Via Kottke comes this embarrassing faux pas for Facebook over on Dave McClure’s blog:

“my former PayPal colleague Yishan Wong, now an ass-kicking, name-taking engineer at Facebook, lays the “Walled Garden” rebuttal smackdown on Kottke, Arrington, et al. you go, Yishan… you just go.”

Problem is, the rebuttal is only visible to certain Facebook users! Here’s what I got when I tried to read the post (and I have a Facebook account and was logged in at the time)

Now, the irony of this is almost too much to bear. Getting a permissions wall when attempting to read a rebuttal about not being a walled garden is just, well, something you can’t make up.

But this is a very real problem in identity ownership and it raises a larger question: Do you know who can see what you’re publishing?

It’s doubtful that Wong doesn’t know what walled-garden means. My guess is that Wong is so steeped in the Facebook culture that he’s starting to think that if it doesn’t happen on Facebook, it doesn’t happen. (of course, I cannot read his rebuttal to hear his side of the story) Facebook has millions of people on its service, and a lot does happen there. But it’s still a drop in the bucket of what happens on the Web. The fact is that billions of people outside of Facebook cannot read his writing.

A worse scenario would be if Wong thought he was publishing to the rest of the world but didn’t anticipate the wall that Facebook was erecting. So not only is he playing in a walled-garden, but its possible that he doesn’t have the ownership over his identity that he assumed he did. I wonder what Wong expected would happen when he published?

This faux pas, while humorous, isn’t really that funny in the big picture. Publishing rights are certainly an important part of identity…who can see what you’re doing and writing is a major issue, not just in social networks but in the Web at large. There are system-level policies and tool options that dictate who can see what, and in this case there was an obvious mismatch between what the owner thought and what the system thought. Too bad.

Facebook often claims that they don’t want to open up because they want their users to know exactly what sort of control (and privacy rights) they have over their data, but in this case even their own engineer doesn’t seem to know the details of the system he’s publishing on. If this sort of thing can happen to a Facebook engineer, imagine how inaccurate the views of us regular folks are.

A scary story out of the L.A. Times: Social networking site divulges child’s personal data

“Jane Yang, a 30-year-old marketing coordinator, was curious the other day to see what would turn up if she searched for herself on Reunion.com, a Los Angeles-based social networking site.

Sure enough, there was her name, which didn’t bother the Oregon resident all that much. Nor was she particularly troubled that her husband’s name was included under her “Friends & Family.”

What did startle Yang was seeing the name of her 4-year-old son.”

There are several scary things about this story, the least of which is the fact that a 4-year old’s identity information somehow found its way onto the reunion.com’s servers and into public view.

One is that Yang found this information by chance, which suggests that this is only a single case of a much larger problem. Another is that reunion.com’s CEO has absolutely no clue about how or where his company gets information.

“He (the CEO) said he can’t explain how the name of Yang’s 4-year-old son made it online, or where it came from in the first place. In fact, Tinsley said he doesn’t know where much of the data on his site originated.

The information, it seems, was purchased from a “data broker”, who apparently sold as many as 260 million records (almost the entire population of the United States!) to the site this spring while promising that nobody under 18 would be included.

Whoops.

Jon Udell, in a return visit to the Gillmor Gang, shares his vision for a future in which we control our own identity and digital content:

“What I ultimately want is for people to be born and to be given a social security number and to also be given control over some chunk of space in the cloud, some chunk of name space. And for all the stuff that they care about throughout their life to be there, controlled by them, and for the access to that stuff to be syndicated out in a controlled fashion so that…

Just for example, right now we expect people to manage their photos on Flickr and manage their health records on Health Vault or Google Health. And manage this, that and the other on this, that or the other service in the cloud. Right?

And the notion is that each of these things is kind of like this vault that you put your stuff into. And I really would love to flip that model around, and I would love the model to be that I’m me and this is sort of the cloud extension of me. And it has this stuff in it that I put there.

And then I define who has access to it and where that information flows or syndicates to and on what terms. And what that means is, that when I decide that I want to share something to my friends and family, I say one time what my definition of friends and family is. It’s not my Flickr definition of friends and family versus my Live Mesh definition of Friends and Family versus yadda, yadda, yadda.

I have a policy which I assert over my stuff that I control, which is this protected zone in the cloud. And I have some real control over how I define policies over that thing and who gets access to it and on what terms. And I get to audit that access in a coherent way.”

Udell then points out that there are two types of data here:

“So…why…does Flickr bundle together the notion of storage and archiving with the notion of social interaction with my photos?

Those are actually, in my view, separable concerns. I actually should be able to outsource the storage and archiving to some other provider. And in fact, there should be a range of providers that are making offers to me and there should be a sort of tiered set of offering there. Because right now, my digital photos, the stuff I’ve taken on digicams the last 10 years, I feel are less likely to be available to my grandkids than the shoebox that I have on the floor next to me which has photos from my grandparents era.”

While Jon’s statement seems silly on the face of it, given that you (in theory) can have as many copies of digital content as you want…he has a point. If you’ve cultivated your photos and access controls in a single service over many years…you really don’t have many copies…you have only one. And without the ability to easily get a copy, combined with the current volatility of Yahoo (Flickr’s co-founders just announced they’re leaving Yahoo), Jon turns what should be a silly notion into a very real concern going forward.

Mozilla’s Brendan Eich responds that to reach Jon’s vision it’s going to “require standardization of things like identity and secure JavaScriptable social network mashups”. This would allow people to use their identity data securely in various contexts, so they can keep their privacy and control intact across services.

Of course, decoupling identity and picture data isn’t necessary to make sure they’re saved for the long term, but it would make them much more easy to control and delegate, which would help. If we had standardization for identity data we could at least create backups (or sync) across services, storing copies for the day that our primary service provider goes black so we can switch to another one.

But an even simpler way to help get this started, one that we could implement right now as standards mature, would be for all services that store identity data to merely let their users export it freely in already-existing formats. That rainy-day copy might not work with other services yet, but at least we would be able to print it out and store it in a shoebox for safe keeping.

Lost in the swirl of huge companies and their misleading public announcements are their descriptions of exactly what type of identity information is being shared and how. While Facebook, MySpace, and Google all publish technical documentation for developers of some sort, the non-developer has a very hard time grokking it. It’s very hard to see the bigger picture from the technical developer docs.

So kudos to Google for publishing an in-depth post on how Friend Connect works. They go into good depth about what information is shared and when it is shared. For example, they point out that the only bit of profile information that is passed by Google to third-parties using the service is the user’s profile picture…all other data is data that you input into Friend Connect as part of your Google profile.

Now, whether or not you agree with Facebook or Google in the current identity battle (part of a much larger war), you have to admit that this type of transparency is good for end users. We can learn about how these services work in layman’s terms, and can begin to understand what we need to do (if anything) to keep an appropriate level of control over our identity data.

Posts like this one by Google are exactly what we need from those companies who propose identity management technologies.

Yesterday Facebook, in explaining why they won’t play nicely with Google’s Friend Connect, took a policy directly out of the Bush Administration playbook.

It’s the policy of “we know what’s good for you better than you do”.

So while the Bush Administration dissolves our civil liberties in the name of protecting the country, Facebook is dissolving our ability to share information the way we want to in the name of privacy.

Is this a silly comparison? Maybe, but we are talking about personal identity data here. It’s important.

Facebook’s Charlie Cheever says:

“Privacy and openness go hand-in-hand – as we open up, we have to make sure that users always have control of their information, and understand how and where it’s being used.”

If Facebook truly believed this, then Beacon would never have happened. The double-speak coming out of this company is really astounding. While many millions of people who use Facebook don’t care enough about the company to actually parse this stuff, technologists aren’t fooled in the least.

Michael Arrington has a similar sentiment: “How dare Facebook tell ME that I cannot give Google access to this data!”

What’s worse is that Facebook is being dishonest. They’re lying about the real reason why they won’t allow this. Instead of saying “well, as a for-profit business it’s not in the best interests of our shareholders” they’re trying to have their cake and eat it too by suggesting that Facebook users are in control of their own data.

Are we in control of our own data on Facebook? Hmm…

Was I in control of the data that Facebook was giving to 3rd parties in Beacon?

Was I in control of my news feed data when that feature was first rolled out?

Were the countless people who tried to get their accounts deleted in control of their data?

The answer to all of those questions, of course, is NO. I am not in control of my own data at Facebook, you are not in control of your data on Facebook, and we never have been. Please don’t pretend that I or anybody else has control of our data, Facebook. You’re insulting everyone’s intelligence, even your own.

So forgive me for the analogy, but just like the Bush Administration, Facebook is all spin. It’s too bad what was once a fun, exciting service is now taking its cues from the ultimate spinmeisters down on Capitol Hill.

Most folks don’t think twice about the interfaces they use. They use software to get stuff done, to do work, rarely stopping to consider how that interface is dictating their behavior.

Interfaces are, by their very nature, both enabling and confining at the same time. While they allow us to do some interesting thing, they completely dictate how we must do it. They constrain our behavior, defining a rigid set of allowable actions that we must abide by. If an action isn’t available in an interface, then for all intents and purposes you can’t do it. When an interface designer creates an interface, they are not merely adding features, they are drafting the laws of the land.

Over time, we accept the dictates of our interfaces. We come to align our expectations with the interfaces we use. This was the power of Windows for many years. So many people started using computers that happened to be running the Windows operating system that they never considered there were alternatives. Windows was computing.

Similarly, web-based interfaces have taught us a bad lesson: that we don’t own our identity data. We upload information to a web site and forever forward are confined by the hidden privacy policies that we never read in the first place. Because software wasn’t providing features to get that information back out again, we never thought to ask for it. We assumed, slowly but surely, that this was the way web-based software was supposed to work.

Thankfully, this is changing. Consider this wonderful feature on Dopplr, a site to manage your trips. When you choose to close your account, Dopplr exports all of your data and sends it to you via email, by default. Without you asking. And Everything.

Now, most software doesn’t look after us like this. Most software teaches us that in order to keep our data, we must keep using the service. It’s not even polite about it.

But when Dopplr reframes our world with such a simple feature as this, people notice. Here’s the reaction of someone who was pleasantly surprised to get a data-filled email after they closed down their account:

“(Dopplr) clearly get that the owner of the data isn’t them, it’s me and that I shouldn’t have to jump through any hoops to take my data with me after I’m finished using their site. This sort of attention to detail and user friendliness in something as normally mundane as closing an account is exactly the kind of thing that makes me remember them and want to return to their service”

Kudos to Dopplr for teaching their users what is possible with the data they own.

Noticed a nicely-designed element on the Get Satisfaction signup form today.

While creating a new profile, Get Satisfaction asks you if you happen to belong to one of a few sites that serve up hCards. (they may be using an API as well) If you do belong to one of the sites, simply enter your username and getsatisfaction will pull down your hCard and pre-populate your new profile with the information. Nice and simple.

They’ve done several things well with the design, which I’ve annotated in Skitch…

Very nice interface element. Well done!

Know of any other well-executed identity-related interface elements?

Mark Sigal, writing on Gigaom, says what’s been on my mind lately in his piece The Social Map is All About Me:

“regardless of where my content and data originate, I have a right to pull this data into MY sandbox, a sandbox where I track my threads, organize my media, filter my views and push my content wherever and however I please. While this position seems to raise a virtual middle finger to almost every service provider’s terms of service, it should not be viewed as heretical.”

Heretical, indeed. It’s quite odd that Mark has to describe this as heretical, even though he’s simply talking about his own content. He uploads a picture on a photo-sharing site, and he wants to be able to share it on even other sites, maybe his blog. Smart services have APIs with which they allow other services to transfer data in and out. Stingy services throttle this ability to try to keep that information on the site, within the confines of the domain.

We need a new frame for discussion surrounding ownership on the web. We need this issue to be less heretical and more commonplace. I think this will happen as more and more services like Flickr, Twitter, Dopplr, and Ma.gnolia open up their content and quietly make awesome services with robust APIs focused on specific activities and social objects, without trying to create the next destination network.

I remember when I first started using feed readers. I was excited. So excited, in fact, that I wrote an enthusiastic post about it. Here was a tool that would allow me to know whether sites had been updated without having to visit each one in turn. I wouldn’t have to suffer from the pain of manually checking web sites to see if something was new. From the single interface of my feed reader, I could keep track of all the domains that I was interested in, without missing anything. In theory, I would save a tremendous amount of time and be able to receive much more signal and a lot less noise.

The reality, however, was quite the opposite. Once I got a taste for feeds, I started subscribing to more and more of them. I subscribed to hundreds of them: news, design topics, friends, bloggers whose writing I enjoy. But before long I started being unable to follow all of them, as I would fire up my feed reader and have literally thousands of new posts to look through. I was suffering again.

Instead of solving my information problems like I had imagined, feeds had simply substituted one problem for another. Whereas before feed readers I was having a hard time finding all the newly updated content, after feed readers I was having a hard time reading it all.

Lifestreams

We see the same thing happening again with a new type of interface element called lifestreams. Lifestreams (also called activity streams) display the aggregated feeds of individuals in reverse chronological order. The Facebook news feed is probably the most well-known example of a lifestream. It aggregates all the activity of your friends on the service and displays it in a neverending stream of content. Ridiculed at first for being a privacy concern, the news feed is now a primary driver of activity on the site. People I’ve talked to seem to be very polarized about the feature. Some love it and use it constantly. Others ignore it, especially since the introduction of applications. And, just recently Facebook added the ability to import activity from other services such as Flickr, Digg, and Del.icio.us, adding even more content to the flow.

So, again, we have the firehose problem. While at first it seemed like a great idea to be able to follow our friends on all the services they participate in, the reality is that seeing it all in one place is overwhelming. Information flows in at such a high rate that you can’t come close to seeing it all, let alone making sense of it. If someone asks you if you saw their most recent macro shots of flowers uploaded on Flickr, for example, you have to think back to the hundreds of Flickr pictures you’ve seen floating in your stream recently and try to remember which ones were theirs. This might be manageable if you only follow a couple people, but it quickly scales out of control.

Instead of solving my information problems like I had imagined, lifestreams have yet again substituted one problem for another. Whereas before lifestreams I was having a hard time following my friends, after lifestreams I find out that most of what they do isn’t that interesting after all.

The Curse of Granularity

One way to combat this problem would be to create tools that allow people to granularly define what content they want to see. So, for example, you might be able to say “I want to see Josh’s pictures on Flickr but not his activity on Digg” or “Show me only Josh’s Del.icio.us feed”. This sounds like a great thing to be able to do, but it comes at a big expense: the time and effort of managing all of those decisions. Do you really want to manage settings for each one of the people you follow? I’ve started to do this on those services that allow me to, but one thought keeps niggling in my mind: what if I’m turning off good content? What if, for example, I miss a great photo in Flickr because I’ve granularly shut them out of my lifestream?

The larger problem is that we don’t know what content is valuable before we see it. While we would think that most of our friend’s content would be worth seeing, it’s definitely not the case. Once we are able to track the activities of the people we know and love we can’t help but come to the conclusion that they’re as mundane as we are. Perhaps this is another example of the 80/20 rule: 80% of the valuable information we receive from our friends comes from 20% of their activity.

What’s Next?

So how can we best manage the information firehose? We could hope for more granular controls, which have the overhead of managing them. Or, perhaps we need to periodically declare feed bankruptcy, where we simply turn it all off for a while to regain our sanity? Perhaps I’m not being optimistic enough: is there a way to help solve this problem with software that we just haven’t seen yet? Or, perhaps it exists and just isn’t evenly distributed?

For most people using the web on a regular basis, joining social networks has become an everyday activity. I’m certainly joining lots of them myself. When a new service sprouts up that sounds interesting, my curiosity gets the better of me and I dutifully go through the motions of signing up for it. The process goes like this: enter a username, choose a password, and in some cases even enter more personal information. After I do that, I go through the process of finding anybody on the service that I know. Chances are there are at least a few of my friends already using the service but I have no way of discovering them easily.

But then something interesting happens: I hit an invisible wall, tire of the service, and forget to go back. I call this phenomenon the Fade…as I slowly fade away from using the service regularly. And, days or weeks later when I realize that I’ve faded away from yet another service, it serves as a painful reminder that so much of my time is spent managing connections instead of enjoying being connected.

I’m not alone in this. This problem has become so widespread they even have a name for it: Social Network Fatigue (SNF):

n. Mental exhaustion and stress caused by creating and maintaining an excessive number of accounts on social networking sites.

What causes social network fatigue?

1. Repetitive motion: We do the same things over and over: create an account, add our favorite things to our profile, try to find friends, add some (but never all) friends, wait for something to happen. It’s a repetitive cycle that, when we realize we’re going through it yet again, reminds us that we’re not being productive, but repetitive.
2. Too many things to remember: After we sign up for a new network, we have to remember that we did and know how to get back there. If we do remember to check back, we have to remember the username and password that we used to create the account. With only a few accounts, this is easily done. But after you’ve joined a dozen or so social networks and the thought that you might want different passwords for some of them enters your mind, this becomes a real challenge.
3. Wasted time: With more and more social networks to manage, the time we have left to enjoy interacting with friends dwindles. The other morning I woke up, checked my social networks, and then realized that I had wasted 30 minutes simply managing my accounts, not really getting anything useful done.
4. Lack of consistency between networks: One of the biggest problems between social networks is that people we have signaled as friends on one network aren’t our friends on another. For example, my Facebook friends list isn’t even close to my LinkedIn contacts list, though both contain people who are important to me. This lack of consistency is incredibly frustrating, as it not only means more repetitive motion of friending them again, but it also makes us think twice about who is where.

The involved process of recreating our identities on multiple services leads to frustration and eventually exhaustion. Who knew that surfing the web could be so difficult?