BBC public value in the online world

The BBC is an interesting organisation – it isn’t motivated by profit and unlike other public service broadcasters, elsewhere in the world, it is very much part of the country’s mainstream broadcast entertainment ecosystem. Indeed Stephen Fry has suggested that this mix of out and out public service broadcasting, more mainstream programming and stuff somewhere in the middle is vital if public service broadcasting is to have meaning. Stephen argues that if you want people to find and value public service programmes, then it needs to be part of a broader entertainment offering.

In the broadcast world the BBC has a clear (albeit, in some quarters, controversial) public service role and a clear and well developed modus operandi. That’s not to say that it might not or indeed should not change, but rather to say that right now the consensus is it’s doing the right thing, in the right way. But in the online space I don’t think things are as clear, even though the public purposes for all platforms are the same, namely:

One reason the Web is different from broadcast media is because it’s so new and so fluid. The web is not yet 20 years old and it is still evolving at a phenomenal rate, both in terms of technologies and in terms of its application. This means that, with the web, one needs to deal with both the technology and the content. Treating the two separately or assuming that the platform is sorted – in the way one can do with traditional media – is impossible or at least a foolish mistake.

Clearly, from a content perspective there is much the BBC could and indeed is doing on the web – much as it does in the broadcast space. But because there is something very special about the Web the BBC could also be adding real value over and above its content offering. It seems to me that there are at least two additional, distinct areas where the BBC could add public value. Firstly, through its size, the power of its brand and its non-commercial status, it could help with the adoption of technologies that benefit the Web population at large; and secondly by helping to semantically link up parts of the web.

Last week Zac posted an article about the recent OpenID Foundation Content Provider Advisory Committee which the BBC hosted. Unfortunately OpenID is a widely misunderstood piece of technology, partially I suspect because people have got so use to the email+password per site paradigm, and partially because the name OpenID doesn’t really help people grok what it’s about. But that doesn’t mean that it doesn’t provide real benefit to people using the web.

As I’ve discussed previously emails are for contacting people not for identifying them. Using emails for identification means the affordance is the wrong way round – I can send you an email but I can’t see who you are, what you’ve said about yourself nor who’s in your social graph. In the real world this would be a bit like handing over a scrap of paper with your home address or telephone number on it as a means of identification. You wouldn’t do that, so why do it online?

As Zac points out, OpenID has yet to hit the mainstream – it’s still the preserve of Generation @. But if, as I do, you believe that technologies such as OpenID and OAuth provide genuine end user benefits then it is something that the BBC should be helping everyone else to adopt.

Sure it might seem a bit geeky and not something that most people get right now but then almost nobody gets transport layer security either but I’m pleased it hasn’t stop my bank implementing it; most people don’t understand HTTP but we all use it. The BBC, could help foster the adoption of these technologies for the benefit of the web at large by, for example, adopting these technologies itself, by promoting best practice and by actively engaging in their development.

Tim Berners-Lee has put forward four simple rules to do the web right:

  • Use URIs to identify things on the web as resources
  • Use HTTP so people can dereference them
  • Provide information about the resource when it is dereferenced
  • Include onward links so people can discover more things

If you follow these rules what you get is a highly interlinked web of resources – where each resource is linked to other resources that are contextually/semantically relevant. And if you also provide those resources in machine readable formats (as we have done with programmes and music) then you provide a platform that allows others to reuse your data.

Unfortunately it appears that there is a nasty habit developing on the web whereby websites aren’t doing this and instead are only linking to themselves.

Follow Jay’s link and you come to a story that indeed doesn’t have any outbound links, except to other Times stories. Now, I understand the value of linking to other articles on your own site — everyone does it — but to do so exclusively is a small tear in the fabric of the web, a small tear that will grow much larger if it remains unchecked.

That’s bad for users. But how does following the Linking Open Data principles help the BBC? And more importantly how does that help the web at large? How does it add public value?

If data is unconnected it is very likely that those websites and journeys across the web will be incoherent. The web’s power comes from interconnected data. Publishing a web page or any other piece of content online is useful but if its interconnected with other resources then its value is greatly enhanced. This is due to the Network Effect. The classic example of the Network Effect is the telephone. The more people that own a telephone, the more valuable each telephone is becomes.

One consequence of the network effect is that the addition of a node by one individual indirectly benefits others who are also part of the network, so in the telephone example, adding a telephone to a network makes every other telephones more useful. On the web adding semantically meaningful links adds context to the page you are reading and allows you to discover other resources and read more information about a given subject.

For example, by building bbc.co.uk/programmes and bbc.co.uk/music/beta in this fashion our new artist pages will become much more useful by being joined to programmes – directly linking to those programmes that feature that artist. And of course the network effect goes both ways; it goes all ways. Linking artists to programmes also makes the programme pages more valuable – because there is now more context, more discovery and more serendipity. And that’s just within the BBC.

By joining BBC data, in this fashion, with the rest of the web the Network Effect is magnified yet further. That does benefit to the BBC, but it also benefits the web at large and that is important. The BBC has a role that transcends its business needs – it can help create public value around its content for others to benefit from (assuming, of course, there remains one, non-discriminatory, free and open internet).

The mobile computing cloud needs OAuth

As Paul Miller notes Cloud Computing is everywhere – we are pushing more and more data and services into the cloud. Particularly when accessed from mobile devices this creates an incredibly powerful and useful user experience. I love it. The way that I can access all sorts of services from my iPhone means that an already wonderful appliance becomes way more powerful. But not all is well in the land of mobile-cloud computing; a nasty anti-pattern is developing. Thankfully there is a solution and it’s OAuth.

"Mobile phone Zombies" by Edward B. Used under licence.
"Mobile phone Zombies" by Edward B. Used under licence.

So what’s the problem then? Since Apple opened up the iPhone to third party developers we have seen a heap of applications that connect you to your online services – there are apps that let you upload photos to Flickr, post to Twitter, see what’s going on in Facebook land all sorts of stuff. The problem is the way some of them are gaining access to these services by making you enter your credentials in the applications rather than seeking to authorise the application from the service.

Probably the best way to explain what I mean is to look at how it should work. The Pownce app is an example of doing it right as is Mobile Foto – these applications rely on OAuth. This is how it works: rather than entering your user-name and password in the application you are sent over to Safari to log into the website and from there you authorise (via OAuth) the application to do its thing.

This might not sound so great – you could argue that the user experience would be better if you were kept within the application. But that would mean that your login credentials would need to be stored on your ‘phone, and that means that you need to disclose those credentials to a third party (the folks that wrote the app).

By using OAuth you log into Flickr, Pownce etc. and from there authorise the application to user the site – your credentials are kept safe and if your iPhone gets stolen you can visit the site and disable access. Everything is where it should be and that means your login details are safe.

To be fair to the iPhone app developers this type of delegated authorisation isn’t always possible. Twitter, for example, still hasn’t implement OAuth and as a result if you want to use one of the growing number of iPhone Twitter app you need to give up your user-name and password. I find this incredible frustrating – especially from a service like Twitter where (according to Biz Stone, Twitter’s co-founder) “the API… has easily 10 times more traffic than the website“.

URLs aren’t just for web pages

We’re all use to using URLs to point at web pages but we too often forget that they can be use for other things too. They can address any resource and that includes: people, documents, images, services (e.g., “today’s weather report for London”), TV or Radio Programmes in fact any abstract concept or entity that can be identified, named and addressed.

Also, because these resources can have representations which can be processed by machines (through the use of RDF, Microformats, RDFa, etc.), you can do interesting things with that information. Some of the most interesting things you can do happen when URLs identify people.

Currently people are normally identified within web apps by their email address. I guess this sort of makes sense because email addresses are unique, just about everyone has one and it means the website can contact you. But URLs are better. URLs are better because they offer the right affordance.

If you have someone’s URL then you can go to that URL and find out stuff about that person – you can assess their provenience (by reading what they’ve said about themselves, by seeing who’s in their social network via tools such as XFN, FOAF and Google’s Social Graph API), you can also discover how to contact them (or ask permission to do so).

With e-mails the affordance is all the wrong way round – if I have your email address I can send you stuff, but I can’t check to see who you are, or even if it is really you. Email addresses are for contacting people they aren’t identifiers; by conflating the two we’ve gots ourselves into trouble because email addresses aren’t very good at identifying people nor can they be shared publicly without exposing folk to spam and the like.

This is in essence the key advantage offered by OpenID which uses URLs to provide digital identifiers for people. If we then add OAuth into the mix we can do all sorts of clear things.

The OAuth protocol can be used to authenticate any request for information (for example sending the person a message), the owner of the URL/OpenID decides whether or not to grant you that privilege. This means that it doesn’t matter if someone gets hold of an URL identifier – unless the owner grants permission (on a per instance basis) they are useless – this is in contrast to what happens with Email identifiers – once I have it I can use it to contact you whether you like it or not.

Also because I can give any service a list of my friend’s URLs without worrying that their contact details will get stolen I can tip up at any web service and find which of my friends are using it without having to share their contact details. In other words by using URLs to identify people I can share my online relationships without sharing or porting my or my friend’s contact data.

You retain control over your data, but we share the relationships (the edges) within our social graph. And that’s the way it should be, after all that all it needs to be. If I have your URL I can find whatever information (email, home phone number, current location, bank details) you decide you want to make public and I can ask you nicely for more if I need it – using OAuth you can give me permission and revoke it if you want.

Photo: Point!, by a2gemma. Used under licence.