Rishad Tobaccowala tweeted: “you are right. What we want closed (our data) they want open. What we want open (create and transfer) they want closed.”
There's room for someone to give us what we want. What if there was a P2P open source app about communication / status / notification?
A web browser would be a good platform for this to reside in. There would have to be a daemon/service component as well. Perhaps a cloud component, but with distributed control and controlled encrypted access, so only immediately linked nodes could ever be compromised.
The problem is that what "we" really want is to be able to mail, chat, play games with, send photos to and do other random stuff with our friends. What a subset of geeks want is an open architecture that with fine-grained privacy controls. The average person wants that about as much as they want to ensure that they have access to the source code of their operating system.
Social networking requires a critical mass; the critical piece of building an open architecture isn't writing the software and putting a site up, it's convincing enough people to join to make the experience worthwhile. And for that you need a better carrot than geek fodder.
While users just want to do some simple things, they do care about the downsides and annoyances (that we know grow directly from lock-in). FB people already grumble about privacy, the meaningless of 'likes' and 'friends', the annoyance of all those third-party apps spamming friends of the player, etc. They're ready for change. They may not care about 'how', but they absolutely will care whether the next destination has those problems.
Sure, you need to wrap features into the protocol that will appeal to FB people. You should absolutely take the opportunity to solve some real problems. But the open architecture is crucial to protecting privacy. Without competition, no flavor-of-the-month network has incentive to put user needs ahead of its own wants.
Only if you want to attract them away from Facebook. There's no need for that. All one has to provide is an alternative channel for communications that can effectively use Facebook as a directory, but provide private communications and updates under the user's control.
> What a subset of geeks want is an open architecture that with fine-grained privacy controls. The average person wants that about as much as they want to ensure that they have access to the source code of their operating system.
That's extremely condescending. Everyone I know wishes they had better control over their privacy on Facebook. The problem is that properly understanding and maintaining Facebook's current privacy controls would probably take several hours a month of analysis. That's intentional - Facebook is making the privacy controls too complex, and changing them too frequently for anyone to manage them properly.
But what average users want is so little. Done correctly, social networking could do what they want without such a heavy price to pay in terms of loss of privacy and control over personal information.
This is manifestly not just a geeky thing. Go read the news coverage of the last few major Facebook changes and you will see that the chorus of concerned people has been growing quite well. "It does what you like about Facebook, except only you control who sees your stuff" would be a simple sell to lots of people.
I completely agree with the P2P approach, for sometime I was thinking about P2P as a means to deliver a social network for families. Everyones graph and data would be under their control and "local" to just those that needed it.
The one key element that makes the web possible, isn't HTML, HTTP, CSS, blah, blah, blah... it is the fact that it is decentralized. If for some reason we are tricked into moving away from this we are not longer using the web. We are just using AOL 2.0 - Google, Facebook, twitter, bit.ly.... are all trying take control of not users, but their information and the web.
Don’t think it will happen... it already has. The URL is the essence of how the web works and you no longer control yours. Link shortening, makes it easier to paste and share links but it breaks the web. Currently, I am sitting in China writing this comment and every link that bit.ly has under its control are completely useless to every person in China. My slogan that I came up with for Bit.ly is "Billions of links useless to billions of people!" Please don’t respond its China’s fault; that is too simple. The issue is that we haven’t responded fast enough from a standards perspective to combat this hijacking. The solution is actually quite simple to implement.
Even though Google is fumbling this service, it really could launch decentralized social networking services.
They just need a 'phase 1' client that draws better imaginary walls between the 'parts' of the service, to fit most users' current conception of how the internet works.
People aren't 'getting' the idea that an email, a chat and a picture archive are the same thing under the hood. Google, meanwhile, is so proud of the technical possibilities that they won't shut up about that part. And it's confusing the crap out of the users they should be enticing.
Google needs to build that more-traditional-looking client and pitch it as a decentralized Facebook competitor.
My first thought was Wave. My second thought was Wave sucks (in my limited experience). I also like the idea of minimising the use of proprietary protocols. Can you imagine if email were invented today; lots of non-connected email islands.
This is why, despite being too young to actually have experienced them, I miss the days when people who actually had the good of the network in mind hashed out ideas over RFCs before rolling something out. I imagine they would come up with something with some parameters vaguely in that space (though maybe not including tor).
I was thinking something more like encrypted storage in the cloud for pull and offline access to feeds. Realtime updates would happen over a push mechanism. (Otherwise polling would make things expensive.) Everything would be encrypted and in complete control by the "local" segment of the graph.
A social network billing itself as the "anti-Facebook" with regards to privacy issues could succeed. The only thing such a network would retain control of would be related to ads. Everything else would be encrypted and controlled by users.
Such a startup would have to operate like Craigslist. It would have traction because it's there to provide functionality for users, not to maximize profits.
Reddit-style ads would pay for cloud resources, with the ability to opt-out by paying for services directly. By reddit-style, I mean that the ads can be shared with your friend network and voted up or down.
Smartphones and the iPad could be used to implement such a network.
Well, I think what we really need a standard, bare bones open source platform that implements something rational, and several providers (they would have to be fairly large ones) so that there's competition. Social networking needs to be a utility, not a walled garden.
Now, one of these providers might be ad-supported, but I would gladly pay $10/month for ad-free Facebook if it was just like a hosting provider - no data crawling, no new features, basically it's the job of the people I'm paying to make sure I can back up my data and that others can access it subject to my privacy controls.
> Well, I think what we really need a standard, bare bones open source platform that implements something rational, and several providers (they would have to be fairly large ones) so that there's competition.
This is a very insightful post. At the end of the day, having some company (especially one run by a volatile 25-year old) be the intermediary between me and my online identity just doesn't work. My identity should play by my rules, not theirs.
Google has been pushing OpenSocial, a truly open (multiple provider) and deeper version of what Facebook is now offering, for over a year. It's a chicken or egg problem, however. FaceBook can deliver more traffic now, but the tradeoff it you end up helping promote FaceBook's ownership of the social graph.
No, the chicken and egg problem is not what is wrong with this one. I was one of those excited about open social pre-release but it's release was riddled with all kinds of problems[1]. If google had gotten it right at the start, it could have really taken off. If google can still get it right and demonstrate cleanly how one can make a secure open social based site, it still has a very good chance of taking off. It's a good idea but I am not so sure about this particular implementation and it's details. Google or somebody probably should do an OpenSocial 2.
The german (alledged facebook ripoff) MeinVZ/SchülerVZ/etcVZ seems to do something in this direction with its OpenSocial interface. Instead of exposing your real account, you can generate additional pseudonymous personas that look just like OpenSocial accounts for external apps, but can only access those data from your profile that you actually authorized for this persona.
This dos not address the data export problem, but helps keeping the things a user want to keep private private.
I think this is a beneficial effect of the rather strict data protection laws in Europe. Especially since one of the *VZ properties explicitly targets minors, they had to come up with a novel solution that actually takes user data protection into account.
Clearly, the inability to exert full control of your profile on Facebook is very problematic esp. since your average Joe doesn't realize this, but this is a ticking time bomb and it will explode with a far more destructive force than Beacon/gBuzz. When that happens, I truly, truly hope people wake up and demand more controls (and demand opt-out by default!!!).
Their opt-out-by-default (that is, they opt you in) policy as well as Google's--anybody's--drives me nuts! It is EVIL! They argue that they provide you with value but who are Google and Facebook to decide what value means to you and when you should have it shoved down your throat? We own our data, and we get to decide who to share it with and when as we go, not by default.
I agree with J. Jarvis, Facebook is clearly thinking about themselves and the opportunity to finally bootstrap and rule the ever-so-elusive semantic web--that's really what they're building if one thinks about it w/ their Open Graph protocol. They want to rule this upcoming decade, they want to cut into Google's ad revenue with machine readable content, explicit interests, real identities, "personalization", etc.
Jeff Jarvis is right, except he shouldn't be so confused about why he's right.
There have been proposals for intermediated privacy settings controlled by users since the early 2000's (at least). The problem is that commercial websites never wanted to put that control in the user's hands.
Now Facebook "releases" what is essentially a siphon on your online activity, and the tech press lauds it as some kind of innovation.
Some days it seems like everywhere I turn, I see people doing the exact opposite of what is good for them. It's really bizarre.
We so need an open & portable way of managing our social information online. I use OpenID to manage online authentication across different sites, and am pleased with this. I have a choice of providers, or I can manage it myself. But, it is limited to managing basic authentication, and is a long way from a repository for all the other types of social data that are needed for a full online identify.
Surely there is a market opportunity here? And whatever happened to opensocial?
That was a good read. I haven't heard many positive things about Facebooks new plans but I like the new features (ie. instant personalization). If this can make my experience of websites more interesting and relevant I'm all for it.
But like Jeff Jarvis says: Facebook should give us the control of which sites get instant personalization etc.
It's like walking through a mall and every time you enter a shop you're not sure if you're wearing clothes or not.
There is a technological aspect that the user can or should be able to control, although it by no means addresses all the concerns. Simply firewall your Facebook access away from your other online access. It's annoying that browsers let so much information bleed between connections and provide either poor controls of same or poor promotion of such controls where they exist.
Currently, I have my Facebook access running through one browser that is doing nothing else. I use other browsers for other access. I would disallow Flash "super cookies" except that that borks a few other sites I access, so I wipe them at each shut down. (I'm also not entirely trustful of Adobe's online control panel and "black box" implementation.) I'm now considering controlling them yet more aggressively, as I see them as a means of cross-browser communication during the course of access that takes place between wipes.
All that aside, I too am becoming quite uneasy with Facebook. Opera's Unite continues to intrigue me, and if I can shake some time and energy free, I'd like to look at that more, not just or primarily for myself but also for friends who may want something "simple" to implement that places their data under their own control.
Most, however, won't want to leave the convenience -- and the "games" -- of Facebook. At least their browser should keep Facebook locked up in its own little pen, segregated if and as they wish from the rest of their online access.
If I'm not mistaken, and I may very well be, this new facebook paradigm shift is just friend feed on steroids, and since facebook didn't create friend feed, they bought it, can't somebody come a long and just make a new version of friend feed that embraces authentic openness instead of this command and control, top down, DRM vendor lock in dystopian reality that corporations seem to love so much.
Rishad Tobaccowala tweeted: “you are right. What we want closed (our data) they want open. What we want open (create and transfer) they want closed.”
There's room for someone to give us what we want. What if there was a P2P open source app about communication / status / notification?
A web browser would be a good platform for this to reside in. There would have to be a daemon/service component as well. Perhaps a cloud component, but with distributed control and controlled encrypted access, so only immediately linked nodes could ever be compromised.