Reputation in the Information Age
Reputation is a social mechanism by which we come to trust one another, in all aspects of our society. I see it as a security mechanism. The promise and threat of a change in reputation entices us all to be trustworthy, which in turn enables others to trust us. In a very real sense, reputation enables friendships, commerce, and everything else we do in society. It’s old, older than our species, and we are finely tuned to both perceive and remember reputation information, and broadcast it to others.
The nature of how we manage reputation has changed in the past couple of decades, and Gloria Origgi alludes to the change in her remarks. Reputation now involves technology. Feedback and review systems, whether they be eBay rankings, Amazon reviews, or Uber ratings, are reputational systems. So is Google PageRank. Our reputations are, at least in part, based on what we say on social networking sites like Facebook and Twitter. Basically, what were wholly social systems have become socio-technical systems.
This change is important, for both the good and the bad of what it allows.
An example might make this clearer. In a small town, everyone knows each other, and lenders can make decisions about whom to loan money to, based on reputation (like in the movie It’s a Wonderful Life). The system isn’t perfect; it is prone to “old-boy network” preferences and discrimination against outsiders. The real problem, though, is that the system doesn’t scale. To enable lending on a larger scale, we replaced personal reputation with a technological system: credit reports and scores. They work well, and allow us to borrow money from strangers halfway across the country—and lending has exploded in our society, in part because of it. But the new system can be attacked technologically. Someone could hack the credit bureau’s database and enhance her reputation by boosting her credit score. Or she could steal someone else’s reputation. All sorts of attacks that just weren’t possible with a wholly personal reputation system become possible against a system that works as a technological reputation system.
We like socio-technical systems of reputation because they empower us in so many ways. People can achieve a level of fame and notoriety much more easily on the Internet. Totally new ways of making a living—think of Uber and Airbnb, or popular bloggers and YouTubers—become possible. But the downsides are considerable. The hacker tactic of social engineering involves fooling someone by hijacking the reputation of someone else. Most social media companies make their money leeching off our activities on their sites. And because we trust the reputational information from these socio-technical systems, anyone who can figure out how to game those systems can artificially boost their reputation. Amazon, eBay, Yelp, and others have been trying to deal with fake reviews for years. And you can buy Twitter followers and Facebook likes cheap.
Reputation has always been gamed. It’s been an eternal arms race between those trying to artificially enhance their reputation and those trying to detect those enhancements. In that respect, nothing is new here. But technology changes the mechanisms of both enhancement and enhancement detection. There’s power to be had on either side of that arms race, and it’ll be interesting to watch each side jockeying for the upper hand.
This essay is part of a conversation with Gloria Origgi entitled “What is Reputation?”
Clive Robinson • November 20, 2015 8:42 AM
@ Bruce,
There is another asspect to “gaming reputation” that has much shorter term life aktering consequences.
By now I suspect you are aware that the US owned Radison Hotel in Marli where the French have a large military presence was attacked by terrorists (assumed to be IS or affiliates).
The attack relied on the terrorists pretending to be Diplomats untill inside the security perimeter and close enough to rapidly over power the remaining security and get into cover.
This is not the first occurance of terrorits exploiting reputation to press home an attack. They have impersonated verious uniformed authorities in the past on several occasions.
The problem is how do you “parlay” to check “reputation” in a way that both sides are secure to the risk of impersonation by the other party. In the past the assumption both sides wanted to survive the parlay phase was considered sufficient, but in recent times with terrorists who’s intent is to die in the attack this assumotion is now a fatal flaw.
Likewise is the issue with armed police officers, there has in recent times due to camera phones etc, been enough independent evidence to show that they can nolonger be trusted, and the few who have behaved in a homicidal way to often innocent people, that the only sensible thing is to put as much distance between you and them. That is they now have a reputation of “shoot to kill” just to meet their monthly arrest targets set by their bosses in response to politicians applying preasure.
For “law and order” to work the “parlay” phase has to work safely for both sides irrespective of impersonation, and currently we have no way to do this…