Looking deeper into the Goodreads troll problem

[Updates on this post: https://camestrosfelapton.wordpress.com/category/goodreads/ ]

The repeated spamming of Patrick S Tomlinson’s unpublished book with fake reviews continues on Goodreads [see earlier post]. Looking at the long list of reviews (currently 124 ratings) it is clear that some have been removed, presumably after being flagged by multiple people. However, with the trolls targetting the book easily generating new accounts the net number of fake reviews continues to grow.

Current authors whose names have been stolen for fake reviews include:

  • Chuck Wendig
  • Gareth Powell
  • Beth Cato
  • Cat Rambo (and her deceased father)
  • Patrick Tomlinson himself
  • Will Tate
  • Monica Valentinelli
  • Marshall Ryan Maresca
  • Mary Robinette Kowal
  • Tobias S Buckell
  • Sarah Pinkser
  • Elizabeth May

This kind of coordinated pre-emptive spamming of negative reviews isn’t new. The film-rating site Rotten Tomatoes had to take steps last year to curtail a right-wing attack on the as-the-time unreleased Captain Marvel. [see https://www.vox.com/culture/2019/5/23/18637464/rotten-tomatoes-audience-verified-score-trolls-brigading-review-bombing ]

Preventing reviews of unreleased properties seems like a minimum first step in limiting the capacity of coordinated campaigns to hijack a review site. While it won’t prevent other coordinated attacks on released books, unreleased (but listed) works are more vulnerable as they have no natural reviews being written.

The identity theft aspect of these specific attacks is also a great concern. The overt and blatant aspect of the impersonations makes it unlikely that people would be easily tricked into thinking the accounts are genuine. However, the extent of them and how easily the trolls have generated multiple accounts using real identities, demonstrates that Goodreads is open to more subtle mischief and identity theft.

The source of the attacks is from members of a disbanded subreddit that have been engaged in a sustained harassment campaign against Tomlinson since 2018. Tomlinson himself has a longer explanation that documents the harassment in other venues: https://www.patrickstomlinson.com/2018/09/29/how-trolls-hack-twitter-to-silence-us/

The existence of a documented online harassment campaign really should be enough for a major website to take added measures. For example, Wikipedia limits the capacity of people to edit pages (particularly biographies of living persons) when there is repeated vandalism or disputed content. A temporary block on reviews on a Goodreads entry would be a wise measure to have available in the event of an alleged spam attack. Notably, a book receiving large numbers of reviews from accounts that are both new and which have made only one review should be an obvious red-flag.

Based on Twitter comments there is a great deal of dissatisfaction with the response from Goodreads. For example:

Actions that undermine reader’s ability to trust reviews and which undermine the capacity of authors to identify themselves manifestly undermine the basic aspects of Goodreads model as a service. This makes the difficulty the site is having dealing with this specific issue surprising. The ease with which a troll campaign can brazenly manipulate the site, strongly implies that a less overt campaign can manipulate ratings or spread disinformation unnoticed.

I contacted a Goodreads spokesperson directly via email yesterday to see if there was an official perspective on the issue. After outlining who I was and the background I asked: “I was wondering if Goodreads had an official statement about the specific issue. More generally given the existing community guidelines against impersonation, spam and manipulating ratings are there any moves to consider other means of enforcing community standards at Goodreads?

To Goodreads credit I did get a response that was courteous and took my email seriously. However, the spokesperson was not able to give a detailed response to my questions.

“As a general policy, we don’t comment on specific cases. Also, as I’m sure you can understand why, we don’t provide details about our future plans for our moderation process. We take the integrity of our reviews and the trust of our members very seriously and continue to invest in new tools and processes for our moderation team.”

Goodreads spokesperson via email

I note that in the comments to my earlier post on the issue, many people saying that they have moved away from Goodreads for various reasons. In the circumstances that is understandable but when you consider the large amount of volunteered labour that users have put into collating books, rating books and reviewing over the years, it is a shame if the site becomes unusable because of coordinated attacks.

More broadly, the current situation on Goodreads shows that major websites and services are still slow in developing techniques to deal with these kinds of actions.


68 responses to “Looking deeper into the Goodreads troll problem”

      • Not sure how they were so fast dealing with Vox Day’s crowd. Was that just a lot more blatant?

        I’ll just point out (again) that this is a problem that would be fixed if there were no anonymous accounts on the web. That is, even if you used a pseudonym, it would be attached to your government id. Once you were banned, you’d be unable to create a new account without committing a felony.

        Liked by 1 person

      • “That is, even if you used a pseudonym, it would be attached to your government id. Once you were banned, you’d be unable to create a new account without committing a felony.”

        So you read Patrick’s account of how he’s been banned from social media sites, including Twitter twice because swarms were able to trick the A.I. into automatically banning him. And you’re proposing that Patrick, who created a substitute account while his first account was wrongly banned and got banned on that account for ban evasion, should then be charged with committing a felony in his country of origin.

        A lot of the trolls aren’t anonymous accounts. A lot of the leaders of swarms aren’t anonymous accounts. Ethan Van Scriver is not anonymous. Milo Yianopoulos was never anonymous and broke every rule before they finally, reluctantly, banned him. Donald Trump is not anonymous. Many, many people on Goodreads are not anonymous. Patrick had a real life, not-anonymous white supremacist come to his house because he made Ben Shapiro, who is not anonymous, look idiotic on abortion on Twitter. And Twitter has a long reputation of banning liberal non-anonymous people while saying that their harassers, also not always anonymous, are not doing anything wrong. And now you’re proposing that we compound that situation by not only having those people wrongly banned from Twitter, but open to being arrested and going to jail — something that already happens in repressive countries like Saudi Arabia and China.

        In Portland, Oregon, cops are in league with various white supremacist hate groups that regularly stage protests hoping to beat up equality activists who come out to counter them. They’ve beaten and arrested the counter protesters while letting the white supremacists beat up people without arrest — white supremacists who aren’t anonymous. Again, anonymity is not the problem. The problem is the people in charge of monitoring whatever the forum is, online or off. If you force everyone to de-cloak, the vulnerable, marginalized people — like yourself — are who the people in charge are going to go after, not far right trolls. Because that’s what they are already doing now. You’re basically proposing a system that creates a repression and prison pipeline for POC, queer folk, uppity women and even the disabled that lets big corporate execs — who are right wing conservatives — legally get around civil rights laws. You’re handing them a stick to beat you with.

        Amazon uses Goodreads as a data mining site. They don’t care what’s on it. If Goodreads goes under in a few years, that’s fine with them because they’ll just subsume the remains into their review system, making their review system more valuable to marketers. So even if you made everyone on Goodreads not anonymous, they’d still data bomb authors with bad reviews, etc. And they still wouldn’t get kicked off the site. Jack and others who run Twitter are in bed with various right wing business people; they have deliberately increased the ability of right wingers to do stuff on Twitter.

        But the real problem in the western modern age is and started with Reddit. The people who founded and run Reddit are toxic. They allowed serious crimes, including sexual assault of children, to go on in their subreddits, only doing anything about it when threatened with lawsuits. And those editors who ran those subreddits weren’t anonymous to the people who run Reddit — they know who they are. They didn’t care. Periodically Reddit will purge some sub-reddits when they absolutely have to do so. Nearly every hate swarm of harassing trolls started in a Reddit sub-reddit where they openly plot to do stuff. And not all of their accounts are anonymous. Mass shooters post their manifestos on Reddit. In my view, if that site disappeared tomorrow, it wouldn’t solve all the problems by any means but it would cut in half the ability of the harassers to do a lot of stuff and hunt for victims.

        But making everyone not anonymous would be 1) logistically impossible; 2) legally abused and 3) still not solve a damn problem. Only when those who run large tech sites on the Web decide that they will do something about it will anything happen. And that’s not going to happen with Goodreads, I’m afraid.

        Liked by 6 people

      • It’s certainly true that eliminating anonymity would create some new challenges that would need solving. However, those problems are tractable. E.g. there needs to be a process to cope with identity theft. You can simply declare “Oh it just can’t be solved” but that isn’t really convincing. Note, for example, that big companies like Microsoft and Amazon have no real trouble eliminating anonymity in their internal networks. It’s not really that hard to do.


        • “It’s certainly true that eliminating anonymity would create some new challenges that would need solving.”

          No, Greg, just no.

          I’ve had a drunk redneck drive up my driveway in his pickup truck to wave his pistol at me. I’ve had strangers show up on my doorstep after I’ve shared too much personal information on the net. Unless you’ve personally had experiences like that, you simply don’t know what you’re talking about.

          And no, internal networks have nothing whatsoever to do with the Wild West of the internet at large.

          Liked by 3 people

      • True that Yiannapoulous, Van Scriver and Shapiro aren’t anonymous. On the other hand, what has given them power is their tail of anonymous trolls. Without them, they wouldn’t be much, but your default Pundits. And yes, swarms can trick AI:s. But how large would the swarms be if there can only be one account per user and a ban removes the account?

        There are also different possibilities. As an example, if you had verification on National Id, you could make it voluntary. But you could also add a setting where only verified accounts may interact with you. And otherwise let the display name be as anonymous as now.

        I do not think National Id should be mandatory for internet traffic. People need to be able to discuss things while anonymous regarding sensitive subjects. But I still think lots of services would be better if tying them to some kind of unique id (again, a verified account does not mean that the display name must be the same as on the Id).


        • @Hampus
          These are all excellent suggestions. I particularly like the idea that the real benefit is creating the ability to not be anonymous. Even though people like Rick and me go out of our way to be open about who we are, the way the Internet works, no one really knows if we’re really who we say we are.

          But a system that made it possible to not be anonymous would gain a lot of the benefits simply because a) lots of people would opt to ignore all anonymous people (given the option) and b) lots of sites would simply ban anonymous participation (e.g. the comments section for any newspaper).

          Someone could still run his/her own anonymous site (e.g. for gay teens wanting to talk about coming out of the closet), but those wouldn’t shape public opinion or national policy.


      • It can’t be solved by world governments — because this is not a National ID thing; it would have to be a global ID, it’s the World Wide web, not the U.S. web — with invasion of privacy that can be used for all sorts of legal abuse to people who have to use the Web for work. It can’t be solved by government repression, though governments can pressure companies through regulation of those companies. You cannot get all the governments in the world to cooperate on this. We can’t even get them to cooperate saving the planet environmentally.

        It can be solved though by companies doing what they should do as the owners and operators of media sites. They have the capabilities to monitor, ban, erase, etc. all the content on their site and they do it when they have to because of various countries’ laws and regulations. But when they don’t have to do it, they don’t do it. They don’t want to be bothered and there are upsides to having trolls and identity thieves engaging on their sites. They don’t do it because it’s more profitable for them to not do it and because politically it’s advantageous for their companies to not do it. Jack isn’t hanging out with Trump and the Kochs for funsies. You keep proposing an impossible task for governments to do instead of putting the responsibility directly where it belongs — with the companies that own and operate the sites. Why do you think it’s impossible for these companies to do this? They already do it when they find it expedient. And yet you want a global autocratic identity monitoring of every human on the planet by a variety of different types of government — an impossible fantasy. You want Russia to have all your id info? Instead of the far more practical, doable thing of having a much smaller group of tech executives actually do their jobs about their own sites.

        Already sex workers and those doing erotica are being forced off platforms, in large part because of anonymity refusal and in part because the far right segments of governments are insisting companies ban them. Having an ID system monitored by governments would mean that they go out of business entirely. Having an ID system by governments on the Web would mean a lot of people go out of business or never go into business — marginalized people, not far right trolls. And you’re proposing again that we give governments the ability to throw people in jail for not behaving on a social media sites — not troll harassing, just saying a curse word. Because that’s what people are getting banned off of Twitter for — saying a curse word insult and then the swarm flags them as misbehaving and the algorithm bans them whether they are anonymous or not. So you’re talking about impoverishing people and imprisoning people and taking away their right to vote in their country because they cursed on Twitter. How does this make sense?

        Microsoft and Amazon do and do not deal well banning anonymity. There are plenty of ways around it. It depends on how much companies are willing to do. Getting rid of the bots does not require giving up anonymity. The companies already know which accounts are bots and sockpuppet accounts and can easily dispose of them without anyone having an id number. They just DON’T WANT TO. So we really don’t need to install a dystopian 1984 society just to deal with anonymous bots. We need to make tech give a crap, which does involve governments regulating but the companies, not people.

        “True that Yiannapoulous, Van Scriver and Shapiro aren’t anonymous. On the other hand, what has given them power is their tail of anonymous trolls. Without them, they wouldn’t be much, but your default Pundits.”

        No, what gives them their power is their media platforms backed by reams of right wing cash, and other media quoting and monitoring them (less Scriver than the others.) The trolls are just an indicator of engagement which certainly helps them with social media sites, but those social media sites are perfectly happy to keep right wing pundits around as long as it means money, influence and coverage by the right wing mediasphere. The trolls are mainly a bonus. Most of the trolls are bots they buy.

        “And yes, swarms can trick AI:s. But how large would the swarms be if there can only be one account per user and a ban removes the account?”

        Huge, because there are millions of people who are perfectly willing to swarm accounts now as non-anonymous people to try to upset those people and get the AIs to ban their targets. They do it all the time. And again, the companies don’t need a non-anonymous id to ban accounts for any reason. They can have AI algorithms that don’t react to swarm flagging or suspend all accounts temporarily that swarm flag. The swarms can only trick the A.I. on Twitter because that’s how Twitter wants it. Same with Goodreads.

        You keep thinking that it’s the anonymous part that makes trolls do what they do. It is not. Marginalized people are attacked by large masses of non-anonymous people all the time on these sites. Non-anonymous people brag about identity theft. Lou in the Sad Puppies bragged about swatting David Gerrold. Women on Facebook with non-anonymous identities there are putting openly racist comments on the RWA Facebook page right now. Harassment isn’t about anonymity, since even if you’re known, you rarely face any consequences. Harassment is about what they are allowed to do by the folk who run the sites. Who, when Ben Shapiro relentlessly attacks someone, won’t ban Ben Shapiro, but may ban Ben Shapiro’s targets who get mad at him on Twitter. It’s called a double standard and it’s in full force on Twitter, Reddit and other places.

        And even if you want to have it that there is only one account per user and a ban removes the account, that’s again the thing that the tech companies would have to do — not governments. And they do that, when they want to. There’s no way that a global giant tech company is going to let 200+ governments into their proprietary info to police their users and what, criminalize and jail them? And this will magically only happen to right wing trolls somehow?

        The tech companies have very effectively made monopolies so that for critical services and platforms, you have to use their sites. If there was an effective substitute for Twitter, millions would leave it for that substitute. Same for Facebook. That means the tech companies can do whatever they want globally and everybody has to put up with it. And what they want right now is not to properly monitor those sites, just grow them. That’s why Amazon bought Goodreads — to increase their monopoly and control of marketing data.

        Millions of anonymous bot accounts are evidence of global growth which means more money from investors and advertisers. So the tech companies want the bots and the trolls and the engagement, counting on the rest of us to have no place else to go and so put up with it. That’s not going to change if you try to get rid of anonymity — which you can’t feasibly do. But they can clean up their sites and operate them better. But they don’t want to do that for the same reason that corporate billionaires fan the flames of white supremacy discord — it’s good for business by keeping the little people squashed and to get their companies powerful influence and tax breaks. So you regulate them, not their users, to force them to clean up their sites. Germany already does it on some subjects. But Germany does not need to have a global id number for me, thanks.

        Liked by 2 people

      • No, it wouldn’t *need* to be a global thing. It would need to be one if everyone in the world should be able to use the exact same applications on the same terms, but when has that happened? It is a common mistake to think that all new standards have to be rolled out everywhere at once. That is not how it is done. You could create a standard and regulate so the ISP is responsible for verification. And if they didn’t implement the standard, it could – as an example – mean that their users wouldn’t be able to interact with others who has specified verification as a requirement.

        Honestly, I am kind of baffled that there hasn’t been created cyber id for EU already. It is very weird. It is certainly not impossible.

        And I just do not agree with you that Alt-Righters don’t get their power from troll accounts. A lot of their power lies in being able to create account after account after account for harassment, always having a new one when the old is banned.


      • You think this is just about alt righters, Hampus. It is not. They are not the sole trolls. The NWL harassing and doing Facebook comments are not in the alt right and not anonymous. They’re still swarming people. The anti-vaxxers who forced Immunize Nevada to shut down events out of fears of violence are mainly not alt right and mostly not anonymous. The U.S. Republicans and Trump supporters who harass people are not alt right.

        You are proposing a complicated solution of governments monitoring people and Web traffic — and being free to abuse that and control IPs — and a system that would require massive global cooperation and cooperation of global companies, instead of a simple one: governments regulate tech companies more tightly to force them to operate their sites more securely and with more moderation than they’ve bothered with. Why are you trying to have a government issue an i.d. of people, by which it can monitor those people and have even more access to their data at a time when governments are increasing in totalitarianism, instead of having the companies whose sites they actually are more closely monitor them if they want to operate those sites in those countries? Germany already does this with Twitter, so Twitter is a lot more careful with the content and the attacks with German accounts. We already know that works, whereas government ids, you know like tattoos, is ripe for abuse. An id number means that a government could decide to block people from information and areas of the Web they politically don’t want those people to be able to get to. We already have forms of that happening now.

        We’ve been told countlessly by tech people that Twitter could very easily fix the problems if they wanted to do so. Goodreads could fix the problems if Amazon gave them the funding and staff. So why are you focused on governments monitoring people and not the tech companies improving their services?

        Goodreads was a grassroots, consumer community forum that started to become very valuable for its demographic data — which you get from id-ing people, review rankings and awards, all as marketable data to sell. Plus it was distracting people from using Amazon to search for reviews and book suggestions. So Amazon bought it. And if you issued a new government id number to every American, European, Canadian, etc., who use Goodreads, that’s still not going to matter unless Amazon/Goodreads themselves enforces the system with the IPs. An id number just offers more marketing data to mine. The tech companies are global and you’re effectively saying that individual countries (or units like the EU) should do their job for them on taxpayer dimes and then hope that the tech companies will bother to implement any of it in their countries (which trolls can get around.)

        It’s the companies’ problem, the companies need to fix it. Governments can regulate companies on this issue and enact penalties and blocking if they don’t comply (as they do in Germany and China.) But governments issuing easily hacked id numbers in cyberspace to supposed citizens isn’t going to make tech companies do squat.

        Liked by 1 person

        • @Kat

          I haven’t really followed the RWA situation very closely, and I’m not at all familiar with the romance community. I’ve seen a few references to NWL. What does that stand for?


      • Kat, I would be very happy if you didn’t try to decide what I think. I have never in any way said it is only about Alt-Righters. I would be very happy if you didn’t attribute opinions I’ve never voiced in any way to me.

        Yes, there are different groups harassing people. Yes, they aren’t all Alt-Righters. But it is also true that locking people to one unique id will make it easier to ban people *regardless* of what group they belong to.

        Will it be perfect and be able to ban absolutely every kind of harassment that has ever existed on the net? No. But using that as an argument is merely letting the perfect stand in the way of the good.

        I know that the day I got an alternative to switch to a Twitter platform where everyone has been verified as an existing person, then I would also switch to that platform.

        And government is already monitoring all traffic. Id or not.


      • “Yes, there are different groups harassing people. Yes, they aren’t all Alt-Righters. But it is also true that locking people to one unique id will make it easier to ban people *regardless* of what group they belong to.”

        Yep, it would make it very easy to ban people for being gay, or pro-choice, or non-white because they are upsetting the white people, or communist or anti-Brexit, etc., and the government in charge of the id numbers doesn’t like them, regardless of them actually trying to get around the id thing or not. It will make it very easy to ban them from most of the Web, effectively denying them services, the ability to search for and get jobs, or run and promote their businesses. Because harassment, as we’ve often seen, becomes a subjective evaluation inconsistently applied and those who are used to being in charge have a not particularly fair way of deciding the marginalized are the ones doing the harassing and the law breaking. And it will make it extraordinarily easy for many people to then track down women under their unique one non-anonymous id and harass and assault them. And on top of that, you are proposing the governments use that one unique id as the basis for throwing people in jail, losing their right to vote and their future job prospects. That’s if they get the nice prison and not the concentration camp cages ones.

        Look, I’m glad you like and trust your government that much. But I’m living in a white supremacy patriarchy run by an alt righter man with dementia and a Senate that’s trying to take away the civil rights to my own body. It’s staffed with private prisons stuffed with non-whites deliberately sent there by a corrupt justice system to be prison serf labor and unable to vote, and wields a belief that people dying from lack of healthcare is good for the economy. The cops in Florida just tased a 70-year-old black grandmom twice, pinned her to the ground beating her up. We just assassinated a major political figure because the President was pissed he’d been impeached and the military decided to just throw in that option on a list. I don’t want Trump to give me an ID number and have the right to turn on and off my access to parts of the Internet. Why do you want that instead of just making Twitter do its job?

        “I know that the day I got an alternative to switch to a Twitter platform where everyone has been verified as an existing person, then I would also switch to that platform.”

        That would be you VOLUNTARILY going to one site and doing that of your own free will, which is fine and you can even do now in some areas. But what you are talking about is forcing everyone to do it under law from their government on global sites which the government can then ban them from at will or throw them in jail for trying to access a site or the entire Net. You are fundamentally ignoring very serious issues for marginalized and vulnerable people here, not to mention undocumented immigrants in countries. You’re proposing an authoritarian government solution to what is a customer service issue of tech companies that we know the tech companies are already fully capable of fixing without any government assistance. You are suggesting we hit a nail with a dump truck instead of a hammer and saying hey, it won’t do any wider damage. It will do wider damage.

        “And government is already monitoring all traffic. Id or not.”

        Yeah, but you’re offering them a way to monitor you so that they can decide whether to throw you off the Internet and throw you in jail. Greg wants it to be a felony to try to have a fake Twitter account.

        Laura: “I haven’t really followed the RWA situation very closely, and I’m not at all familiar with the romance community. I’ve seen a few references to NWL. What does that stand for?”

        Nice White Ladies, who talk a lot about how nice they are and who aren’t nice. They don’t like being called out on racial bigotry or other types of bigotry, they like people to see them as good and helpful, they like being in charge of things like the RWA and they are highly retaliatory. And they aren’t anonymous. NWL have been a long time problem for non-white and queer authors in the RWA. It’s a particular type of privilege term, like mansplaining, not exclusive to the romance field.

        Liked by 1 person

      • “And on top of that, you are proposing the governments use that one unique id as the basis for throwing people in jail, losing their right to vote and their future job prospects.”

        I didn’t know you were such a bald faced dishonest liar. I guess I learn new things every day. Today I learned that I can never trust a word you say. Go play Trump with someone else.


  1. Speaking of Tomlinson in particular —

    If you want to help discourage the trolls, and you have a GR account, then there are things you can do.

    1.Go to the books in question (In the Black and Starship Repo seem to be the biggest targets) and mark them as “want to read”.

    2. Add a review — you can write a review on a “want to read” book — saying something about your attention and desire to read the book being attracted by the trolls.

    3. Flag some of the obvious fake account and trolling reviews as inappropriate. GR is more likely to act, and act quickly, when there are many flags, so every flag is likely to help.

    I’ve just purchased the audio version of Starship Repo, and I’ll be listening to it before long. In the Black isn’t even available for purchase yet.

    Liked by 4 people

  2. For goodreads, The discussion regularly comes up of why it’s possible to rate books that have not yet been released, but the solution isn’t as simple as it seems.
    Firstly, books are released at different timesin different territories, and secondly, authors often send out advanced reader copies in order to create some buzz about the book pre-release.
    Since the librarian team is quite small, it would be difficult to tell which books are released where, and which have advanced review copies.
    Also, if this attack on Tomlinson is because of something on reddit, why refer to this particular case as a goodreads troll problem.

    Liked by 1 person

      • A fair number of Toxic Subreddits in fact. One of their favorite techniques was to take a photo of Tomlinson and write some truly hateful things on it.

        The photo they use for this crap is mine, not even bothering to remove my copyright/name off of the photo before defacing it and using it. Patrick kept spotting them, telling me, and I would ask for DMCA takedowns. At one point I was doing at least one or two a week.

        Liked by 3 people

  3. @Contrarius:

    I’ve had strangers show up on my doorstep after I’ve shared too much personal information on the net.
    (Snipping other dismaying experiences.)

    I wouldn’t dream of suggesting any of this isn’t true, nor to criticise your approach (or stance). But I also wanted to mention an additional thing that’s true at the same time: Since 1993, I’ve owned/operated a public Web site (now best known as linuxmafia.com) that has on its front page my real name, real e-mail address, real street address, and real mobile telephone number. Further, just to lampshade the point, my personal page (linked from the front page) repeats of all that plus giving my ‘ICBM address’, the latitude, longitude, and altitude of my favourite chair in my house’s living room, accurate to about a metre. (The knowledge that this blithe disclosure discomfits people who set out to ‘doxx’ me is part of the fun.)

    It’s mostly just the habit of many decades, being completely public about a bunch of things, and completely private about whatever’s not the public’s business. My real name and full real contact details are part of what’s public — and FWIW despite being on the Internet about as long as it’s existed, I don’t regret my policy of openness.

    It perhaps helps that I don’t go out of my way to wind up rednecks. (And hey, some of my favourite cousins are rednecks.) But if any happen to show up, as Uncle Enzo said in Snowcrash, ‘I’m sure they’ll listen to Reason.’


    • @Rick —

      “I wouldn’t dream of suggesting any of this isn’t true, nor to criticise your approach (or stance). But I also wanted to mention an additional thing that’s true at the same time: Since 1993, I’ve owned/operated a public Web site”

      Yes, your experience will vary depending on what you’re doing on the web.

      In my case, I was running a doberman rescue. At some point I made the mistake of using my home address in reference to the rescue instead of my PO Box. That’s a baaaaad thing to do — people tend to start banging on your door wanting you to give them a dog, and/or banging on your door wanting to dump a dog. I also had someone leaving a threatening note on my door (and breaking flowerpots on my porch) because they had recently relinquished a dog to the rescue and then changed their mind (which just reinforces one of my principles in life: always get it in writing!).

      The guy waving the pistol at me was threatening to shoot my dogs, btw. Had nothing to do with politics whatsoever.

      Liked by 2 people

    • @Rick: Allow me to suggest, as one noncontroversial middle-aged white guy to another, that we’re not likely to be the ones put at risk by Greg’s proposal to dox everyone who wants to have an online presence. For one thing, we don’t wind some people up merely by existing.

      Liked by 3 people

      • @PhilRM
        Speaking as a married gay guy, let me just say that I’m quite familiar with the issue of winding some people up merely by existing.

        Anonymity encourages people to be more extreme and uncompromising. And it encourages the opposition to respond in kind. People who are willing to be accountable for what they say are generally more reasonable and rational. The current structure of the Internet makes it almost impossible to create an “accountable space,” where anonymous contributions are either forbidden or easily filtered out. Perhaps this is the best way to frame the problems. It’s not that we need to eliminate anonymity–we need to enable and encourage accountability.


        • @Greg —

          “It’s not that we need to eliminate anonymity–we need to enable and encourage accountability.”

          I’ll agree with you here. And we encourage accountability through better moderation of the internet public spaces. The problem there is that the internet has become so huge that it would take armies of admins to accomplish sufficient moderation by real people, and we’ve seen through places like Facebook just how poorly automated systems work.

          Liked by 3 people

          • The problem is that moderation doesn’t scale well, and with no way to have a verified id online, there’s no way to build a net-wide reputation, which would be essential to making automated systems work.

            What’s needed is a system to let you direct the attention of your scare human moderators to the real problems and to make their judgments stick. So if someone behaves badly on Goodreads, they can restrict or ban him/her and be confident he/she won’t get around it. But also, even if that ban doesn’t extend to Amazon, Facebook, Reddit, etc., simply knowing that the person had been banned on one platform should encourage the AIs on other platforms to increase the odds of asking for human review. Likewise, any decent AI would learn that (say) being banned on Breitbart would carry little or no weight for The New York Times. Again, I’m assuming that the AI has no power other than to ask for human review. Its whole point is to make the best use of the human moderators’ scarce time.

            This only works if you assume that most of the problems are caused by a few bad apples, of course, but I’m pretty confident that’s true. Without some mechanism to hold people accountable across the web, though, I just don’t think it can be done.


        • @Greg

          I think you’re overconfident in the idea that tying real life id to online id would actual improve things. Truly toxic trolls (alliteration!) would be perfectly willing to stand behind the things they say. They have conviction in their positions. They believe they are the rational, reasonable ones. And they would find ways to get back online if banned. Meanwhile, people who cannot afford to have real life id tied to online id would be silenced, ignored, or have their positions seen as less credible because they don’t have a “real” identity. Innocent people would be banned and have a lot more trouble getting themselves cleared — and even if cleared would perhaps still be questioned. And identity theft would be even more of a nightmare than it already is.

          Liked by 2 people

          • @Laura
            You might be right–it’s hard to prove one way or the other. The TTTs (Truly Toxic Trolls) could certainly stand behind what they say, but wouldn’t it be nice to be able to block them once and have that work on all platforms? As for them creating multiple accounts, this would, at a minimum, greatly increase the cost of doing so. Identity theft would still be a problem, but let me illustrate how that might be less of a problem, not more.

            One proposal for accountable ids would be to root your id in multiple institutions you deal with. E.g. the power company, the phone company, the public library, etc. In the event someone stole your id, you’d walk to the local places you frequent, show them your passport and/or drivers licence, and get them each to send you a certificate. Given (say) three such certificates, you’ve established yourself as the legitimate holder of that id, and can now (without asking help from customer support) find and fix all unauthorized uses. Contrast the situation today when it’s the very devil to prove you’re the real you, when government takes forever to act, and when it’s hard to ever know the extent of the damage.


            • Who would ultimately decide what TTT behavior looked like? You don’t think there would be situations like the RWA ethics committee who originally ousted Courtney Milan? Your accountable id proposal would be problematic for someone who doesn’t have accounts like that in their name. Someone who has a spouse who insists on keeping everything in their name only. Someone whose credit has been ruined by a previous identity theft. A young person who simply doesn’t have things in their own name yet.

              Liked by 3 people

          • Greg is correct that it would deal with the specific issue we are seeing Goodreads (people using multiple spam accounts) but otherwise I think wholly wrong. Some of the worst online behaviour I’ve seen is by people who are quite open about their names and identity.

            Liked by 2 people

      • You have a point, but I’m not entirely noncontroversial. I’m publicly non-religious (albeit not in the Bible Belt or anything like that) used to be a financé of a politically active Israeli, am now married to someone who’s publicly neo-pagan (albeit not in the Bible Belt or anything like that), spent a long time doing escort duty past Operation Rescue pickets at Planned Parenthood centres in association with my local N.O.W. chapter, spent about a decade being Chair of Bay Area Skeptics, and was a public supporter of same-sex marriage long before it was popular let alone the law of the land (albeit not in the Bible Belt or anything like that). So there’s that. (And, hey, ACLU and ACLU-NC member since 1976.)

        And can I please get credit for being called a ‘rabble rouser’ by Sam Varghese of Sydney Morning Herald and The Age? Because that always makes my day.

        (Contrarius: My former fiancée ran bull terrier rescue out of our house in the 1980s, and definitely there were a few odd and possibly off-their-meds people who came by. None waved pistols.)

        Liked by 2 people

    • I’m always amazed at things like this. I barely share my home address with anyone. In online profiles, I’ll only give my location as the nearest greater metropolitan area, sometimes just USA. I have a very common name (in the US), but I seldom display my full name online. If someone bothered to look, I know it wouldn’t be difficult to find more info. I don’t have a pressing need for privacy, just the desire for a modicum of it.

      Liked by 1 person

  4. Yep, they spoofed my Goodreads author account as well to do a fake review on Tomlinson’s book, and it took many days for them to take it down. It’s also harmful because some of these reviews have nasty language in them that I and I think most of these other authors would never use in a professional forum. Plus, since I’m a director of a writing convention, I purposely do not tend to leave negative or at least nonconstructive reviews of books, for professional reasons. It’s maddening that this is allowed to happen, and at this scale.

    Liked by 1 person

  5. Leaving this blog post and blog for a while. I can’t handle this kind of toxic shit emotionally where someone makes up a lot of nasty shit and proposals and then attribute them to me. Instead of reading what I said:

    “I do not think National Id should be mandatory for internet traffic. People need to be able to discuss things while anonymous regarding sensitive subjects.”

    These kind of lies I expected from MGC. Not here.


    • Alright, well then maybe I’m just mixing up what you and Greg are saying here.

      My position is simply this: I do not want governments issuing id numbers to people based on their IPs or anything else, which is ripe for abuse of vulnerable people. I don’t see why id numbers are needed at all, given that Twitter and other big sites could fix the problem without them. I don’t see why we need alternate, complicated solutions to what is a customer service problem of tech companies that they already have all the means to solve pretty easily if they wanted to be bothered. They already solve the problem in some territories on some issues where governments require them to do so. All they need to do is expand that.

      Government regulation may get them to do that, but it’s awfully hard, as we’ve seen, to get governments to regulate big global tech companies on a large scale (unless maybe you’re China.) We’ve had governmental efforts and they may work, depending on who’s running the governments, but relying on governments to fix how tech companies work seems to me to be an unlikely scenario.

      I also don’t feel that removing anonymity will change having harassment mobs, given that a lack of anonymity has not stopped harassment mobs, who have often openly harassed or gotten around attempts to strip them of anonymity and blocking them. It’s, for me, a faultier approach than the ones that tech companies already have to deal with bots and bad content.

      Goodreads’ problem is that Amazon won’t give them the funding and the staff to fix the problem or even respond promptly to the problem of authors being spoofed. And this is partly because it’s not entirely in Amazon’s business interests to solve the problem. And this is a problem throughout the social media tech industry with these companies. Certainly Goodreads could have some sort of verification of authors’ accounts, like Twitter has, to cut down on the specific spoofing problem. What’s even easier is to develop faster response to flagging and faster removal of material. Public outcry may get Amazon to cough up to do this or it may not. Lawsuits from authors, while not necessarily successful, may create enough pressure to get Amazon to do it and make changes.

      What we really need, though it’s not going to happen, is for tech companies to have liability insurance on harassment and have to pay a lot of claims on it. They sort of do, but mostly not. If you go into a store and you’re harassed and attacked by other customers in the store, the store is legally liable for damages you incur on their property and they have insurance for it. Same with rental and homeowners policies. But if you go to a social media site as customer/content provider and you get attacked, tech companies take no liability for it and throw up their hands and ignore it. That’s a legal problem I’d rather sick governments on than ID numbers.


  6. Kat, although Hampus is being unusually irritable, he has a point that you fundamentally misrepresented what he was talking about — although I assume this was an innocent understanding rather than intentional misstatement. In a sprit of benevolence to you both, I would suggest you be a bit more careful in the future. (I had no part in the antecedent discussion, except for my side-comment to Greg, however, and don’t care to enter the rest of it.)


    • It was misunderstanding and also responding to more than one person at once, but that doesn’t change the fact that it bothered Hampus and led to misinterpretation (or in this case, missed text in the course of the conversation,) for which I am sorry. I’ve had stuff I’ve said mischaracterized or misunderstood, I’ve done it to others, it happens. But that doesn’t change that it can be hurtful. So yes, moving forward, I am going to try to be clearer and more careful.

      Liked by 1 person

    • Yes, it is true that I’m being unusually irritable. Two reasons really:

      1) I’m not used to having people I respect accusing me of proposing that people should lose their right to vote and be thrown in jail. Also, people who think I trust the government can hardly have followed my twitter feed.

      2) I’m testing out new ADHD medicine, which means that I can’t regulate my feelings as usual. That means that I will have the option of leaving a discussion in whole until I calm down or risk saying a lot of things I don’t mean because I’m upset.


      • “Also, people who think I trust the government can hardly have followed my twitter feed.”

        Ha, that’s why I was surprised. To be clear, I was not saying that you were specifically proposing that the government throw people in jail and take away their voting rights. I was saying that those can be the consequences of non-voluntary I.D. systems for the Net issued by governments and having governments law enforcing supposedly bad but not necessarily criminal behavior on global social media platforms. It’s already happening in fact in super repressive countries like China — dissidents get id’d, jailed, etc.

        But I wasn’t listening (reading) closely enough and I was being overly angsty on it because it’s been really jarring hearing about what trans people have been facing trying to keep their anonymity on Facebook and so forth. Recent “porn clean-ups” on Instagram and Tumblr that include anonymity stripping have discriminated against vulnerable communities and sex workers, and that’s just the tech companies themselves regulating things.

        Goodreads is a little different from the big, general social media platforms in that it is specifically a community forum based on books and authors, and therefore the issue of verified authors’ identities, at least under their pen names, is a bigger policy problem. But Goodreads does have the technology and the potential to fix those specific problems like spoofing. So we’ll see what they do.

        And when I seem to be mischaracterizing what you are saying or otherwise being clueless or snippy, call me on it. It’s not being overly irritable if it’s causing you anxiety. Or for that matter, Greg, also my apologies if that wasn’t clear.


  7. Cam, sorry about this. I usually love discussions on your blog because, unlike most places, it’s possible to have a friendly discussion with some substance to it. Apparently this is a topic where that’s just not possible. I promise not to bring it up again.:-(


  8. @Greg Hullender:

    Even though people like Rick and me go out of our way to be open about who we are, the way the Internet works, no one really knows if we’re really who we say we are.

    True, that. It’s funny; in a sense, I hail (as perhaps do you, too) from a much older iteration of the Internet where a much higher percentage of denizens knew each other personally, and real-world identities were better known. There were always ‘nyms, though, and they are now so routine that many people imagine that hiding your IRL identity is an inalienable right. (I am not opining on that; I merely note the striking cultural change.)

    Self-identification is a revealing trait, in my opinion, by which I mean the criteria people choose to apply in deciding how to classify themselves.

    In my own life, I very recently got an entirely new axis of classification handed to me, that I never had as an option before: ancestry.

    I self-identify as Norwegian-American because my (adoptive) father was Arthur Moen of Kristiansund, Norway, an immigrant and economic refugee during the Great Depression, back when that country was what the Toddler-in-Chief calls a ‘sh*thole country’. Mom (adoptive mom) was Faye W. Moen, Kansas-born American of English ancestry, but I lean patriarchal in self-identification because there were very few living relatives on Mom’s side, and all of those far away. And that itself might be called a revealing choice of self-classification, one that makes me uneasy, actually, but is rather late to change.

    But in my case, kinship connections are inherently orthogonal to genetics ones, because that’s what private adoption in infancy does, you see.

    Prior to late 2019, if you’d asked me about my genetic ancestors (as opposed to my kin), I’d have said ‘Some sort of Euromutts, I guess.’ Late last year, unintended discovery via 23andMe put me directly in touch with my bio-mom, who then told me about my (late) bio-dad. So, I just got two shiny new ancestry trees — if I want them.

    Hey, Cora! Bio-dad was a fairly dreadful anti-civil-liberties Republican judge appointed to the Federal bench by Richard Nixon, a fellow named Robert Howard Schnacke. And thus, I find myself unexpectedly an auxiliary member of das deutsche Volk, at least genetically.

    Bio-mom, you ask? Heh, she’s Norwegian.

    Or, as Greg says, I might just be an Internet pseud of longstanding. After all, that’s what the documentation says.


  9. I am so, so tired of hearing the argument “Well, I’ve always been open about my real name and my real physical address, and I’ve never had any problems with stalking or harassment or threats, therefore it shouldn’t be a problem for anyone else, either”.

    That’s just not the case. And when people who haven’t themselves had any problems argue that others should be willing to make themselves vulnerable in this way, it shows a remarkable lack of compassion — as well as a marked lack of understanding of human nature and reality.

    As several people have pointed out, not only is GoodReads’ troll problem a solvable problem, it’s a solved problem. The fact that GoodReads has not implemented a solution is a deliberate choice on GoodReads’ and Amazon’s part, based on what benefits them most as a profit-making corporation. They are quite able to fix it, to a great degree. They’ve just chosen not to.

    We need to be holding these corporations responsible for their failures and insisting that they remediate them, instead of demanding that individuals unnecessarily give up privacy and safety for what would be, at best, a bad solution, and at worst, a catastrophic one.

    Liked by 4 people

    • Yup. I’m surprised this hasn’t been a bigger issue. The wider harassment campaign has been going on for so long now – I’d even forgotten how this same group had targeted Paul W because he objected to them misusing his photos. Now yes, obviously the people directly doing the harassment are at fault but web platforms like Goodreads are enabling these appalling people.

      Liked by 2 people

    • Just to be really extra clear, JJ, I’ve never raised that tiresome and purblind argument, and never would. (Not that you anywhere claimed I did. Just making sure I’m not misread as saying that.)


    • Having been stalked in real life and harassed online I value being able to create a bit of a hurdle in the way of people finding me, just in case. On top of that, there’s no way I’m going to KYC with a company like Facebook as they already have far too much information on me. Plus I have friends who, for various reasons, can’t, don’t or won’t use their real name on their social media.

      Liked by 3 people

      • Been a bit under the weather for the last week but I also just wanted to add that government ID doesn’t always necessarily reflect a person accurately. For example a transwoman who identifies as female everywhere else in her life would likely, in Thailand at least (and likely many other places), be forced to identify as male through this form of KYC as they can’t legally change their government ID even after fully transitioning. This is obviously just going to marginalise and push out already-marginalised communities. There are more examples, particularly in countries where certain ethnic groups are often treated as second-class citizens, etc.


  10. They spoofed my account too, and I’m not even an author. Anyone who knows me much would know I wouldn’t say those things but still. It seems to be gone now but I have to keep an eye out or it may occur again.


%d bloggers like this: