses two related but separate topics.

  1. When I signed up as a member of the Netscape Netcenter community, the system did not allow me to specify my email address. Rather, it obtained and posted an email address on its own. The address is correct, that is, it is a valid email address, however, it is an address I never use (I have about 5 email addresses).

    What concerns me is that it got the *correct* email address for the account I am using. That shouldn't have happened.

    I have set *all* my Netscape mail and news options to my other email identity. This includes my POP server and reply-to addresses, which are set to downes@docker.com

    However, your system inferred (correctly) that the account I am using is in fact my sdownes@mb.sympatico.ca account. I can see how you could obtain my mb.sympatico.ca domain, however, you should not, according to the documentation I've seen, be able to obtain my userid. I have *never*, in my life, entered the sympatico address to any form, etc, so you're not getting it from a cookie or any static data on my browser. You must be obtaining it from my current ISP login information.

    What I want to know is: how you did this. I run a Netscape Enterprise server myself and haven't seen any 'snoop on user id' features. So there's something else.

    I am also concerned about privacy. My understanding of web browsing is that userids remain private, however, this very much dashes that assumption.

  2. My email address, as determined by your system, is now part of my userid. No problem, right? It's my account - just go in and change it.

    Wrong. It turns out, in order to change it, I must obtain a digital certificate from Verisign in order to change my personal information.

    One thing about this that troubles me is that nowhere was I told this *prior* to my signing on as a member. But let's let that go.

    More significant is that I cannot change my own information without the intervention of a third party.

    This raises concerns because, first, I know that Verisign is going to come back in six months asking for money, which I must pay, or otherwise they will toast my digital identity. I have refused to pay them in the past because I never cared. But now I've got something a little more significant going on here.

    Moreover: if it's my identity, why can't I choose my own agency? I have no particular reason to trust verisign. However, all other things being equal, I'd rather employ a Canadian agency, subject to my country's provacy legislation.

Thank you for responding to my concerns. I think these are significant issues affective personal rights of privacy and identity on the internet. Normally I wouldn't bother, but since you are Netscape, and therefore major players (big huge major players) in net technology, I think we need a response. I am therefore posting this email to a forum at Hotwired Threads, where it can be reviewed and discussed by others involved in online culture. I will - unless you object - post your reply there as well. Thanks.


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Dec 07, 2024 3:10 p.m.

Canadian Flag Creative Commons License.

Force:yes