Why It Matters When Users Have Multiple Accounts

By Ben Gross
in

While I have been writing for Messaging News for a year, I have never shared my own research related to identity management and messaging. I study the social, technical, and policy aspects of identity management in the attempt to answer questions such as: Why do people have so many email addresses and instant messenger screen names? What are the constraints and conditions that affect how people create, manage, and use these online identifiers? How do people value their identifiers? Answers to questions like these can help inform business practices, policy decisions, and the design of future messaging and communications systems. The research data is primarily gathered by conducting semi-structured interviews across a series of diverse populations. While I have been interviewing people on this topic for more than five years, the most recent interviews are of two populations: A regulated industry (financial services) and an unregulated industry (design professionals). This allows me to compare two populations whose needs; uses; strategies; and technology differ from one another.

The dominant forms of online communications—email, instant messaging, mobile text messaging, and social networks—is still predominantly textual. Nearly every form requires an email address, username, or account number. As the number of online communications channels grow, so do the number of identifiers that we must maintain, along with the overhead required to manage them. These identifiers are either chosen or assigned, with little control or choice in the selection. People try to choose identifiers that are meaningful and memorable. Users are often very proud of having usernames on popular services that have no numbers. This presents a problem for services that have highly saturated namespaces where users have difficulty in obtaining the identifier they want. Users left with a series of undesirable choices when selecting a username frequently have problems in remembering the username later and communicating it to others. In many cases, users are more likely to remember their password than the username, because they face far fewer restrictions when selecting the password!

I have found that the use of multiple online identifiers is a widespread and commonplace behavior. The sociologist Erving Goffman wrote about people’s everyday “performances,” where they maintain different personas for different aspects of their lives, such as at home and at work. People continue these performances using their identifiers to segment or integrate portions of their lives. For example, using one address for professional work and another for friends and family. People also use multiple identities to maintain control of attention and interruptions. For instance, several people have “private” addresses for their mobile devices to reduce the volume of email received on the device. Some also use different identifiers to separate known and trusted content from the unknown and untrusted. If users have the slightest mistrust of a company’s motives for collecting an email address, they may provide an address that is infrequently checked and full of spam. People continually change their identifiers and create new ones. Marriages, divorce, a change in ISP are all events that could result in a new email address. These are just a few of the many reasons that people create multiple identities to support their everyday roles and activities.

Regulations, and the technical ways in which regulations are enforced, have major impact on the use of messaging and identifiers. These regulations come from a variety of sources including: governmental statutes and policy; institutional policy; technical enforcement of policy; industry agreements; and professional codes of ethics. These policies are then implemented in the system infrastructure and are enforced through technical mechanisms, such as email relay restrictions, firewalls, spam filters, archiving, and retention. Institutional policies often force users to maintain multiple email addresses and instant messaging accounts. In regulated workplaces, it is not uncommon for institutions to block access to external mail services. This effectively forces users to either use their work account for personal communication (which is typically prohibited) or to maintain a separate account for personal communication when not at work. To complicate matters, people often have multiple institutional affiliations and are affected by several interlocking or overlapping sets of policies. For example, consultants, contractors, and vendors may maintain email, instant messaging, and VPN services with each company they work with—each with its own series of policy restrictions. In highly restricted environments, there is a higher risk when users search for “work arounds” to system restrictions. For example, users will go to great lengths to find services or proxies that allow them to use personal messaging services that are not blocked. Look for more on this in a future Messaging News column.

System designers should take into account that people regularly add and change new email addresses and may have multiple identifiers. It is important that systems that rely on email addresses make it easy for people to both change their email address and add multiple addresses in their profile. When users’ logins are based on an email address and are changeable, this can result in support problems as users switch to new email addresses. Secondary addresses are also important in the context of recovering a lost password, when the primary email addresses might have changed or no longer exist. System designers should accommodate a variety of policy options. For example, there are many institutions including corporations and K-12 schools that have policy restrictions (or outright bans) on instant messaging. Some email providers are beginning to integrate instant messaging with email products. As a result, some institutions are considering blocking the email services entirely, in order to comply with their instant messaging policies. This illustrates some of the difficulties in integrating services when policies designed for one service must suddenly coexist with policies of another service.

Issues of identity management will gain prominence as the adoption of newer communication channels increase. New services—for instance, the lightweight messaging systems Twitter; the presence enabled messaging system Jaiku; social networks like Facebook and MySpace; photo sharing sites like Flickr; etc—are introducing new sets of unique identifiers that users must manage in order to communicate online. There is a series of upcoming services and protocols, such as OpenID; Google’s AuthSub; Microsoft’s CardSpace; Yahoo BBAuth; XFN; and OAuth that attempt to help users manage their identifiers, relationships, and permissions across many services. However, none to date have widespread scale adoption by end-users.

It is now mainstream for users to maintain multiple identifiers for a variety of reasons. As we learn even more about the behaviors and constraints involving people with multiple online identifiers, we should take them into account when constructing policy, compliance systems, messaging applications, and user interfaces.

Published February 1, 2008