Do you trust your identity provider?

In a comment to my post yesterday, dsr brought up a very good point: trust in identity providers.

Consider — at the moment, the vast majority of users aren’t even thinking about this, but they’re buying into this brave new identity world by default.  They don’t care about “unified identity” or anything like that: they’re just enjoying the fact that OpenID and Facebook Connect allow them to remember fewer passwords.

Yet this casual decision, of using your Facebook or LiveJournal or whatever account to log into other systems, may have profound effects down the line.  If you use a single identity more and more, across a broad swathe of the Net, it becomes you in some very important ways.  The possibility of losing that identity, or losing control of it, becomes ever-more painful and problematic.

Pseudonymity actually makes this much worse.  When you are known by your real name, you generally have multiple avenues for getting the word out if an identity goes away — if this email address croaks, you can go to your friends face to face and tell them.  But if you are only known to a community through a specific online pseudonym, moving to a new one is kind of problematic, since they don’t have good ways to verify the move.

There is a lot of implicit power being handed to these identity providers.  Millions of people are beginning to use their Facebook login as their One True Online Identity.  That gives enormous power to Facebook — indeed, it’s probably the one thing that justifies their preposterous stock valuation.  And few have given any thought to what it might mean to them if, a few years down the road, Facebook were to start slowly making use of that power.

So — do you trust your identity provider?  It’s pretty clear to me that I don’t trust any of the major ones very much — are there lesser-known companies that are structured in ways to make them less likely to be abusive?  And which are stable enough?  That’s the flip side of the problem: you need to trust your provider to not become evil, but you also need to trust it to keep your identity running.

It does all lead me to wonder if there’s another step yet to come, of a more robust, truly distributed identity system, that would not leave your identity in any single hands.  Hmm…

Contacting your users in the Open Stack world

Here’s an interesting new problem for us conversation facilitators to deal with: what do you do when you are legally mandated to contact your users, and can’t?

This is inspired by a recent court ruling, described in Ars Technica.  The upshot here is a pretty reasonable decision: before revealing the identities of anonymous commenters who are being sued for defamation, the plaintiffs must make a good-faith effort to contact them and give them a chance to respond before they are outed.

The court said that posting on the message board in question should suffice, but I don’t expect that to hold up in the long run.  As we move towards more community-oriented and filtered communication systems, the fact is that posting something publicly just isn’t going to be a plausible way of getting the message through.

In a traditional system, there’s an obvious fallback position: require the messaging system to pass an email through to the users in question.  (Assuming the messaging system has some idea who these users are; if not, the case is meaningless.)  It does put more onus on the messaging provider than the current ruling does, but I won’t be surprised to see that happen.

But what if the users joined the system through OpenID?  In this case, there might well be no means of contacting those users other than partly outing them.  At the least, the front-line messaging system would have to bring the identity provider into the loop, and things could get complicated and messy.

It’s just an example, but it illustrates a tension that’s going to be coming up more in the coming days.  The new identity environment — especially the Open Stack — is all about spreading identity out, and making it easy to keep it a bit opaque.  But a lot of laws and customs assume that identity is fairly easy to penetrate.  I suspect we’re going to find all sorts of places where those come into conflict, especially as “publication” and “identity” become entirely separate functions.  Any bets on how messy things will get, or how far the law will fall behind reality?

Invitations as Group Conversation

As I was RSVP’ing to a Facebook event invitation today, it occurred to me that the rise of online invite services is fundamentally changing the dynamic of party invitations.  In particular, it turns the invitation process itself into a rough and ready group conversation.

Consider: a traditional snail-mail invitation is mostly between each individual inviter and invitee.  Sure, the invitees might talk among themselves a bit — but often, they don’t even know who else has been invited.  So any conversation that happens is one-to-one and private.

In most of the online services, though, whether it be Evite or Facebook or whatever, there’s a lot more group knowledge and interaction.  By default, you can usually see everyone else who has been invited.  You can usually see who has accepted or declined — in many cases, you can even see why they did so.

This, in turn, has knock-on effects on the party, because the process is self-reinforcing.  If I see a lot of people who I like going to the party, I’m more likely to attend.  Contrariwise, if it’s been two days and nobody has RSVP’ed in the affirmative, I’m likely to pause and think about it myself — an intended 20-person party is less fun if only three people are going to show up.

The result is that the invitation mechanism becomes a simple dynamic system, with feedback loops driving it up or down.  That can be good or bad, depending on the circumstances, but it certainly changes the nature of the beast a little.  Statistically, it seems likely to make events a little more likely to succeed or fail big, rather than being simply “okay” in the middle.

Effectively speaking, the invitation becomes a conversation.  (Sometimes explicitly, as in the case of the Wall for a Facebook Event.)  Instead of being a purely individual decision, the group interacts more to decide whether this is something that “we” are going to do.

Opinions?  This is purely anecdotal, and I can’t say I’ve tried to gather concrete evidence for it, but it’s the way I react at a gut level: who else is coming does influence my decision a bit.  Do you find the same?  Are there countervailing forces in this little dynamic system?  Are we going to see new rules of etiquette, as Emily Post confronts these effects?

The weak link in the spam war is always people

I always appreciate clever spam, at least aesthetically — it may be evil, but evil-and-smart isn’t quite as irritating as evil-and-stupid.

In this particular case, it was a comment in The Art of Conversation, which hit my moderation filter a few minutes ago.  The comment itself is simple but well-designed to stroke the ego: “Just passing by. Btw, your website have great content!”  (Okay, so they blew their English roll.  But that’s not unusual in the blogosphere.)  I actually contemplated approving the comment, but the sheer generic-ness of it made me pause an extra second.  And that pause was long enough to actually look at the signature — which is, of course, a link to a make-money-fast scheme.

I hadn’t previously realized that I don’t pay much attention to signatures, but somewhere along the line I clearly started tuning them out.  Going to have to be more careful about that in the future.

And there’s an important general point here: automated tools can only do so much in the fight against spam.  There was nothing technically sophisticated about this particular attempt to place spam in my blog, just a little smart social engineering.  They appealed to my ego, betting that I wouldn’t read the rest of the message closely enough to realize I was being used.  And they almost got me, despite my being pretty sensitive to these ploys.

What have you been seeing lately?  Has anything new and different from the spammers caught your eye?

Conversation Analysis and Multi-Threading

Some of you know rising_moon, some don’t, but I commend her to you as a generally smart and interesting person, and particularly this post from a few days ago.  It mostly asks questions, but presents a few interesting musings about the relationship of communities, knowledge management, and how to deal with the plethora of competing conversational threads that can arise around a topic.

In also reminds me of a point that I’ve thought about idly in the context of CommYou, but which could use a lot more thought.  Most people assume that deep asynchronous conversations should have threading, and it’s not too radical to have the ability to split threads — to promote a thread to being a top-level conversation unto itself.

But what about thread joining?  That is, it’s not unusual for multiple conversational threads to run in parallel, but they often really are running into each other and crossing over.  If you and I are both talking about X, it’s not unusual to hit a situation where really, what I want is to join your conversation with mine, so that we can cut down the redundancy.  At the moment, you do this by links and pointers, but there’s no real concept of unifying the conversations.

This might be particularly helpful in conversations that are mediated by social networks, where parallel conversations can easily arise, with some participants in one and some in the other — a bit of cross-pollination could sometimes provide some interesting insights.

Rising_moon’s post talks about nodes, and I suspect that’s the right way to think about this.  It’s not precisely that you would join two conversations into a single one, as that you could import a thread node from one conversation’s tree over into the other, and vice versa.  We normally think of a conversation as a tree; if we instead think of it as a directed graph inside a forest of conversations, we wind up with a lot of possibilities, some of which make sense and some of which probably don’t.

I’m just musing here — I don’t know if anyone has yet written a serious conversation tool that plays with this sort of thing.  (I haven’t seen one, but it wouldn’t surprise me to find academic work along these lines.)  But it’s a feature I am vaguely contemplating in the long term for CommYou, so I’d be interested in any thoughts about it…

The Rise of the Un-Person

On Friday, AllFacebook reported about current moves to kick convicted sex offenders off of social networks.  On the one hand, I understand the motivation behind this — people are terribly worried about online predation.  On the other hand, I’m increasingly disturbed by this trend.

As with most such, the beginning of the legal story was innocuous, or at least fairly sensible, with moves such as keeping convicted offenders away from schools.  This seems pretty rational on the surface, at least when well-applied, keeping them away from temptation and the danger away from kids.

But over time, the idea has expanded, and gradually become, if not always irrational, at least a lot less consistently grounded.  Some laws are requiring offenders to register publicly, so that parents can know about them.  Still justifiable, but shakier ground: everybody has to live somewhere, after all, and most places are somewhere near children, so the fact that they happen to be in the same neighborhood isn’t an indication of malign intent.  And it opens up a lot of likelihood of harassment of people who aren’t doing anything wrong.

(There are lots of other arguments as well, not least that the definition of “sex offender” is now very broad, covering everything from really scary predators to people who are just guilty of a dumb teenage mistake.  Not to mention the whole question of how we should treat someone who has genuinely reformed.  It’s thorny stuff.)

These new moves into the online space expand the argument even further.  It seems innocuous if you think of Facebook as simply a kids’ hangout where nothing important happens — on that logic, the risk is high and the cost in freedom low.  But that is, at best, a misinformed short-term view.

There seems to be little question that the online sphere matters more every year — indeed, almost every day at the moment.  Facebook is no longer just for kids: it and other social networks are increasingly crucial for everything from finding a job to staying in touch with your social circle.  On current trends, within ten years it’s going to be getting hard to have a life in this country without some social networking.

Which raises the question: what justifies cutting someone out of those networks?  Currently, it’s done casually, indeed sometimes frivolously by the network providers like Facebook.  But as these networks become ever-more important public utilities — as they become public space, as much so as the park you might go for a stroll in — it becomes a much more serious punishment, and one that can’t be applied arbitrarily.

Or to look at it another way: at what point does cutting someone out of the social web turn them into an Un-Person, whose life is more restricted than any released felon’s has been in the past hundred years?  We’re not there yet, but I can see that day coming.  And I believe we’re going to need to come to grips with the question soon…

Tightly vs. Loosely Knit Networks; or, The Echo Chamber

As I’ve observed before, the social network of Facebook tends to be a bit different from that of LiveJournal — the norm is to accept many more friend invitations.

The result is a more loosely-knit social network.  Whereas in LJ it is very common to have a pretty tight-knit network, largely composed of people who you know rather well, Facebook is leading towards friending a lot of people who you only know slightly.

I complain about that a bit, especially in asking the question, “Do I really care about these people?”  But I’m finding one real benefit to it: it has less of an echo-chamber effect than LiveJournal does.

The thing is, a closely-knit group tends towards a bit of groupthink.  That isn’t to say that everyone has exactly the same opinions or ideas, but the group itself, as a tight community, develops its own strictures.  Certain ideas predominate; those to the contrary tend to be a little quieter.  This can lead to an unhealthy belief that everybody, by and large, agrees with you.  (Locally, I often refer to the “Massachusetts Reality Warp” — many people locally really don’t understand how different this state is from the average.)

Facebook, I am finding, can be refreshingly different.  Granted, it tends to have less deep thought and opinion expressed than LJ — but when it does, it’s a fine opportunity to look outside one’s social shell.  No, you may not have seen this person since high school — but that means that they live outside your local echo chamber.  Engaging them in conversation can therefore be a much more productive chance to learn and teach, since you’re not preaching to the choir as much as you might be doing in a tighter-knit community.

Are your Facebook communities largely the same as your LJ ones, or are you widening your circle?  Have you found opportunities there to broaden your horizons?

The danger of implicit “conversation”

Today’s news headline (well, if you look past Facebook’s reverse-course on its Terms of Service) is that Tumblr has an anonymity problem.  It’s not surprising, but it serves as yet another reminder of how dangerous anonymity can be in fostering abuse.  Moreover, it illustrates the way that the new model of deriving “conversation” automatically may be kind of broken.

(Disclosure: I don’t know Tumblr very well.  I’m only picking on them because the news article is illustrating a general point that I’ve been thinking about lately.)

Tumblr, like so many new-fangled systems, kind of tries to do an end-run around traditional conversation.  It links together things that seem to be related, and treats them as a kind of meta-conversation.  This basically treats conversation as an emergent property of postings.

The problem is that the conversations fostered here lack many of the tools that good conversations require.  In particular, by deriving the conversation implicitly, they are also deriving the community implicitly.

That doesn’t really work, because community is more than a one-way operation.  You aren’t part of my community simply because you want to be: you are part of it if I say you are.  Tumblr, and tools like it, miss the crucial distinction.

Any moderately mature conversation system deals with this, by providing very explicit tools for managing your community — the ability to ban a specific person from commenting is the most elementary and critical feature such a system can have.  (No, CommYou doesn’t have it yet.  This is one of the reasons it’s still only in alpha: I consider the feature necessary before it goes to beta.)

It remains to be seen whether the implicit-conversation systems can get this right.  I suspect that, in order to do so, they’ll have to sacrifice some of their beautiful “it just works” emergent properties, and start providing more explicit community-management capabilities like the rest of us.

What do you think the community capabilities of these implicit tools will wind up looking like?  Do you think that implicit-conversation tools are going to manage to scale up to the ugly real world of the Net, or will they (like so many social systems before them) get toppled by the harsh reality of abuse?

138 is a pretty small number

The past month seems to have been a major turning point for Facebook.  I don’t know about you, but I’ve seen a very sharp and sudden spike in people I know getting onto it — I’ve gone from one or two new friends a week to several a day.

Along with that, I’ve given in and started to pay attention to my News Feed.  This is a big change for me: I’m an old LJ guy, and (like so many LiveJournal users) have tended to treat the Facebook News Feed as a shallow imitation of LJ postings.  But if that’s where the people are, I’ll make an effort to follow it.

It does lead to some thoughts about scale, though.  I’ve deliberately been more open about friending on Facebook than on LJ — the culture is different, so I’ve taken an attitude that I’ll accept a friend invite from almost anybody I know.  The result is that my Facebook friend list is already larger than my many-years-old LJ one, and growing much faster.

And the thing is, I don’t care about all those people equally.  I’ll friend the folks from my high school, but honestly — I only care about actively following maybe half a dozen of them.  So when I have hundreds of friends, I want to filter my News Feed pretty aggressively.

Now, Facebook does provide explicit filters nowadays — I can list people who I do and don’t particularly care about for my News Feed.  But those lists are limited to 138 people each.  When I noticed that the other day, I was brought up short.

On the one hand, 138 people seems like a lot.  But the way my friend list is growing, it won’t surprise me if I wind up with 500 people on it within a year, and most of those will be people who I don’t need to hear about regularly.  At that point, 138 may start looking kinda small.

(And of course, the geeks in the audience are now going, “138?  What kind of number is 138?”  No idea — it is oddly arbitrary.)

All of which mostly drives home the point that, in the new online social world, you can’t underestimate the problems of scale.  It’s not the physical world, and numbers that seem large in realspace can be kind of small in cyberspace…

The Danger of a Single Point of Identity Failure

A few minutes ago, I found myself locked out of my Facebook account, due to “database maintenance”.  It was pretty brief — maybe two minutes — but it occasions some concerns.

Facebook is doing a good job of turning itself into the central spot for identity online.  It probably won’t succeed — there are enough people adopting OpenID to provide a counter-balance — but it is part of a growing trend towards simplifying one’s online identity.  Whereas now, your identity is fractured into dozens of different sites, we are heading towards a time when you will only have a few online identities, possibly even just one.

Which is great in many ways, but introduces huge new technical risks.  It’s one thing for Facebook to lock me out of itself for a few minutes.  But what if that means locking me out of everything?

This isn’t an idle speculation: it happened to CommYou a couple of months ago.  CommYou initially doesn’t have any sort of “native” identity — you use your identity from some other site.  As it happens, most of my alpha users get their identity from LiveJournal.  But one day, LiveJournal went down for the better part of a day.  And not only could people not use LJ, they couldn’t use CommYou either, because they had no way to log in.

Step one of identity evolution was the growth of many identities, and the resulting fracturing of your online persona.  Step two, in process now, is the consolidation of those identities into a relatively small number of providers, so that you are basically the same person in whatever sites you like.

Step three, which has scarcely even been thought about yet, is going to have to be distributed identity — wherein you are the same person, recognized as such by many sites, but without the single point of failure.  You’ll be able to validate yourself via several different identity providers, but everyone will still understand that you are you.

I don’t expect this to happen soon, or easily — there are a lot of reasons why the established players would resist it.  But we’ll eventually have a major failure of an identity provider, which leaves a lot of people out in the cold, unable to log into many other sites because their identities went through that provider.  I expect that at that point, everyone will get the clue.

What do you think?  How many online identities do you expect to wind up with?  Any bets on how long it’ll take to develop this distributed-identity infrastructure?  I’m getting started on it soonish: CommYou is much of the way towards allowing you to link a bunch of identities together.  But that’s just the solution for one site, not a general fix for the problem…