Data Ownership Might Not Work for Social Networking Sites

from the open-or-closed dept

Chris Saad, head of the DataPortability Project, weighs in on last week's announcements from MySpace, Facebook, and Google of new data-sharing services. Saad says that while none of these services fully achieve the goals of DataPortability, all are steps in the right direction, and MySpace's approach is most promising. Saad points out that data-sharing is grounded in a social contract. He gives the good example of an email address book. When someone sends me email, it's understood that I'm free to put it in my address book, and that I'm mostly free to do as I please with my address book. I can, for example, export my address book to a third party site to see if my friends are using the site. However, I face social pressures not to do something malicious like sell my address book to spammers. If I did that, many of the friends in my address book might not speak to me again.

Now social networking sites are trying to hash out a similar social contract for the use of their customers' data. When Facebook cut off Google from its Connect service, it was effectively trying to establish a similar, albeit more restrictive, social contract: using information from Facebook is OK, but sharing it with third parties is not. But it's not clear how well this will work. As Tom pointed out a few months ago, it's extremely difficult to limit the spread of information once it's been released online. Also, notice that in the address book example, much of the force of the social contract comes from personal ties to the people in my address book. Companies don't have personal relationships, and they can't exert pressure on one another in the same ways individuals can. So when information-sharing is automated, informal social mechanisms may not be sufficient to stop abuse.

There are several ways the social networking world could evolve. One is the totally open approach of email, in which it's assumed that any information you put online can be widely shared. Another is the walled garden approach that now dominates with instant messaging, in which sites tightly control access to information and offer very little third-party access to it, and people have to sign up for multiple services to reach everyone. A third possible model is a "data ownership" model, in which sites share information while users retain ultimate control over it. But as Ed Felten pointed out back in January, ownership may not be a good way to think about privacy issues. It may not be possible to design contractual mechanisms that make these ownership claim enforcible. And that would mean we'd face a choice between a totally open model and a totally closed one, with very little in between.

Timothy Lee is an expert at the Insight Community. To get insight and analysis from Timothy Lee and other experts on challenges your company faces, click here.

6 Comments | Leave a Comment..

Facebook Disconnects Google: Protecting Users... Or Itself?

from the privacy-or-competition? dept

Inforworld reports that Facebook has cut off Google's Friend Connect service from accessing Facebook's APIs. Facebook claims that Google Friend Connect "redistributes user information from Facebook to other developers without users’ knowledge, which doesn’t respect the privacy standards our users have come to expect." Techcrunch has more details about what Google was doing and what Facebook objected to. Facebook is getting a fair amount of flack for this decision, and it's not hard to see why. Given that Facebook has just rolled out its own competing service for linking third-party websites to Facebook, we can't help but wonder if the privacy issues aren't just a cover to avoid having to interoperate with a major competitor.

Still, Facebook's privacy concerns aren't totally bogus, and this dispute does illustrate the point we made on Monday about the challenge of building an open API while preserving user privacy. It's true that users ultimately have control over which applications and sites they approve to access their Facebook data. But users aren't necessarily going to know which applications have good privacy policies, nor are they necessarily going to want to invest the time and effort to figure it out. So it's not necessarily a bad thing that Facebook is imposing at least some minimum standards on sites that use their API. And while Google obviously isn't a fly-by-night organization, Facebook may be worrying about the precedent it would set if it started allowing sites to funnel information gleaned from the Facebook APIs to third party sites that Facebook had no control over at all.

Mike Arrington wonders, "How dare Facebook tell ME that I cannot give Google access to this data." I certainly agree with this sentiment in principle, but I think it's missing the way applications work on Facebook. About once a week I get asked to try out some new Facebook application that I've never heard of. I'm already pretty reluctant to approve any of these applications, but I'd be a lot more reluctant if I knew that there was a reasonable chance that signing up would lead to my data being available to random third parties. And in most cases I don't have the time and the interest to research the details of each application's privacy policy. So there's some value in having Facebook enforce reasonable privacy rules on behalf of its users.

But on the other hand, the fact that Facebook can and does arbitrarily disable Facebook apps isn't going to be good for the health of the Facebook ecosystem. If I were a software developer, I would certainly be reluctant to develop for an "open" platform like that. And in the long run, that's a big threat to Facebook's dominance of the social networking universe. Facebook is big, but it's not as big as the rest of the web put together. If a company like Google can figure out how build a usable, open social network atop hundreds of websites, it will give Facebook and MySpace a real run for their money.

Timothy Lee is an expert at the Insight Community. To get insight and analysis from Timothy Lee and other experts on challenges your company faces, click here.

9 Comments | Leave a Comment..

Social Networking Sites Turn Outward

from the privacy-challenges dept

The New York Times reports on MySpace's new Data Availability project, which will allow third-party websites to automatically import information from a user's profile, saving the user the hassle of re-entering it on a bunch of different sites. As the Bits blog says, this is a smart move and could be the start of an important trend toward making MySpace a more outward-focused platform. Facebook wasted no time in announcing a program of its own called Facebook Connect that will have similar functionality. And now it looks like Google will rolling out an extension for Open Social that will provide some of the same features. We've said before that the achilles heel of social networking sites is that they're so inwardly-focused. In the long run, it's going to be difficult for any site—even one as large and technically savvy as Facebook or MySpace, to get users to stay inside of a walled garden. The site that figures out how to be a platform that other sites use for identity management will have a huge advantage in the long run. MySpace and Facebook appear to regard this kind of outwardly-focused platform as the next frontier in social networking.

They're going to face some serious challenges in the privacy department, though. We discussed the privacy dilemma with Facebook apps back in January, and both Facebook and MySpace are going to have to grapple with the same set of issues with their new strategies. On the one hand, they need to lock things down sufficiently that one bad (or compromised) application can't suck down a ton of private user data and do bad things with it. On the other hand, if they are too restrictive, it will limit the usefulness of their platforms and discourage third-party websites from using them at all. Striking this balance, and coming up with security mechanisms that give sites the information they need without giving away the store, will be crucial to these initiatives' success.

I think it's possible that these problems will prove intractable. Ordinarily, when we talk about an "open API," we mean an API that anybody can use without any kind of pre-approval, and that doesn't constrain how data received through the API is used. Obviously, MySpace and Facebook aren't going to want to offer an API that's open in this sense; there's too much potential for mischief if an application can trick a user into authorizing a malicious application. So unless they can come up with a really elegant mechanism for limiting the spread of information, there's going to have to be a vetting process, which will mean extra overhead that limits how quickly the platform can grow. It's going to take a lot of ingenuity to make these platforms open enough that a lot of potential partners can participate while keeping them closed enough that they don't become vehicles for the bad guys to cause problems.

Timothy Lee is an expert at the Insight Community. To get insight and analysis from Timothy Lee and other experts on challenges your company faces, click here.

8 Comments | Leave a Comment..

Data Portability Can Mitigate Privacy Issues

from the take-your-data-with-you dept

Ed Felten recently did an interesting series of posts on the challenges of holding companies accountable for respecting their customers' privacy. The fundamental problem is that even today's company executives want to commit to high standard of privacy protection, they may not have any way to credibly bind tomorrow's company executives to keep those promises. Even if the company signs a legally-enforceable contract promising not to violate customers' privacy, that might not be an effective deterrent, especially for a cash-strapped startup that has little to lose. When a startup goes belly-up, its assets -- including its databases -- often get sold off to the highest bidder, and it may or may not be possible to hold the new owner accountable to the same standards as the original firm.

Felten suggests a couple of possible approaches, including putting cash in escrow or putting the actual data in the hands of a trusted third party. Another approach that might help would be to guarantee the customer an exit option by providing the ability to export data to an open format at any time. This obviously isn't a perfect solution, because the company can still do unsavory things with the data it already has. But it would help to protect customer privacy in two important ways. First, because customers wouldn't be locked in, they could prevent the company from getting its hands on any more data. Second, it would give customers some real leverage. A site's customer base is one of its most important assets, so the threat of a significant number of them switching to a competing site would make it more sensitive to customer concerns. Eschewing customer lock-in is a good way for a company to commit in advance to be responsive to customer concerns.

Of course, the ultimate lesson here is that customers should be cautious about putting personal information online at all, because no matter what promises companies make (or what privacy laws Congress might enact), data leaks happen. Security problems, rogue employees, and less-than-anonymized datasets are facts of life in real companies. So while companies should certainly do what they can to respect their customers' privacy preferences, customers should also carefully limit which information they share online. Ultimately, the only real protection against online privacy violations is to not put your information online in the first place.

Timothy Lee is an expert at the Insight Community. To get insight and analysis from Timothy Lee and other experts on challenges your company faces, click here.

2 Comments | Leave a Comment..