When this post on social networking was published by Rex Shoyama at IP Osgoode I tried a few times to write a comment on it, but each comment turned into a thoroughly rambling essay (to borrow a phrase). Social networking is, after all, a subject I have strong feelings about. But then I remembered: I’ve got a blog, I can post whatever I want there and it doesn’t matter if I ramble.

The article discusses a website (Power.com) that has found itself in a touch of legal trouble for offering an alternative front-end to Facebook (and other social networks, but Facebook is the one suing). What follows are just trains of thought that sprang from the article.

Ownership of profile data

Some people who are critical of Facebook’s position also feel that the users “own” the data in their profiles and therefore should not be stopped from using a service like Power.com.

“Some people” are going a bit far. Even if we own the information about ourselves in some manner, it doesn’t lead to a right to access it in any way we choose. Analogy time: I own a fancy watch that I store in a bank vault; do I have the right to access it with a bulldozer? Even though the watch is my property, my access is subject to conditions.

The desirability of “unabashed sharing”

We may want to query whether or not the ability to easily copy content from a friend’s profile in Facebook into other different social networks is necessarily a good thing (that particular friend may have made assumptions about how his Facebook content would be used and might not want his Facebook photos shared outside of Facebook).

I’m not sure the issue with Power.com is copying content from a friend’s profile to another social network. Rex may be addressing a concern raised elsewhere while he was researching; it doesn’t seem to tie in quite right with the rest of his article. But, that aside, it’s a fun question.

Power.com appears to simply query Facebook with your login credentials and reformat the data, giving you some extra functionality. In other words, it seems to be just a proxy. There is, of course, the potential for a service that would cache the information it gets using your login data. Such a service would be granted access to any information you have access to. Two issues spring to mind: (1) your friend hasn’t authorized the third-party service to see their data, (2) the data will lose its privacy meta-data and, if shared by the third-party, be exposed to people it was not meant for.

Regarding the first issue: unencrypted web traffic travels through so many third parties it’s hard to consider this imposition of just one more a serious violation. The second is more compelling. A user, Alan, might post a private photo on Facebook relying on Facebook’s privacy controls. Bob accesses Alan’s profile through a third party service, 3P. Charlie then uses 3P to access Alan’s profile which, handily, is already cached. 3P saves time by showing the same version Bob saw. Problem: 3P didn’t know that only Bob was allowed to see Alan’s photo. Oops.

I can see why you might want to limit where your profile data shows up, but I am of the opinion that trying to maintain such control is unrealistic. Social networks are designed to spread information fast and far. Privacy is an afterthought. The solution to users maintain control over their personal information is not to erect barriers that give only a false sense of security. People need to learn to keep their profiles clean: if a picture is embarrassing, don’t post it; if a wall-post is scandalous, delete it. Employers, girlfriends, parents, they’ll find a way to see it if they really want to. If you absolutely must share something with a few people that you could not stand to get out in the open, then use a service built for that purpose.

This is not to say “get rid of privacy controls.” But privacy controls on social networks can only provide a little bit of resistance, they won’t keep information secret.

Let the flowers breathe?

Ultimately, it seems prudent to encourage the taking of measured steps towards finding better ways to achieve desirable interoperability between social networks, rather than jumping right over the “walled gardens”.

I’m not much for prudence. I think that fewer walls are better for privacy. The fewer barriers there are and the easier it is to get most information, the less incentive there will be to take the rest.

If Facebook allowed other networks simple access to lists of content available through your account, then why would those networks need to actually access the content? MySpace might know that one of my friends posted a photo on their Facebook account, but there is no reason that photo can’t remain hosted at Facebook and subject to their privacy controls. It wouldn’t prevent people from developing an application like Power.com, but nothing will. The only solution is to stop people from needing such a service.

Take down the walls from the inside and fast, then people won’t tear them down from outside.

I know I’m not the first to lament the imprisonment of our social graphs. It was quite a trendy topic last year and last year I came up with a solution (only semi-original). Listening to the last episode of Net@Nite, I heard Amber and Leo hit quite close to my idea (then veer off) so I decided to write it down. I don’t claim that it is totally original–Google, Facebook, Google, and Google have come up with similar-ish ideas–but I think the scope is somewhat broader than they have in mind. All of these solutions still leave your data walled up on their servers.

The Problem

The basic problem is that I have accounts on countless social networks. I have Facebook, MySpace, LiveJournal, Digg, Twitter, Pownce, Jaiku, Flickr, and tons more that are abandoned completely. I have at least two websites. On each network I have different groups of friends, different profile information, different statuses. I’m in high school on some, undergrad on others, and law school on a few. Each one likely has a different email address for me. This is my online identity. I’m the digital equivalent of a schizophrenic. And I’m sure it’s not just me. No doubt there are few people out there who have only a single social network, but there must be enough that have too many.

The further problem is that according to Facebook I have 200 or so friends. Most of these people are probably also on other networks, but I don’t know that. I have no way of moving my list of friends from one site to another. If I leave Facebook, then I lose this list. I have no control over something that is inherently mine (this was the trendy topic of last year: ownership of your own list of friends).

Solution?

A lot of the work towards a solution has already been done. OpenID, Google Friend Connect, and Facebook Connect allow you to login to other sites with a profile established someplace else. There exist open standards for transmitting friend information like XFN and FOAF. But it’s not enough.

Central Identity

First, you need a central identity site. With good standardization, this could be hosted by anybody. It could be your Facebook profile, MySpace, Google, or some other service that pops up. And if you’re the sort who likes lots of control over their identity or just likes to play, you could host it yourself with some open source platform that would surely pop up. I will refer to the URL for this site as your CI. So, for example, my CI would be something like ‘webarnes.ca’ or ‘facebook.com/profile.php?id=28116640′ (I’m sure Facebook could come up with a prettier URL).

Your CI has to have tools for managing your friend list and your profile information since it’s going to be the location where the authoritative version of your graph is stored. It should have a display of activity on your different networks (like FriendFeed). So when I log in to my CI, it should inform me about wall posts on Facebook and @replies on Twitter. Some of the networks will be complex enough that I have to go there to use them, but I want a central dashboard to let me know when I need to go.

Signing up

When you sign on to another social network, you should have the option of making it your CI or making it subservient (a more PC term might be more appropriate) to a CI hosted someplace else. So assuming I’m using ‘webarnes.ca’ to host my CI and I want to sign up for Facebook. I tell Facebook where my CI is and we do that little handshake that you should be familiar with if you’ve used OpenID or Facebook Apps. My CI gives Facebook permission to access my profile information (and I should be able to select exactly what I want to share) and lets it download an XML list of my friends (all identified by their own CIs). Facebook goes through its database to find out if any of my friends have accounts and automatically adds them. In theory, my friends should have me listed as friends at their CI, so it shouldn’t even require authorization.

Now I’ve signed up, filled out my profile and added my friends in half a dozen mouse clicks and a line of text. What next?

Finding friends

Let’s say I find a friend on Facebook that I haven’t met elsewhere. I add him, he accepts (his name is John Smith). Facebook then pings my CI with this new information. My CI adds this new guy to this list and then starts contacting all the other social networks I’m a part of (it knows this because I linked them at sign up). Soon John Smith is added to my friends list at Flickr and wherever else. The way this works could be customized by different CI hosts. Perhaps I want to log in to my CI and selectively add John to only MySpace and LiveJournal; I don’t want to add him on Twitter perhaps. There might be some networks–like Twitter–where you don’t necessarily want to add everyone you know. That should be possible.

Blogging and status-ing (for lack of a better term)

Streams of information on different sites could be published as RSS feeds. They could be pushed to your CI and disseminated to your other profiles. A status change on Facebook might also change my status on MSN or MySpace. A blog post on WordPress would show up as a note on Facebook. Ideally comments on all of these would be synced back to my CI (because it is so very annoying when people comment on my Facebook notes instead of on the original blog post). There would be some privacy issues to work out, I’m sure, but it could be done.

Summary

This probably won’t happen. It’s too complex for most people. But it could be done behind their backs. Why should I have to confine myself to Facebook because most of friends do? My Facebook profile could easily be a mirror of a profile someplace else. Facebook would compete by providing the best central identity site. I really wish it would happen.

I apologize if this was a bit rambling. I might post some more ideas in the future that are more in depth and clear. I just felt the need to write something about since I’ve been thinking on it for so long.

Image source: terinea