Live Notes from “Privacy & Data Portability for Social Networks”

We’re here at the last session of the conference, covering privacy controls and concerns. The large panel includes:

  • Allen Hurff, Senior Vice President of Engineering at Myspace
  • John McCrea, Vice President of Marketing at Plaxo
  • Dave Morin, Senior Platform Manager at Facebook
  • Chris Saad, CEO of Faraday Media & DataPortability Project
  • Dave McClure, 500 Hats
  • David Recordon, Six Apart
  • Brian Oberkirch, Founder, Small Good Thing (moderator)

Brian: We as service providers really understand privacy issues while users may not much of the time. What are your users telling you in regards to data going in between sites?

Allen: I think we’ve all been talking about users a lot. The user comes before the developer. I think people are finding places to build their identity and they don’t want to spend time registering tons of times on different sites.

Morin: Our users just want to be on other sites or on Facebook and see their friends. A lot of the times the conversation takes into account the fact that these are 80 million people that are used to using a site in a certain way. Overall, It is important that the user experience is good in the end. Users just want to have their friends with them, as evidenced by the millions of sites using contact address imports across the web.

McClure: The biggest issue that the average web user deals with is losing their password. If the solution to that problem is to enable users to take their friends around the web with them than I think we are stating the problem in the wrong way.

Morin: The user name and password combination is just a means of validation. Social networks are the place users have built up robust identities. For the first time there is this really great identity that can potentially help users log in anywhere.

John: We’ve been doing data portability since before there was social networking. We have millions of users that have different tools but the problem is that these tools don’t work together. The social web we are trying to cobble together has a lot of broken use cases. Mainstream users aren’t asking for Open ID etc but they are saying “wow, this seems painful that I have to register on a million sites.”

Recordon: If you can solve the problem equally using proprietary standards versus open standards it’s better to use open standards.

John: Now open means give me my data and let me take it to different sites. Those of us that want to mashup these useful services are having to pay the developer tax of creating in multiple different environments.

McClure: I have a negative reaction when people say open is better. Better is better whether the solution is open or proprietary.

Morin: In regards to dynamic privacy, a simple example of is when I choose to use my Facebook profile picture and name on another site and then change that same picture on Facebook I want that change to be reflected on that other site as well automatically.

Brian: What about the longevity of data on these other services? How do I un-share data as a user?

Morin: The most standard way that happens today is by removing that friend or moving that friend to a different friend list.

Allen: At Myspace our solution currently is that we are not letting people cache data. When the granularity is there so that other sites can take action when users make dynamic changes than changes will be assessed in this regard.

Morin: It’s less about the communication and more about the identity. Ultimately having control over that is pretty important.

Recordon: So Myspace’s solution is to prevent the caching of data. Is that your approach at Facebook?

Morin: We are working on solutions where we ping you as a user to inform you of a needed change.

Brian: Who owns the data?

Allen: The user without any doubt.

McClure: Are you sure about that? You could argue that MySpace and Facebook have created free services in exchange for part ownership.

Morin: Once you post something on Livejournal Google makes that content available forever. What is your stance on that?

Brian: The underlying question there is do users really understand what’s happening?

Recordon: We’ve seen today that users are very much jarred by that context.

Brian: How can we educate and bring users along? What is the ideal user experience like?

Recordon: That was something that I actually think the Google Friend Connect interface did well in that it was very explicit and clear. It allows you to specifically pick what particular pieces of data you wanted to share.

McClure: Do you think most people understand the options?

Recordon: Not mainstream no.

McClure: I don’t think the options are useful for the average user. Trying to solve the problem in an open universe may put the solution two years out unnecessarily.

Allen: I think it’s often the case that proprietary gets you there faster but too often the process ends too soon.

Chris: I think we continually try to boil the ocean with these questions. From my perspective the idea of a one way sync is a bad approach. APIs that are discoverable and open standards are step two.

Morin: I think the solution needs to be more consumer. You want to be able to login and bam, all of your friends show up immediately.

McClure: I want when I’m on a tennis website for example to be immediately presented with a handful of relevant contacts.

Chris: But that is actually after you have access to the data. Right now you have to code defensively against each of these services. Its not about working hard but its about scaling up.

Morin: One thing we found is that if you give users the privacy controls that they need then I would argue that one of the best killer apps is around conversation.