Another kind of identity theft

When you say "identity theft," most people will immediately associate to the theft of Social Security numbers, bank accounts, credit histories, and other mostly financial items. But in the age of the Internet, one's identity is also tied up in Facebook profiles, domain names, email accounts, Twitter handles, and the like. What would happen if a domain registrar stopped responding to your communications? What if you no longer had control over your Google account, your MySpace page, or your personally registered domain--the very items that make up your Web identity?

These aren't just idle questions, and over the past few years there has been a growing movement to redefine how Internet identity is handled and how you control access to it.  Groups such as Identity Commons and OASIS have been at the forefront of establishing new and open standards for web identity, the purpose being to ensure individuals' personal control of their identities.  To this end, a few years back, there was a minor sensation surrounding something called an "i-name."

To make a long story short, i-names (read the link for more) were supposed to be a way to pursue the goal of improved control of personal identity on the web, with some interesting features. Most of the supposed benefits of the new technology have yet to materialize, but there were two nice things that i-names provided almost from the start.  First, i-name providers made a fairly spam-proof web contact form available to all i-name holders, making it possible to put a contact link on a web page without it becoming a spam conduit. Second, they provided a basic web forwarding service, so that even the technically challenged could set up easy-to-remember web links that were persistent and completely controllable.

The price was reasonable, so I signed up with 2idi.com, the original i-name broker and, as far as I know, the largest.  It's been of minor utility, but worth the small annual fee involved to reserve my preferred name (plus a few variations) in what might end up as a significant technology down the road.  It's also been pretty much stress-free. It's there, I use it occasionally, and don't have to think about it when I'm not using it. Until recently. I knew it was almost renewal time, so I logged on to check my renewal date. Sure enough, there it was:

2idi.png

Just as I expected, my renewal was coming up.  It very helpfully directed me to the renewal page, so I proceeded.

listofinames.png

I was stunned to find that while my i-names were nearing expiration, renewal was "not available at this time."

Huh? This made no sense, so I dug around some and found that 2idi.com had not allowed registration in at least a month, perhaps longer for all I knew. This was weird. I went to the front page, where the founders of 2idi, Victor Grey and Fen Labalme, have their contact links displayed:

fenlabalme.png

I had corresponded with Victor before about a minor glitch, so I clicked his link and sent him a message through his 2idi contact page. No response. Nothing. Okayyyyy… After a couple of days, I did a quick search and found what I assumed was his 2idi corporate email address on Alexa:

2idicontactinfo.png

I fired off a quick email, the old-fashioned kind.

Still no response.

Feeling somewhat irritated, I decided to switch gears and try to contact Fen Labalme, the other principal listed on the 2idi.com site.  I sent him a message through his 2idi contact page (I know the contact mechanism is working because I received a couple of messages through mine recently).

After a couple of days, no response.

Now feeling very irritated, I thought of calling the phone number given on the Alexa page above. But first, for the hell of it, I dug up the address for Neustar, the company that runs the XRI registry that oversees i-brokers such as 2idi. com. I found a link to the email address of their i-broker support group, and fired off an email to them asking what recourse registrants such as myself have when their broker seemingly ceases to function. I didn't expect much, but a day or so later I got an email saying they were attempting to contact the responsible parties.

That was a couple weeks ago.  So far, I've heard nothing.

Finally, I tried calling 2idi's phone number, and left a voice mail.  It has been a couple of days now, and I don't know if I'll get a call back or not. But there is one thing that I do know.

I know that when you are trying to promote a new technology, especially one that does not natively interact with the prevailing one (i.e., the DNS system), you had better make a very compelling case for it, and you had better get the early adopters on your side--and once you get them, you had bloody well better make sure they're happy, because nobody, and I mean nobody, is chomping at the bit hoping for something to take off that produces strings like http://xri.net/=somebody/(+business)*department.  It may make sense when you know the syntax, but it looks like freaking algebra, and the whole point is not to complicate but to simplify. Although, it must be said, such a string will resolve to an "i-number" that looks something like this:

=!15ns.4va5.9631.a9y4

Oh, yeah. That's much better. Lord, have mercy…

So now, when what the identity activists need is something compelling, something simple that just works, something that makes your life easier, what they've got instead is something cryptic that is so broken that the major provider of the service is dysfunctional and not responding to requests from new and existing customers who are trying to give them money in order to do business with them.

And this leads me to my next point. In the matter of identity, trust is everything. The entire point of a technology built on the concept of identity is that it can be trusted. When the oldest and largest purveyor of that technology effectively ceases to operate in any normal fashion, that trust has been irrevocably shattered, and the path to widespread adoption has suddenly become much steeper and rockier, so much so that continuing along the same path is probably pointless.

I, for one, have decided to stop trying. I own several domain names, I have a blog, I have a tumblelog, I have accounts on Twitter and Facebook and the like. It's hard for me to see what significant benefit I'm going to derive from continuing to pursue this matter, particularly when my domains are all less expensive and much more useful. I don't mind supporting new technologies that might be beneficial down the road, but there's a limit, and that limit has now been reached.

I-names are dead.

(If anyone from 2idi.com or the XRI community would like to respond, I welcome  your comments and will publish them in their entirety. However, given my experience to date, I eagerly await what I fully expect will be an echoing silence.)

Update 2009-03-13: A message sent to Drummond Reed, co-chair of the OASIS XRI and XDI technical committees, shortly after this was posted produced a reply last night via email. Mr. Reed said that the relevant authorities were "well aware" of the situation, that it involved "a change of business direction" for 2idi, that they were within "a few days" of a resolution, and that he had cc'd Victor Grey and Fen Labalme so that I could be sure they received the email and to give them an opportunity to respond to me directly.  To his great credit, he further specified that "it has been suggested to Victor and Fen by many of us that remaining silent to their own customers is not, as you mention, the best way to engender trust."  I should think that would be self-evident, but at least there is someone reinforcing that point.

Also, in the wake of Mr. Reed's email, a follow-up email to Neustar's support people generated a response, in which it was suggested that Neustar could be of help in transferring my i-names to another registrar.  I appreciate the thought, but at this point it seems most prudent to wait and see what develops in the next few days.

Also, for the record, neither Mr. Grey nor Mr. Labalme have yet responded, either directly or indirectly.