Should You Crowdsource Your Cardiologist?

risk

Obviously not.  Why is this so obvious?  We’ll get back to this in a moment, but first I want to describe how a LinkedIn Invitation to Connect led to this question.

LinkedIn has become the de facto site for professional networking & does an excellent job of it. It’s a forum where we can quickly communicate with peers, & if one applies the appropriate care & feeding to one’s profile, LinkedIn can provide real value in one major aspect of an individual’s life — linking that user to a prospective employer. That is, if most of the individuals who provide their information to LinkedIn can be trusted.

The Internet was designed to rapidly & robustly move data packets from point A to point B.  Early on trust was assumed, & has since been bolted on,  willy-nilly, to the original architecture. For more on trust read almost anything by Bruce Schneier, or you can continue reading this article.

LinkedIn’s tools are, for the most part, well thought out & relevant to its purpose — except where it comes to the Skills & Endorsements section of a user’s profile.

LinkedIn’s Skills & Endorsements section is an informal online reputational system.  These online systems have evolved in order to allow that once personal, intimate, gossipy — heard over the back fence — reputational information individuals exchange in local or face-to-face situations to scale to a global environment.

Reputation is one mechanism for solving the problem of trust. Historically, how we view an entity’s reputation has been a key component in deciding whether or not we should trust that entity.

Economists refer to this reputational information as a public good, helping society to manage the risks involved in trusting anonymous transaction partners.  eBay manages the most well-known & well studied online reputational system (Amazon’s recommendation system is a subtly different beast that I won’t talk about here), & what has become clear (though hardly surprising) is that all of these reputational systems can be gamed.  That is, online (just as local interpersonal) reputation can be manipulated if one or both parties provide reputational information that is not genuine.

For example, it’s likely that anyone reading this post has received endorsements including at least a few from people who don’t know you at all, or for skills that you aren’t even aware of.  These may be simple mistakes, or the endorsement may be for a skill that is so nebulous as to be meaningless.  I have one endorsement for “strategic influence”.  What the heck does that mean?

On the other hand, individuals may seek to manipulate endorsements & thereby their reputation by gaming the system.  The most common form of subverting online reputational systems is to create myriad fake online identities & to use those virtual identities to provide false information so as to raise or lower the reputation of themselves or a third party. This is known as a Sybil attack — the name referring to Sybil Dorsett (that name a pseudonym itself) who infamously manifested multiple personality disorders.  A real world example of this sort of attack is ballot-box stuffing.

Sybil attacks share many characteristics with another class of  Internet-based attacks that are grouped under the name, “spoofing”.  This class of attack causes all sorts of problems on the Internet from DDoS attacks to spam; however I want to describe a different, more insidious reputational gambit termed, “reciprocity”.

The catalyst for this post was an innocuous Invitation to Connect with an individual who shares a group membership with me.  I’m careful who I connect with on LinkedIn, so I did my homework & determined that this person was, in fact, real, & that we shared common professional interests.  I replied & we connected.  Then, I received a second email from this individual who I do not know & whose professional credentials are as opaque to me as are mine to him.

I quote, “P.S. – I just did a Skill Endorsement on your Profile to show you the value of my network. If you would like 10 Skill Endorsements, please visit my profile, endorse my Skills & Expertise and I will do accordingly.”

Reciprocity is tricky.  My first instinct (after all, I’m human, & most would argue that we are genetically predisposed to cooperate) was to click on over & do the reciprocal endorsement thing.  It’s a win-win transaction & nobody gets hurt, right?   This form of direct reciprocity (as opposed to the concept of generalized — “paying it forward” — reciprocity) is at the core of any transaction or exchange — “I help you, & you help me”.

However, that same economist who has read this far will immediately note the looming negative externality had I continued on with this exchange.  An externality is basically a consequence that effects a third party when two other entities agree to an exchange.  An externality can be a cost or a benefit to society.  In this case, since we would both be providing essentially bogus endorsements, we would be providing false information to LinkedIn’s online reputational system, resulting in a negative externality.  How is this so?

We can view LinkedIn’s online reputational system as a public good (the same can be said about many other goods including information security).  If everyone plays fairly, then a quick glance at an individual’s Skills & Endorsements provides a valuable & relatively accurate snapshot of that individual’s talents.  If individuals game the system — & it should be obvious now that they do — then the goods are tainted, are made less valuable to everyone.

All online reputational systems are susceptible to the two attacks described here as well as other opportunistic attacks. Does that make them useless?  Not at all.  Online reputational systems have some value with respect to decision making, with the emphasis on some.  Would I take into account the crowdsourced reputation of the mechanic who will work on my car?  Yes, that will inform my decision.

Would I rely upon an online reputational system if I required elective heart surgery?  Nope.  I wouldn’t bet my life on it.

: – /