Unabashed sharing

Wednesday, Jan 21, 2009 11:45 pm
William Barnes

When this post on social networking was published by Rex Shoyama at IP Osgoode I tried a few times to write a comment on it, but each comment turned into a thoroughly rambling essay (to borrow a phrase). Social networking is, after all, a subject I have strong feelings about. But then I remembered: I’ve got a blog, I can post whatever I want there and it doesn’t matter if I ramble.

The article discusses a website (Power.com) that has found itself in a touch of legal trouble for offering an alternative front-end to Facebook (and other social networks, but Facebook is the one suing). What follows are just trains of thought that sprang from the article.

Ownership of profile data

Some people who are critical of Facebook’s position also feel that the users “own” the data in their profiles and therefore should not be stopped from using a service like Power.com.

“Some people” are going a bit far. Even if we own the information about ourselves in some manner, it doesn’t lead to a right to access it in any way we choose. Analogy time: I own a fancy watch that I store in a bank vault; do I have the right to access it with a bulldozer? Even though the watch is my property, my access is subject to conditions.

The desirability of “unabashed sharing”

We may want to query whether or not the ability to easily copy content from a friend’s profile in Facebook into other different social networks is necessarily a good thing (that particular friend may have made assumptions about how his Facebook content would be used and might not want his Facebook photos shared outside of Facebook).

I’m not sure the issue with Power.com is copying content from a friend’s profile to another social network. Rex may be addressing a concern raised elsewhere while he was researching; it doesn’t seem to tie in quite right with the rest of his article. But, that aside, it’s a fun question.

Power.com appears to simply query Facebook with your login credentials and reformat the data, giving you some extra functionality. In other words, it seems to be just a proxy. There is, of course, the potential for a service that would cache the information it gets using your login data. Such a service would be granted access to any information you have access to. Two issues spring to mind: (1) your friend hasn’t authorized the third-party service to see their data, (2) the data will lose its privacy meta-data and, if shared by the third-party, be exposed to people it was not meant for.

Regarding the first issue: unencrypted web traffic travels through so many third parties it’s hard to consider this imposition of just one more a serious violation. The second is more compelling. A user, Alan, might post a private photo on Facebook relying on Facebook’s privacy controls. Bob accesses Alan’s profile through a third party service, 3P. Charlie then uses 3P to access Alan’s profile which, handily, is already cached. 3P saves time by showing the same version Bob saw. Problem: 3P didn’t know that only Bob was allowed to see Alan’s photo. Oops.

I can see why you might want to limit where your profile data shows up, but I am of the opinion that trying to maintain such control is unrealistic. Social networks are designed to spread information fast and far. Privacy is an afterthought. The solution to users maintain control over their personal information is not to erect barriers that give only a false sense of security. People need to learn to keep their profiles clean: if a picture is embarrassing, don’t post it; if a wall-post is scandalous, delete it. Employers, girlfriends, parents, they’ll find a way to see it if they really want to. If you absolutely must share something with a few people that you could not stand to get out in the open, then use a service built for that purpose.

This is not to say “get rid of privacy controls.” But privacy controls on social networks can only provide a little bit of resistance, they won’t keep information secret.

Let the flowers breathe?

Ultimately, it seems prudent to encourage the taking of measured steps towards finding better ways to achieve desirable interoperability between social networks, rather than jumping right over the “walled gardens”.

I’m not much for prudence. I think that fewer walls are better for privacy. The fewer barriers there are and the easier it is to get most information, the less incentive there will be to take the rest.

If Facebook allowed other networks simple access to lists of content available through your account, then why would those networks need to actually access the content? MySpace might know that one of my friends posted a photo on their Facebook account, but there is no reason that photo can’t remain hosted at Facebook and subject to their privacy controls. It wouldn’t prevent people from developing an application like Power.com, but nothing will. The only solution is to stop people from needing such a service.

Take down the walls from the inside and fast, then people won’t tear them down from outside.