Identity to Activity Stream: “Baby, I’m breaking up with you”

The recently proposed TOU (terms of use) changes at Facebook and the ensuing blog posts on TechCrunch and ReadWriteWeb on this subject really frustrated the heck out of me.  It was that sinking feeling you get after having been duped or had something of value stolen from you. Like you’ve been emotionally raped.  I recall working at Tribe when Facebook emerged on the scene with a very simple value proposition that resonated really well.  Facebook claimed to be a service for making it easier to keep up with the people you already know and interact with in the physical world.  Mark Zuckerberg went to great lengths to explain this differentiation from other social networks services like MySpace, where MySpace was more like a night club than an engaging safe place for your existing relationships.

Starting with the Facebook Beacon fiasco, which was recently settled for a paltry sum, and has created no deterrence for such behavior in the future, Facebook has slowly moved closer and closer to basically giving its users the finger and usurping all of their information for whatever uses it deems they will want or need.  This of course, with no consideration to what they actually might want or need.  The EFF had a good piece on the privacy default settings changes that Facebook made at the end of last year to start us down this slippery road.  Danah Boyd, an ethnographer who has studied and written much about social networks and how users interact in them, has published a wonderful paper from her talk at SXSW titled “Making Sense of Privacy and Publicity” really getting to the meat of what the privacy issue is all about, worth reviewing.

So all of this got me thinking about who has control of our information and what could be done to put users back in charge of that.  The trick of course, is making this easy and seamless for anyone to use as easily as they do Facebook today.  There have been so many efforts to open up all of these platforms with initiatives like Open Social and Facebook pseudo-open efforts around Facebook Connect, but the model in these services seems to maintain that ownership of the user’s info is maintained by the service and not the user (or shared ownership but there’s no way to get it out when you want it back ;).  This is further exacerbated by the fact that Facebook won’t let you delete your profile under the guise that by doing so it would make other users’ experience unappealing (though you can disable it).  This is actually partially true.  While at Tribe we did allow users to completely remove their profile which made for awkward experiences when reading threads in tribes (discussion groups) where the comments remained but the author’s profile pic was a question mark and their name was “unknown”.  Still, the comments remained which is how we at least kept the thread flowing even without the author or commenter in the loop any longer.  Suffice it to say, Facebook gets away with this because they can claim ownership to user information on the basis of needing this right in order to provide its various services back to users.  It’s also what enabled them to create F8, since they had secured the rights they needed to be able to pass along user data to the various application providers that wanted to offer services on the Facebook platform.  At first they only allowed the info to be kept for 24 hrs, now after repeated appeals from app developers, it looks like the limits on how long data can be held by an app have been considerably relaxed.

To say that all of this isn’t very tricky is an understatement, but when Facebook starts crossing the line by opening up the content they have usurped from its members through a change in the TOU beyond the original agreement that people entered into to participate on their service, something has got to give.

Let’s take a simplistic re-imagination of this service.  First, while some times seen as a fringe lonely voice in the world of all things social media, Marc Canter had envisioned much of what I’m going to touch on here.  The challenge I’ve frequently had with his version of things in the past is its seeming aversion to a business model to support it.  With that said, I think that business models are catching up to Marc’s utopioan ideas so it’s time to try to fit these two things together.  You should read his post today as it raises good points on these matters and got me motivated to finish off this post.

Cost and Ownership
Users who believe that they should be able to have a place online to store their information for free need to then ask themselves why they shouldn’t be paid a salary to sit home and do nothing.  If a company offers a service for “free” but hires employees and buys hardware and software to render that service, unless those people are not getting paid either and the equipment is donated to them, the company will have to find a way to make money some how.  Even in Open Source software, those developing code are doing this as a hobby or as a sideline to their day job where they are getting paid money for the work they’re doing there.  Until we live in a society where you can survive by doing nothing, I’ll argue that there’s no such thing as a free business model.  Seemingly free business models generally mean that one constituency gets some services for free while another constituency pays for services.  The innovation in Web-based business models was that advertising became a source of revenue for the most unlikeliest of services, which then enabled services to be provided to end-users for…wait for it…”free”!

Freemium (as coined by one Fred Wilson’s blog readers fm Alacra) business models in effect segments the end-user community into two groups, those who would not likely pay for the service versus those who find immediate value from heavy usage and would easily pay for the service.  Even where the ratio might be something like 90:10 (non paying:paying), that paying group is able to keep the service afloat for the 100% of the users (though in the case of Ning, this does not appear to have been the case).  The bonus comes in when some of the 90% who get accustomed to the service and like it, grow their use of it to the point that they need to upgrade to the paid version.  At that point, they don’t usually have a problem paying for it because the value has been proven to them.  flickr was a great example of this for me, basically free until I was too invested to leave but needed more storage capacity and had no problem paying for it.

Now that users have grown accustomed to the services offered by social networks like Facebook and LinkedIn and the value proposition that they deliver, it becomes more interesting to contemplate what aspects of those services, end-users might be willing to pay for in order to exert more control.  Imagine if for example, the end-user could actually control their own information.  I mean full portability, as well as the ability to remove other services’ access to it or able to decide exactly how and when it could be used.  Would that be worth paying for?  Would it be worth paying $1 to $5 per year?  Today, the credit reporting services that let you track any activity against your credit report are charging anywhere from $6 to $15 per month for their services.  What if the profile repository that you controlled could provide similar service in terms of how and where your profile was being distributed, and enable you to control that access.  What’s often forgotten about Facebook is that some times it’s not because you have given an app access to your info that it’s out there, more frequently it’s because one of your friends has downloaded an app that then gets all of their friends’ information.  How is one to ever keep up with that sort of information dissemination?

With users willing to pay for services, ownership of their information could be bestowed on them since a service for their benefit could be maintained.  In other words, by applying a business model that does not depend on advertising, users’ interests could be kept at the center of the value proposition, not as a distant second or third as is happening on the various social networks today.  Around the time that Marc Andreessen was joining the board of directors at Facebook, and before the company was generating meaningful revenues, he was asked why he was so bullish on their prospects.  His analysis was simple, if the company is able to generate $5 per member per year (which he thought was an understatement), they could do incredibly well.  In other words, at the numbers we’re talking about, the service doesn’t have to cost much to users to be a viable business.

Separate Identity from Applications and Activity Stream
There has been lots of work going on out there on identity issues and standards, but sadly many of these have been moving very slowly or are too complicated for the average person to care about.  Of the most promising that I’ve seen is OpenID, which is supported by the likes of Google and Yahoo! and other services out there.  Today, both Facebook Connect and Twitter enable their respective identity systems to be used for basic authentication on other services.  While this latter case is interesting and a step in the right direction, the fact that Facebook (more of an issue than Twitter) owns so much of your identity and activity streams, means that it’s not a user beneficial service, it’s primarily a benefit to Facebook who collects and monetizes the information because of the rights they have usurped from users who joined their service.

So what if we were able to architect identity as a separate *paid* service, and for any site that a user logs into using this identity service, the site can offer to broadcast the user’s activity if the user opts in for this.  The broadcast format could be done using some modification to something like PubSubHubBub with user ID of some sort (I’ll leave for the more technically inclined to determine).  Like any publish-subscribe model, any user could subscribe to different types of feeds from different users, like “only show me John’s photos, but show me all of Marsha’s activities”.  In other words, by separating identity from applications, we can start to move to a place where people could control their identities and control what activities are published.  “Like” as an app could also work on this model, since I could subscribe to what some of my friends “Like” (or whatever the right metaphor is here, “Want”, “Love”, “Have”, etc.).  This would also go a long way to helping those wanting to keep up with you to only select those aspects of you that they really care about.  The identity system could also be used as a (or integrated with other) messaging platform(s) in order to establish what sorts of information you are willing to share and with whom.  Consider this analogous to your current “friends lists”.  The ability to message to specific groups would also be critical, so you no longer needed to broadcast everything to the world if you knew it would only be of interest to one of your social groups.

I could see a new class of social sites emerging analogous to RSS readers, but topic or purpose focused, capturing only feeds that would be relevant to their mission.  Users might also use services that offer general feed capturing from all of those people the user is connected to through the identity system.  In effect, an aggregator of all feeds, but making these available according to the appropriate access controls.

In effect, what I’m saying is separate identity control from the information aggregators and the apps.  The incentives around these two sets of activities are very different and should not be kept together as they are conflicting.  The objective for managing information that is published to a service is to gain the broadest distribution for it, not to mention that as a publishing model, it’s true customers are advertisers, not individual users.  Hence, if an info aggregator is managing identity then they will do everything possible to get users not to be able to contain, or retain control over, information those users might not want widely disseminated.  On the flip side, an identity business is much more focused on the needs and security of end-users in the same way that banks used to be when it came to helping secure our money and other valuables 😉  It would also need to be more highly regulated business given the sensitivity of the control this business would be providing its users.

Now that we’ve seen what’s possible, and the benefits that social media and social applications can bring, I believe it’s time we rethink the control infrastructure so that we’re no longer at the mercy and the whims of companies with interests that are wildly divergent from the community they claim to serve…you and me.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: