Twitter fights celeb imposters with Verified Account scheme
Attempt to kybosh 'Kanye' and stymie 'Spector'
Twitter has detailed plans to clamp down on celebrity imposters with a "verified account" service.
The move follows a lawsuit by St Louis Cardinals boss Tony La Russa over bogus tweets made in his name, as well as the creation of numerous other counterfeit celebrity profiles over recent months.
Twitter co-founder Biz Stone dismissed La Russa's lawsuit as "an unnecessary waste of judicial resources bordering on frivolous", but nonetheless acknowledged that the microblogging service had to do more to restore trust in the authenticity of accounts. Impersonation violates Twitter's Terms of Service, and the microblogging services already suspends or transfers control of accounts identified as fraudulent.
That doesn't stop anyone creating a fake account in the first place, however. To restore faith in the authenticity of celebrity profiles, Twitter plans to add a Verified Accounts feature. These accounts will incorporate a seal showing that they have been verified as belonging to the person or organisation named, a posting by Stone on the Twitter blog explains.
Still, the feature will be restricted to the Twitterati of celebrities and high profile organisation, at least for now. Trials of the service will start with "public officials, public agencies, famous artists, athletes, and other well-known individuals at risk of impersonation," Stone explained.
Twitter, which has no revenue stream, justified the restriction as necessary because of the resources needed to make the scheme work, even on a limited basis.
"Please note that this doesn't mean accounts without a verification seal are fake — the vast majority of Twitter accounts are not impersonators," Stone writes. "Another way to determine authenticity is to check the official website of the person for a link back to their Twitter account."
Stone hinted that verified accounts might be sold as a premium service to business.
"When we do start testing Account Verification, we will be sure to provide ample methods for feedback," Stone said. "Initially, verification will not be tested with businesses. However, we do see an opportunity in that arena so we'll keep you posted when we have something to share."
Recent well-publicised cases of microblogging impersonation include updates purporting to come from the jail cell of music producer turned convicted murderer Phil Spector. Other celebrities impersonated via fake Twitter accounts have included figures as diverse as Vint Cerf, veteran Labour politician Tony Benn, American rapper and record producer Kanye West and the Dalai Lama. ®
I have been working on this problem myself in my lab, with the aid of several graduate students. This work was completed at considerable cost to myself: I have almost completely run out of crisps and nuts.
The solution is to embed a specially crafted block of data into the output of Twitter's web server which, on interpretation by the user agent, will influence the user through a visual channel to reduce the risk of deception. The effect to the user will be something like this:
REMEMBER THAT ANYONE CAN USE ANY NAME ON TWITTER. DO NOT ASSUME THEY ARE WHO THEY APPEAR TO BE.
I have applied for a few hundred patents for different parts of this technology (particularly the use of capitals) in all major countries. If Twitter would like to implement the system I'm sure they will find my fees* acceptable.
*Acceptable fees may include unnacceptable charges.
Names do not identify
[Not news to el Reg readers of course]
Even the imminent Ms. Hilton has a doppelganger in the form of a certain hotel in the capital city of a certain French speaking European republic.
True, assumed names used in the entertainment business are registered so as to prevent duplication, but that's strictly a private arrangement There's nothing stopping anyone from taking the name ... ah... "Sarah Bee". Or, for that matter, "Gordon Brown".
Indeed, I imagine that while the eminent Ms. Bee has few doppelgangers due to her uncommon surname, Mr. Brown probably has lots and lots and lots.
Besides, it's way too much fun to pretend to be someone (self-)important and thereby mock their pretensions; where there's a will, there's a way. Twitter vs. the hackers. Stay tuned for fireworks and feathers flying.
Users need the power
Verified identity needs to be centralized and put in the hands of users, rather than waiting for services to figure out a solution. Services don't have a strong incentive and will likely make things far more complicated. One way I've found to do this is use DandyID, a web service that manages my verified identity on all of the services I use (I only use about 6 but DandyID says they handle over 300). They also have some cool analytics.