To get people thinking about the related issues, Marshall Kirkpatrick has put together a list of questions well worth asking, and discussing. It is indeed timely.

Online social networking is already on fire, but there is a price to be paid as well - mashups galore are making it ever easier to get the data you want, as well as enable people to acquire data on you. I find it amusing that users scream when their Facebook accounts are disabled because they tried to mine some of the data within, but in the Scoble case and many others just face the facts - all those people you think are your friends aren’t really your friends. The majority of the people on that “friends list” won’t ever ask you out for a drink, help you move, or read your business plan, and they certainly don’t want you taking their email address to another site so that service can spam them with invitations to join the next best thing. I’m no particular fan of Facebook, but I can’t help but give them a thumbs up here. The myriad of user privacy settings they offer are there for a reason, to prevent pseudo-friends from taking users’ data while they are attempting to grab their own.

It’s a quandary for many internet users. The fact that some join and befriend in the first place makes them particularly vulnerable. It won’t be long before the type of intrusion exemplified by Robert Scoble/Facebook is going on undetected - its centralization makes it low hanging fruit. Meanwhile we’ve moved beyond the average person’s grasp of privacy - it no longer exists - the best one can hope is that the information available about them isn’t ultimately damaging.

No fire truck is going to arrive to help you if it is.

UPDATE: If the risk of all that social networking data floating around isn’t bad enough already, you can always worry about your ISP doing the mining .

UPDATE 2: Regarding the Scoble/Facebook drama, Paul Buchheit wonders: Why aren’t Gmail, Yahoo! Mail, and Hotmail blocking Facebook? Another good question, and with TOS excerpts to boot!

From Josh Quittner:

A lot of people say that Facebook has jumped the shark. That’s flat out wrong. In fact, Facebook is now being devoured by the shark. There’s so much blood in the water, it’s attracting other sharks. And if Facebook’s not careful, one of them is bound to come along and finish it off. I’ve never seen anything like it in the annals of fast-rising tech companies that fail.

It seems like the people that are most upset about Bacon Bits are the same folks that have been shilling for the company with reckless abandon.

UPDATE: Adam Ostrow confirms (as was suggested above) that the majority of Facebook users don’t even know what Beacon is. I’m not sure whether that is actually good news or bad news for Facebook, but a recent update on Mashable also alerted to the fact that the company has capitulated on the privacy aspects anyway.

UPDATE 2: Hold the presses - Om Malik gets a word in edgewise:

So essentially he’s saying the information transmitted won’t be stored but will perhaps be interpreted. Will this happen in real time? If that is the case, then the advertising “optimization” that results from “transmissions” is going to continue. Right!

Duly (and repeatedly) noted.

UPDATE 3: Does this mean the Quittner quote is memorialized?

I’d call this “stealthy postponement“:

While it falls short of the global opt-out feature that our readers seemed to think Facebook would announce in today’s poll, this seems like a reasonable change that will make Beacon much more transparent. On the other hand, as Beacon adds more partners, being notified of all of these actions each time you login to Facebook could be a huge nuisance.

Beyond the obvious aggravation already pointed out, does anyone really think that the data isn’t going to continue to be actively collected for some future re-release? Or simply for sale to the highest bidder?

Alley Insider translated the Facebook PR (it’s rated-F, as in not for the Facebook Fanboy). Peter Kafka added this:

But! Facebook continues to apply a creepy double-standard about information. It’s more than happy to share your personal data with friends and/or advertisers, but it remains fetishistic about its own privacy: The WSJ reports that Facebook is trying to force Harvard alumni magazine 02138 to take down court documents it published alongside a story about the legal battle over Facebook’s origins.

The docs, which have been republished by Valleywag and others, make Facebook founder Mark Zuckerberg come off like a nasty, scheming jackass.

Like I said…stealthy postponement.

UPDATE: Computer Associate’s security team confirms what instincts could have told you.

UPDATE 2: Jay Goldman deconstructs the offending code (and provides resources for blocking it).

UPDATE 3: Of course they do.

I think Donald Kerr is correct on the first bit, and naive on the latter:

“Privacy no longer can mean anonymity. Instead, it should mean that government and businesses properly safeguards people’s private communications and financial information.”

Anonymity has always been a tool for ill means. But, the government is hardly capable of safeguarding people’s communications, and big companies will hide behind their terms of service (and their lobbying efforts). In other words, there are zero remedies for the little guy.

Everyone loses, but I’d say those hardest hit will be the ones who entrust their data to online services; that data doesn’t need to be actively “intercepted” - instead it’s just mined at will. The winners might be companies like PGP, as well as anyone manufacturing large, portable data storage devices.

UPDATE: Tim Lee’s take.

No surprise here.

They might now say they’re changing their policy, even though it’ll be impossible to enforce internally. As the employee base grows along with the Valley-centric fanbase, this will become more of a problem.

UPDATE: It gets worse. Sounds like some are cracking under pressure.

The desire to read minds. And the moment it does, everyone will be screaming about the privacy implications.

Now if we can figure out where the user fits in.

Who, What, Why

After Facebook’s spring pronouncement that applications “get in but they don’t get out,” chatter about ubiquitous usernames and friends lists in a brown paper sack took on new meaning. Almost immediately, the talk on the web (including here) was OpenID this, social network portability that. The fight to pick vine ripe tomatoes from the walled garden was taking shape. But Google just showed up with a wrecking ball and a reaper. They’ve decided to chase the social graph (or social network…whatever). Maybe “chase” is too mild a term - according to some, they already have the components - all they are doing now is providing tools to release the information into the wild.

There was a lot of chatter over the weekend about this. I’ll highlight…

Conclusions? No.

It’s obvious there’s going to be a lot more talk about this. Anyone drawing conclusions now is drawing them prematurely. I suggest waiting (and listening) before you decide to export all your Gmail.

Living in a user-generated online society, who owns the data and how can it be used have been persistent questions. The debate continues, particularly as data stores grow with more complex (and more personal) information.

Fred Wilson’s Union Square Ventures has invested in a company called Wesabe, which like several others aims to sort through and make sense of your personal financial information. Financial data is probably the most sensitive of all with regard to online conveyance, and individual concern as to how that data is handled is an obvious barrier to acceptance of services like Wesabe. The company has answered the call in part by publishing a “Data Bill of Rights,” the purpose of which is to alleviate anxieties regarding housing personal financial information with them. Mr. Wilson caveats the “press” by stating it’s a good start, and calls out for additional opinion. Mine are as follows (with the disclaimer that said opinions are by no means steadfast rules, nor are they necessarily cost-effectively operationally feasible)…

The Q&A

Who owns the metadata you and others create about the transactions that come into the system?

In the world according to credit card processors and credit reporting agencies, they do, and despite your requests to block its use there is probably a lot of metadata being gathered that doesn’t fall within the two-point type guidelines your creditors periodically send you. They’re likely using it - and you should get used to it. But with regard to opt-in services such as Wesabe, I think there’s a happy median to be had. Clearly, these types of online services see value in said metadata, and allowing you to remove your viewable information shouldn’t necessarily be accompanied by complete removal of the offspring (particularly if the service was offered for free). I believe if personally identifiable and proprietary data elements (meaning data uploaded, imported, or otherwise entered by the user) are stripped away from the metadata, then the result (or what’s left, if anything) should be available to the service provider.

Is it better to let the service do the tagging or is it better to let the community to do the tagging of the transactions?

Both. The services themselves are the machine, and the community is the blood and guts. Algorithms versus psychy, or the two working in harmony and learning from each other. I believe there is a lot of value to be gained from allowing the machine to suggest helpful tag elements to the users, and I believe the users should be ready, willing and able to reciprocate.

Should the tags be shared and if so, when and with whom?

This should depend on the data elements or transactions being tagged and who is doing the tagging. If the machine “suggests” a tag for a personally identifiable element, then the end user should have the option to reject that metadata. But that doesn’t mean the service shouldn’t be allowed to use that metadata in conjunction with non-personally identifiable information to improve itself for the benefit of others in the community. By the same token, user generated tags should be sharable within the community while directly related to said user (or their data) only with their permission, but the “transaction” which resulted in that choice should be something the machine is allowed to learn from.

Where should your login and passwords be stored?

Probably a personal choice issue - there are a lot of folks working on various solutions which include third-party authentication, token exchange, etc., and there is not enough information to make a blanket judgment call on the matter either. I will likely never input my bank, securities, or credit related login information into a third party service, regardless of the level of security assurance the service provides. That is my choice, and the logic is this: a centralized repository of such data will attract threats in direct proportion to the service’s popularity, particularly given the potentially profitable nature of that data. My accounts are spread across numerous vendors, and while the possibility of having my data stolen through phishing attempts and the like increases with each transaction, I personally don’t engage in large numbers of them. I assume the risk is lesser than that presumed in a “large target” stored environment.

The bottom line is that the storage of login identifiers and passwords should be a choice based on convenience versus comfort. If the user wants to store their various account login information in a system for quick and easy retrieval, let them, but the service provider should be prepared to accept the burden of responsibility. If the user values the comfort more than the convenience, give them that option. Unfortunately, we live in world where the easy out is to blame the other guy, and proceed to court. There is simply no easy answer here (yet).

Can these services be hacked?

Of course! The moment someone says something is unhackable is most often immediately followed by a moment of apology over a breach. It is the value of the information housed within that service provider that they and their users need to be cognizant of, as the usefulness of the data within the store for a hacker to garner profit from is directly proportional to the amount of effort they (the hackers) are willing to pursue to break in. If the data is segmented by account type, unbranded, and non-personally identifiable, it’s usefulness goes down tremendously.

Is personal identifiable information (PII) being stored with the data?

This is a tough issue to explain to the end user, particularly if said end user didn’t complete their “Introduction to Relational Databases” and “Networks and Information Systems Management” courses. Consumer end-users assume that if they can see their financial data, that the data must somehow be tied to them. To the layman, that IS personally identifiable information - the numbers are money. But “PII” really means data elements such as name, address, phone number, and most importantly social security or tax identification number - elements that tie the numbers (the money) to the person itself. If a system asks me for such information, I generally stop what I am doing and read their privacy policy carefully before I continue. If that information is being stored for later use, I am somewhere between 99% and 100% likely to put the service in the “potentially more trouble than it’s worth” file. If it’s not, I see the risks as no greater than disclosing the same information to a customer service representative over the phone.

The End Note

Again, these are just my opinions, and offering every nuance of this self-prescribed “perfect world” is impossible and likely unprofitable (or at the minimum, a major pain in the ass for some engineers). There is no way to please every user, and there probably never will be. Nonetheless, we’re talking user inputs, service outputs, and wants and needs which are either presently being breached or are yet unfulfilled. And there are a growing number of solution providers jockeying for position, hoping to provide enough answers to get up front.

A Side Note

I’m presently working on some research related to the login/password storage issue, and am looking for some data. In particular, I’m trying to find statistics on internet usage stratified by user type (i.e. core, casual, convenience only, what-have-you), including the number of sites visited daily, login counts, and time spent on sites thereafter. Site types (including blogs, bookmarking, social networking, and financial) would also be helpful. If anyone can point me to something useful in this regard, I’d greatly appreciate it.

According to Kristen Nicole:

A recent study done by London-based emedia reveals that nearly two thirds of social networking users are worried about the safety of their personal data on these sites. About 31% of those surveyed have used false information about themselves to protect their identity.

The real shocker’s going to come when we find out the other 69% were lying to the surveyors.

Kim Cameron says that just because a website doesn’t blatantly ask for your social security number doesn’t mean they can’t figure out precisely who you are. Intriguing to say the least.

I have a “fake birthday” too, but I can wait for the e-cards.

UPDATE: More on privacy, and your personal “clickstream”, from Alex Iskold.