Data Portability – the need for DRM

So Robert Scoble got his Facebook account disabled for running a script that scrapped his account for names, email address and birthdays and load the data into his Plaxo account – so that he could match Facebook names with names in Plaxo’s database. On the surface this is no different from Facebook’s own importer – which lets you enter your email address and password for, for example, your GMail account – so that your contact details can be loaded into Facebook (which BTW is a very bad idea).

Facebook GMail upload

It’s worth remembering that what we’re talking about here is basic contact information – the script didn’t try to grab any information from Scoble’s Social Graph – no friends of friends data, not people’s interests, nothing like that – nor did Plaxo sign up those users to its Social Networking application Pulse. Despite that the general feeling out there is that Plaxo are evil and neither Plaxo nor Robert had the right to run the script. I suspect that this is mainly because the early version of Plaxo made it very easy to email everyone in your address book with a request to join Plaxo, this was a bit rubbish and got Plaxo a bad name for spamming folk. Quite right too although its worth noting that this hasn’t been a problem since they rewrote it last year.

But if you step away from people’s prior poor experience with Plaxo what they and Scoble tried to do was no different from what Facebook does. The difference is one of reputation. All Plaxo are trying to give their users are tools to get data into their database. This is harder with Facebook because it’s a walled garden and walled gardens, as the name suggests, makes too tough to get data out. The pertinent question then is who owns the data – is it Facebook, Robert Scoble or each ‘friend’?

I know that, as far as I’m concerned, it’s not Facebook. You should be able to move your data between systems. The DataPortability folk have got the right philosophy:

As users, our identity, photos, videos and other forms of personal data should be discoverable by, and shared between our chosen tools or vendors. We need a DHCP for Identity. A distributed File System for data. The technologies already exist, we simply need a complete reference design to put the pieces together.

Unfortunately as the Scoble-Facebook story illustrates access to our online identity is often effectively controlled by others. Robert Scoble has access to 5,000 people’s contact details plus a good chunk of their social graph via Facebook. So while Facebook is wrong to lock your data away behind a walled garden, Scoble or anyone else might do the wrong thing if they export the social graph and profile information of their contacts (not that he did in this instance).

What we also need, in addition to data portability, are privacy controls. As Jason Kottke puts it:

[what’s needed is]…Facebook inside-out, so that instead of custom applications running on a platform in a walled garden, applications run on the internet, out in the open, and people can tie their social network into it if they want, with privacy controls, access levels, and alter-egos galore.

Or as Robert Scoble suggests a DRM for your personal data:

COMPLETELY OPEN: You’re allowed to take anything on my profile page and import it, use it, copy it, print it, import it.

EMAIL ONLY: You can only take my name, and email address to other systems.

EMAIL PLUS CORE PERSONAL INFO: In addition to email address and name you can also take my birthday and phone number to other systems.

CUSTOM: You choose which fields can be exported or used on other systems.

NAPKIN ONLY: You can use anything you want, but no automated systems, you’ve gotta manually copy everything over by hand.

PUBLIC ONLY: Only data that I put on my public profile can be used elsewhere.

FAN ONLY: I only wanted to see your social network and behaviors here, I don’t want to give you access to mine.

Clearly what I’m suggesting (and I assume so is Scoble) is a rights management system which would be respected by the various social networking applications, not a solution that would encrypt your data into a binary file that required your approval to unpackage. In other words a system that would give you control over your data and allow you to decide how it was shared with others who may or may not be using the same social networking application as you.

Link for 2008.01.04

» Facebook disabled Robert Scoble’s account – ?because he was screen scraping contact or activity data [scobleizer.com]He’s under an NDA at the moment so can’t go into the details but he was running a script on the site that broke Facebooks’ Terms of Use. It looks like the account has been deleted taking with it all his data. This is why walled gardens are bad.

» Promoting ‘Data Portability’ standards [dataportability.org]As a result of Facebook’s decision to delete his account Robert Scoble has signed up to this. Which is good news. Data portability between systems is the key to Web 2.0. If you can’t point to a resource (outside a walled garden) and use it then it’s not a web 2.0 citizen. And if data is about you then you should have control – it is yours after al.

» Frameworks exist for conceptual integrity [204 No Content Blog]When someone uses a framework what they are doing is delegating decision-making to someone else – having too many options in this situation is a bad thing. Frameworks that give developers too many options hoping to maximise code reuse are misguided. Software reuse is not an end. Reuse is a means, and if the available means don’t meet your ends, then find other means.

Facebook: new social network site; same old walled garden

Last year the buzz was around MySpace now its Facebook and before that Friends Reunited and Linkedin. I have to confess that I’ve never really grokked these services – I’ve played around with them a bit – but generally never really got that much out of them. Preferring to stick with email, IM, Flickr, del.icio.us and my blog.

Trends in Facebook, MySpace, Friends Reunited and Linkedin

The problem I’ve always faced with community sites, such as LinkedIn or Facebook, is that I’m never sure I want to maintain yet another online presence. I know that they provide tools to help bootstrap the site with data about your group of friends (importing contacts from your email account etc.) but there’s more to it than that. And in the back of my mind I know that all too soon there will be a new site out there doing more or less the same thing but with a twist that grabs everyone’s attention. And the reason this is a problem is, as Steve Rubel points outs, because they are walled gardens.

Despite the age of openness we live in, Facebook is becoming the world’s largest, and perhaps most successful, walled garden that exists today…

The problem, however, lies in this fact – Facebook gives nothing back to the broader web. A lot of stuff goes in, but nothing comes out. What happens in Facebook, stays in Facebook. As Robert Scoble noted, it’s almost completely invisible to Google. You can share only a limited amount of data on your public page – as he has here. That’s fine for many users, but not all.”

Walled gardens create barriers to getting information in and out of their system. This means that I know that I will need to go to extra effort to seed the site with information about me and my network; maintain duplicate information between different gardens as well as in the wild; and have difficultly getting data out and into something else. Walled gardens will always eventually die because they require that extra bit of effort, both from their community and, more widely, the developer community. As Jason Kottke notes like AOL before them Facebook’s walled garden approach places additional strain on the development community.

What happens when Flickr and LinkedIn and Google and Microsoft and MySpace and YouTube and MetaFilter and Vimeo and Last.fm launch their platforms that you need to develop apps for in some proprietary language that’s different for each platform? That gets expensive, time-consuming, and irritating. It’s difficult enough to develop for OS X, Windows, and Linux simultaneously… imagine if you had 30 different platforms to develop for.”

[what’s needed is]…Facebook inside-out, so that instead of custom applications running on a platform in a walled garden, applications run on the internet, out in the open, and people can tie their social network into it if they want, with privacy controls, access levels, and alter-egos galore.”

In other words we already have the platform – its the internet, in its raw, wild, untended form. And rather than trying to build walls around bits of it we should keep our content in the open, in applications such as Flickr, WordPress (other blogging software is also available) and email. But tie it all together into communities with technologies such as OpenID the “open, decentralized, free framework for user-centric digital identity” and Friend of a Friend (a project aimed at creating a Web of machine-readable pages describing people, the links between them and the things they create and do).

Indeed this approach is similar to that adopted in Plaxo 3.0 which now runs as a web service removing all reliance on Outlook. Plaxo now provides a synchronization and brokerage service between applications (e.g. Outlook or Apple’s Address Book) and services (AOL, Google) – your data is no longer within a walled garden but you do have access control over who can access your data.

Facebook is an amazing success – but like all walled gardens will eventually either die or be forced to open its garden gate and let the rest of the internet in (for example, let me replace the Facebook’s status application with Twitter, or Photos with Flickr). And in the meantime I’m happy to stick with my existing online presence.