Reputation Can't Be Asserted


Marco Barulli is building a reputation system for blog comments. In this post, he runs through a scenario for how it might be used. One thing bothered me. One part of his scenario says:

[Alice] invokes a bookmarklet to ask her reputation manager for a unique comment token.

The reputation manager can't be "hers." The reputation system envisioned by Marco uses tokens to authenticate someone to retrieve Alice's reputation. This isn't reputation in the general sense.

Reputation is other people's story about you, not your own story. Thus a general purpose reputation manager can't under Alice's control. Sometimes we imagine a world where we can control what other people think about us, but it just won't work.

That said, I do think that reputation systems should be transparent so that you can tell what factors are being used to compute your reputation and how the computation is being done. Another key part of transparency is seeing who accesses your reputation and when. But once I put you in charge of your reputation or even who can see it and who can't, it ceases to serve the function of reputation.