(CNN) — As the public scans Elon Musk’s Twitter feed for clues about how the billionaire businessman intends to run the social media platform he’s buying for $44 billion, it stands out. a mysterious tweet: “authenticate all real humans”.
That cryptic proposal is vague enough to leave people guessing at what Musk has in mind, but specific enough to offer several possible paths as he seeks to shape Twitter more to his liking.
For example, Musk could look to require real names on accounts. Or maybe you can continue to allow pseudonyms but will require photo identification or integration with third-party services where users are already known.
Depending on the outcome, the plan could have huge ramifications for Twitter’s hundreds of millions of users.
Musk’s push to “authenticate” Twitter users stems from one of his biggest annoyances with the platform: spam accounts, particularly those promoting cryptocurrency scams. It’s often not hard to find these accounts lurking in replies to Musk’s tweets; many even try to benefit from his celebrity and lure the unsuspecting by posing as him.
It didn’t help that in the summer of 2020, Musk’s verified account was hit by a widespread Twitter hack that led users, including former President Barack Obama and Kanye West, to inadvertently spread a bitcoin scam. musk has said that cryptocurrency spam bots represent Twitter’s “most annoying problem”.
Musk’s diagnosis may reflect the experiences of a very particular type of user, but it turns out that this user will soon control the design of the platform. As part of his solution to fighting crypto bots, Musk wants to make it easier to separate real accounts from fake ones under his proposal to “authenticate all real humans.”
If the goal is to ensure that each account is linked to a real person, the platform will need some way to verify that they are real. One possibility is an expansion of Twitter’s existing verification program.
Currently, to receive a blue badge In their accounts, users must provide a link to an official website they are affiliated with, an official email address, or a form of government-issued identification. Musk might not require identification, but require users to use their real names.
It could also explore other methods, such as linking accounts to credit cards or relying more on CAPTCHA to defeat bots, said Jillian York, director for international free expression at the digital rights group Electronic Frontier Foundation. (However, CAPTCHAs are not a panacea; as bots have become more sophisticated, CAPTCHAs have become increasingly difficult for humans to solve in what could be described as a technological arms race.)
Whichever method he chooses, York and other experts said Musk is likely to face challenges that fall into two main categories: access and privacy.
Access is about ensuring that everyone who wants to use Twitter can access the platform. With a system that links accounts to credit cards, for example, York said Twitter would risk excluding all those who don’t have them. Maybe they are too young to have a credit card or have bad credit and can’t get approved. They may not like their credit card transactions being exchanged with data brokers or simply prefer to use cash for cultural reasons. Linking authentication to consumer credit “would exclude millions of people,” York said.
Then there is the issue of privacy. While many users may feel like they have nothing to hide, a system that forces users to submit their personally identifiable information creates a single point of failure. Not only would more users have to trust Twitter not to misuse their personal information, but Twitter itself would become a much more important target for repressive governments (which could use lawsuits to force Twitter to hand over the information). or cybercriminals motivated by identity theft.
According to reports, cybercriminals have even posed as real law enforcement officers to fulfill fraudulent government requests for data from tech companies. Twitter could promise to remove the records, but it would simply mitigate a risk it created for itself.
The privacy issue is particularly worrying for human rights groups, said Natalia Krapiva, a lawyer with the digital rights group Access Now, “especially for people in countries like Russia and others where people are severely persecuted for criticizing the government or cover important political events such as protests, corruption or the war in Ukraine”.
Even a real name policy could prove challenging. Facebook has some experience with this; the company was forced to make changes to its naming policy in 2015 after critics pointed out that victims of abuse and other vulnerable groups had good reason to use pseudonyms. Changes at Facebook raised the bar for reporting a false name and allowed users to give the company reasons why they avoid using their real names.
This points to how complex it can be to translate a simple-sounding principle like “authenticate all real humans” into a functional product feature. The problem is not the goal or the motivation; it’s that humans are complicated creatures with personal circumstances that rarely fit neatly into boxes.
After years of trial and error, tech platforms have already developed important lessons about user authentication that could benefit Musk, York said.
“If you just mean things like CAPTCHA, I think you’re in for a surprise,” York said. “It’s talked a lot about how it’s going to get rid of bots, but Twitter has been trying to do that for years and I think it will soon realize that it’s not an easy problem to solve.”