Do you ever think about how you could just disappear? Or become someone else? Maybe only I do that after reading one too many Jason Bourne novels. Given anyone’s ability, with a keyboard and an Internet connection, to become anyone (even Abraham Lincoln is spewing quotes on Twitter now), what does ‘identity’ mean now? In the future? And is your ‘identity’ singular, or will it become identities moving forward?

This interview on NetworkWorld with a guy who specializes in making folks disappear was fascinating. Mostly because the approach is totally counter-intuitive. You’d probably guess it’s about hiding your identity or taking someone else’s. But it’s not – at least according to this guy who helps folks hide for a living. It’s about making it hard (if not impossible) to find you through disinformation, using tactics like manufacturing online identities with the same name and sending anyone trying to find you on a wild goose chase. Unless you have someone very motivated to find you personally, this should work like a charm.

Think about that for a second. Maybe even think about it from my perspective. There are already a bunch of Mike Rothmans out there. I went to college with one. Yes, a guy with my name – even down to our common middle initial – ended up in the same class at the same college. And that’s without even trying. What if a bunch of new Mike Rothmans showed up? How would you know which one(s) was really me?

Maybe I’m not a great example due to my attention whoring disorder – I want you to find me, at least online. But less public folks could likely disappear with little fanfare, leaving a myriad of false trails. So as The Who sang years ago, “Who the F*** are you?”

False identities are created every day, with severe ramifications. Think about all those crazy parents creating Facebook identities to spy on their kids or make their kids’ rivals look bad. In this age of social networking, citizen journalism, and Twitter, identity matters but is increasingly hard to define – and even harder to verify. Some folks have been able to get verified Twitter accounts, which could then be hacked. We talked about identity verification and non-repudiation as this ecommerce thing caught fire a few years ago, and we basically forget about it and forced the credit card companies to take on most of the liability from it. Then they forced the merchants to eat it. Risk transference for the win.

And now the media seems to fall hook, line, and sinker every time a “citizen journalist” creates a meme, which turns out to be just a front for some big nameless company driving its own agenda. Folks take seriously what they read on all these myriad communication vehicles, regardless of source. And everyone engaging in social networking contributes. As long as they don’t exhibit trollish behavior, it looks like most of us have no issue linking to them and including them as part of the conversation, even though we don’t know who they are. I know I do, fairly frequently.

I’ve been struggling with my position on anonymous folks for years. I get that some folks cannot divulge their real names because it could cost them their jobs. But do I continue giving these unverified folks any airtime?

And what do I tell my kids? I constantly harp on honesty and honorable behavior. But I’m trying to show them that not everyone holds themselves to the same ethical standards. It’s important they do not believe everything they read or hear. They need to do the work, and figure out what is real and what is not. What they want to believe and what they want to reject. Given this lack of identity, the problem is going to get worse.

Where is identity going? How will we verify who is who? Do we even need to? What’s the significance for how we do security?

At this point I don’t have any answers. I’m not even sure I know the questions. I know Gunnar and Adrian have been thinking quite a bit about how identity evolves from here. I plan to pick Gunnar’s brain at Secure360 this week, and plenty of other big brains. If you have given some thought to this, please let me know what you think in the comments.