Archive for the ‘Social Networking’ Category

Some thoughts on “Conversational Commerce”

January 20, 2016

I’ve largely neglected this blog lately (too focused on getting Querki off the ground), but this post from Chris Messina got me thinking.

He’s talking up 2016 as the year of “Conversational Commerce” — saying that the coming year will be the time when many companies begin to figure out how to leverage the various chat streams, listening to what users are saying, taking commands that way, and providing services through it.

It wouldn’t surprise me if he’s right about the core point: that companies are going to start aggressively plugging into the chat networks and leveraging them.  But let’s get past the happy dreams of e-commerce riches and look at the implications.

My general reaction to all of this is mild skepticism — not so much that the companies will embrace it, as that the users will.  In particular, my BS detector kind of got pegged by this line:

While you may have bristled when that news app alerted you to “new stories”, you might appreciate a particularly friendly newsbot delivering a personalized recommendation with context that you uniquely care about.

I think he’s underestimating the creepiness factor here, and how people react to intrusions in their conversational stream.  Yes, folks are getting somewhat desensitized to it over time, but I’ve found few who “appreciate” it.  I’m constantly talking to folks who are subtly unsettled by how much the bots, collectively, know about them.  And contrary to the wishful thinking of the various companies, not many people like them.

In general, folks don’t like uninvited intrusion.  We’re all rapidly learning to work around it in news feeds and the like — one can’t survive long on Facebook without developing the mental reflex that renders advertisements and promotions invisible.  But in any sort of true conversational context, it just feels rude to be interrupted.  Too many marketers are forgetting the psychological lesson of spam: when you intrude into an electronic space that people think of as personal, they don’t just quietly ignore it, they get angry.  And you don’t want customers angry at your brand.

There’s a tragedy of the commons here.  If the conversational tools make it possible for commerce to intrude into them, that will be abused by over-eager marketers and technologists.  And at that point, you quickly get into the traditional problem, that bad traffic drives out good.  The line between “good” and “bad” isn’t just fuzzy, it’s entirely subjective — different users will object to different intrusions.  And it won’t take many bad interactions to turn people off the idea entirely, and get them to demand off global off switches.

What about requested interactions?  He also makes the point that customers could initiate operations with all of those bots through the conversational stream, and that does make a lot of sense — I can see some real appeal to being able to make requests and have them serviced quickly, without interrupting my flow.

(For example, someone on one of my Gitter feeds the other day introduced a little bot that lets you evaluate expressions right in the conversation — it’s great for illustrating technical points, and folks have taken to it quickly.)

But then he undermines the point:

Discovery of discreet conversational services becomes less of an issue if users are slowly trained to think and type more like programmers.

Annnnd we’re back to wishful thinking.  For decades, the programming community has been like Henry Higgins, bemoaning all those Eliza Doolittles out there and wondering why they can’t be more like us.

Basically, the idea here is that these service-oriented bots become much easier to code if the users would just type in proper commands to them.  The example shown is:

/partyline create:task Write about the future of text-based interfaces

Yes, that’s easier for the program to understand.  But even this simple syntax is going to be enough to turn off the vast majority of customers.  The real core ones, the folks who depend on your tool day-to-day, who are willing to invest real brain cells in it, sure — they have enough skin in the game to make the effort.  But it’s hard to build a business plan around just that hard core.

Somewhere, I’ve got a button that reads, “If it has syntax, it isn’t user-friendly”.  Much though we might wish otherwise, it’s still true.  There might come a day when the average person is comfortable with precise command syntax, but I’d bet that we’re still quite a number of years off.

(This topic is near and dear to my heart, since template formatting is a key feature of Querki.  I wound up writing a whole new programming language, just to make it as easy as conceivably possible — and I’m still quite sure that we’re going to need a WYSIWYG wizard on top of that for most users.)

Is it steam-engine time for conversational interfaces?  Probably — the technology is there, and there are uses.  But let’s not forget that we’re in the “hype” part of the cycle here: the reality is going to be more gradual and humdrum.  Syntax-driven interfaces like the one shown above are going to be a niche market — the companies are going to have to invest serious time and money into more naturalistic parsers if they’re going to succeed.  And everyone involved in this growing ecosystem needs to be careful about allowing too much intrusion into the users’ conversational streams.  Otherwise, 2018 will be the year when customers, en masse, begin to reject Conversational Commerce…

So what *should* the identity architecture look like?

February 1, 2012

[Crossposted to Google+, LiveJournal and Art of Conversation. That, in and of itself, illustrates some of the points I’m making.]
I’ve posted a lot (mainly on Google+) about the problems with the way Google is handling identity, and the various dangers of it. The just-linked article describes neatly why Google wants to mess up the identity architecture. But it’s worth spelling out the alternative, and how it should work to be best for the users.

I’ve been meaning to do a long writeup for months now, but keep getting distracted, so here’s the back-of-the-napkin summary. Consider it a sort of technical manifesto.

(Yes, this is the short version. It’s a quick and dirty writeup, just the spark for a lot more discussion. And most of it isn’t that novel: others have talked about it, but haven’t gotten far enough yet.)

There are, in principle, four principal layers in a well-constructed Internet identity architecture. I’m not going to go into the fine details, because from this viewpoint they don’t matter as much — what really matters is how they relate to each other. Suffice it to say, none of this is easy, but it’s all technically feasible if folks collectively want it enough.

All of these should be talking to each other through *open* protocols, with no back doors. That’s extremely important: the point of the exercise is that the individual should be able to control each of these layers him or herself. Even more importantly, no single company should be able to lock you into their stack: if you really value your privacy highly, you should get each of these from separate companies.

(I can’t overstate the importance of this. The success of the Internet has largely been due to its embrace of open protocols like IP, TCP, HTTP and so on. It is a travesty that the social network space has festered without them like this.)

The layers are:

Layer 1: Identity — this is the simple statement of “this is me”. Crucially, I should be able to have multiple of these, defined however I like. In my own case, there’s “Mark Waks” (the professional / business identity) and “Justin du Coeur” (the social / club identity). These Identities may provide additional details such as name, gender, or what-have-you, but don’t need to: all they really need to do is provide an authentication mechanism.

We already have Layer 1, in a couple of different forms. There are SOAP-based versions in the form of the WS-Security stack, and those are fairly elegant and well designed. In practice, OpenID is cruder but much more prevalent, works adequately for many purposes, and is used a lot. (Although not nearly as much as it should be.)

Layer 2: Social Grouping — this is the notion of G+ Circles, FB Lists, LJ Flists, and so on: groups of people that you define. These Groups may be public (everyone can see their existence) or private (only you know they exist). A Group is owned by one or more Identities, and contains any number of Identities. Note that a Group does *not* contain people, it contains Identities. One of the core principles here is that people know each other as Identities; how much they know about the relationship of a person and an Identity is a relatively private matter. (That is, lots of people know that “Mark Waks” is “Justin du Coeur”, but that should be a decision I control, not enforced by the software. The former should be in groups about these sorts of technology matters, the latter in discussions of the SCA and fandom.)

There have been some stabs at doing this properly, at least to the extent of sharing group information between applications. I don’t get the feeling that anybody has taken it seriously enough yet, and some providers (notably Facebook) deliberately make life difficult. But it’s been examined a lot.

Layer 3: Application — this is conceptually the top of the stack, but it interacts with the other layers in fairly subtle ways. This is all the stuff you can *do* online. In principle, all functionality belongs here, and shouldn’t get mixed in with the other layers.

Most systems get this wrong, mixing everything from personal information to chat into the Identity layer instead of formally separating it via APIs into a consistent Application layer. In particular, the big providers tend to treat applications as what everyone *else* gets to do, while privileging their own stuff. People have always objected when Microsoft does things like that; there is no reason for companies like Facebook and Google to get let off the hook.

There are some nascent proto-standards for this sort of thing, but I haven’t seen much agreement yet. It’s not going to be real until multiple companies are hosting applications using the same standard, and a fair number of companies are writing applications using it.

Layer 4: Aggregation — this is the elephant in the room, that everyone prefers to ignore, but it’s central to much of the privacy problem.

The thing is, if you really care about your privacy, you need to be able to control how your Identities relate to each other. The Identity provider, the Grouping provider, the Application provider — none of these should have to know about all of your Identities. Moreover, if one of them *does* own the collection of Identities, then they own you in a sense, and we fail the key objective of giving you control over your online world.

This is the heart of the various Google problems — I haven’t yet figured out whether they are being deliberately obtuse about this problem, or really don’t get it, or are struggling with its implications and (typically of Google) refuse to say anything at all until they have the one true solution built in-house, and are simply refusing to engage properly with the wider community. It was the heart of the issue with the Real Names policy (if everything has to be under a single real name, you get aggregated whether you like it or not), and it’s the heart of the issue with their new privacy policy (since it is now clear that you can’t separate your identities simply by using different apps).

Now of course, you *can* deal this today, by creating completely separate accounts and never letting them touch each other; that’s often recommended. But it’s a blithe non-answer, because the simple truth is that that’s horribly inconvenient. There simply isn’t good tool support for it, so at best it’s clunky.

This is the bit that’s actually technically challenging, because it affects the way the rest of the stack works. In principle, you want to be able to aggregate your *views* of applications — for example, be able to see all of the conversations that include all of your Identities in a single place. But doing this while getting real privacy means that the Applications have to be built in such a way that they can’t accidentally “leak” the relationships between the Identities, and that’s tricky. Still, it could likely be managed with a well-controlled environment, with well-defined APIs.

Separating things into clear layers like this, communicating via clear APIs, would improve the online social world in a lot of ways. It would level the playing field, letting in lots of competition in each of these spaces; at the same time, it would make it more economical to build new applications if you didn’t have to rewrite them for each social network.

And I should be clear: it’s entirely reasonable to cheat a bit. So long as a social network allows in outside versions of each of these protocols, there is nothing at all with it offering a full stack of all of them, integrated to make it easier for a naive user to get involved. Yes, there are some market risks with that sort of collusion, but let’s get real — most people want convenience, and do *not* care about things like privacy or openness. (Yes, they should. But the world doesn’t run on nice ideals.)

Why doesn’t it just happen? Plain and simply, because the above architecture doesn’t offer an obvious way to become a billionaire. In that, it’s much like the Internet itself. As an individual, you *want* the social network to be a commodity, the same way that the Internet is. But companies want to lock you into their walled gardens, because that’s how they get rich.

History points the way, though. Originally, the networks themselves were walled gardens — companies like Compuserve and Prodigy tried to lock you into their gardens, providing lots of features but not letting you walk outside. We didn’t put up with it then: we collectively instead went for the messy but inter-connected Internet, and those companies basically wound up in the dustbin.

And there’s no reason for us to put up with walled gardens now. The very fact that Facebook and Google+ (and Livejournal and and and) mostly don’t talk to each other illustrates how broken things are. That’s because each of those companies, ultimately, wants to own you and profit from you. We need to get away from that, and not *let* ourselves be owned.

How do we get there from here? Honestly, a lot of hard work on many peoples’ parts. Trying honest prototypes and experiments; agreeing standards; ultimately, building a system that does all the sorts of stuff that Facebook and Google+ do in a more open way. The public isn’t going to move away from them because of airy principles; they’re only going to move if we can build an alternative that is *better*, and demonstrate that to them. That’ll take patience.

But I do think it can be done — moreover, I think it *will* happen, because it is closer to what people want. Folks are pretty fed up with the split between the various social networks: it’s a real inconvenience for many people. It’s time to start building The Social Network, the social level corresponding to the unified Internet, so that we stop having to choose to fragment.

(And yes, I’m gradually talking myself into rebooting CommYou, with a radically different business plan…)

G+: Circles vs. Identity

July 11, 2011

All the conversation about social networking right now is of course about Google+.  I’m not going to bother recapping that: most of you know about it (and I think that XKCD summed up the current state pretty well), and a lot of you are already on it.  They do a lot right, and I fully expect it to improve rapidly, but let’s talk a bit about the biggest goof that I’ve seen so far.

The big deal about Google+ is the notion of “circles”.  These aren’t nearly as revolutionary as they’re made out to be (from the thousand-foot view, they’re similar to Facebook’s Lists), but they’re unusually well-executed and well-integrated.  The key observation Google made, correctly, is that most people run in multiple circles, and that those circles need to be front-and-center to the experience, not considered a minor detail.  I put a lot of information online, and different information should be shared with different circles.

So why, for heaven’s sake, do I have only one profile?  I suspect that the answer is that they simply tied into the existing Google Profile mechanism, and that they have been too influenced by Facebook.  But seriously, it indicates that they haven’t thought their own key insight through properly.

The thing is, for many people — possibly most — circles are more than just groups of people.  It’s not just that I am sharing different things with those people, it’s that I am potentially a different person to those people.  And I don’t mean in some sinister way, I mean the routine stuff: it’s almost cliche to say that we present multiple faces to the world, and it’s kind of astonishing that that hasn’t been properly recognized.

For me personally, this is a relatively minor detail: I’ve never tried to keep much separation between the real-world Mark and the better-known nom du SCA and plume and stuff Justin.  But for a lot of people, this separation really matters.  A common example or two:

  • I have many friends who participate in alternative lifestyles of one sort or another.  For many of them, it is deathly critical that they keep that well-separated from mundane life and especially from work — in some cases, crossing those identities could be a career-ender.
  • Almost every teenager is on social networks nowadays.  And let’s get real: most of them want to maintain a clean separation between the family side of the network and the friends side.  That’s normal and healthy — modern parental paranoia aside, teens need space to learn and grow on their own.
  • One flap that’s blown up pretty seriously lately surrounds the question of gender identification.  That points up the fact that these different identities potentially don’t publicly identify the same way.  Specifically, I suspect that some of the women I know would very much like to have multiple profiles, some of which identify as female (mainly for friends) and others which are specifically gender-neutral (for public consumption).

There are other examples, but it all ties together.  Google has bought into Facebook’s dreadfully mistakenbelief that you can and should only have one identity online, that it must be associated with your real name, and that it must be shared among all your circles.  This is uncharacteristically dumb of them: there is no good argument for it, and lots of reasons — the above and more — to kill it.

So here’s a specific gauntlet thrown down to Google: get the identity equation right.  You got conversation mostly right with Wave; you’ve gotten a lot of the social interactions right with G+.  But your identity mechanism is just plain broken.  People should have the ability to have an arbitrary number of identities, and the requirement to tie those publicly to real-world identity should be just plain scrapped.

(And let’s be clear here: I’m not calling for anonymity.  Anonymity is death to most social environments online.  I am calling for pseudonymity to be officially permitted and encouraged, so that people can present the appropriate face to the appropriate circles.)

Opinions?  Do you present multiple faces to the online world?  Would you use multiple profiles, if the option existed?

Okay, say it with me: Comments *are* Actions

May 21, 2010

So the good news from yesterday is that Google Buzz has opened up a bunch of APIs.  It’s officially a Labs project, so they’re doing it kind of tentatively (having been bitten in the ass by releasing Buzz itself too quickly and broadly), but by and large the new API looks pretty good.

But to my disappointment (although completely *not* surprise), it bakes flat commenting right into the data model.  If I’m reading this right, you can have “activity” objects (like a post), each of which has exactly one Comment Collection associated with it.

Why does this matter?  Because it makes the usual mistake of thinking about an “action” and a “comment” as completely different things.  They’re not, and it’s pretty broken to think about them that way.  In the larger online world, they’re just elements in the larger conversation that we are each having with our friends.

In practical terms, there are lots of implications here.  For example, by structuring things this way, it means that threaded discussions are right out — currently ruled out by the data model, and never likely to work quite right.  On the flip side, it has no concept of the other ways that an Activity can itself be a Comment — for example, a video, or another discussion, or something like that which is spawned off from a previous one.

None of which is new and different, mind.  It’s just a little depressing to see Google (which often does a good job of analyzing problems) making the same mistake that so many other sites have done.  That’s doubly true now, after Wave did a pretty good job on this.  (Although Wave then tried to do *so* much in the UI that it comes out as a little intimidating.  Their mistake was the opposite: trying to expose every conceptual detail to the user too quickly.)

The conclusion is that, while Buzz is decent at light-touch social-grooming sorts of communication (like Facebook), it’s not likely to ever be good at deep conversation (like LiveJournal) unless they wise up and fix this conceptual problem.  That’s a pity: the world needs more social networks that have a clue about how serious conversations really work…

Crowdsourcing can only take you so far

May 17, 2010

Interesting article here on ReadWriteWeb, about Facebook’s approach to banning.  It’s a bit hyperbolic, but assuming it’s correct (and really, it wouldn’t surprise me), it implies some dangerous naivete on Facebook’s part.

The high concept is that banning on FB is somewhat crowd-sourced — if a lot of people complain about someone, FB auto-bans them.  FB is claiming that this isn’t true, that all bans are reviewed; putting all the stories together, my guess is that the auto-ban *is* true, but that FB then reviews them after-the-fact.  That’s a plausible approach, but not a good one, since it means that a vengeful crowd can at least partly silence their detractors.

Mind, like I said, I don’t think it’s surprising: when you’re dealing with millions of users, including a fair number of trolls, and you have limited staff, you need *some* way to make things manageable.  But a simple numeric auto-ban (which this may well be) is too easy to abuse.  In our modern, polarized world, almost anybody who says anything really interesting is likely to have a crowd against them.

None of which means that an automated solution is impossible or evil — it just means that you need to be smart.  The story implies, quite plausibly, that there is a Facebook page dedicated specifically to listing people to attack with complaints, to get them kicked off.  If so, a smart network-detection system can pick it up.  If twenty completely random people complain about someone, the target is probably a troll.  If the *same* twenty people complain about person after person, then it’s much more likely that the complainers are the trolls (or at least, are abusing the system) — and *they* are the ones who should be banned instead.  At the least, it indicates that something suspicious is going on here, and the automated systems shouldn’t be trusted to make a decision without a human looking into it in detail.

Social networks are bigger and in some ways more complex than anything else the world has ever tried to grapple with.  That demands both cleverness, and openness about how you are managing them so that people can poke at those management techniques and find their holes.  I suspect Facebook is failing on both counts.

How would you deal with this?  Do you think automated mechanisms are even legitimate for deciding who to ban?  What tweaks should such a system put into place, to make it harder to abuse?

The little problems of coarse-grained privacy

May 14, 2010

I have to admit that I’m taking twitter a lot more seriously than I used to — at Arisia this year, @shava23 convinced that me that, if you manage your flist very carefully, it can be an extremely useful information feed.  Yes, many people still post too many “I’m eating waffles!” tweets, but if you ignore those and focus on friending people who mainly post content, it can be concisely useful.

(There are lots of folks who use Twitter for socializing.  Honestly, I don’t get that: even Facebook is a lot better at it than Twitter is.)

But it’s still got real problems, and one of those problems is its ridiculous all-or-nothing privacy model.  In most social networks, you choose on a post-by-post basis which items are locked and which are public; in the good ones, you can design highly customized filters for who will get to see what.  But in Twitter, either your entire feed is public, or it’s all locked — there’s no in-between.  That made sense when all posts were via SMS, but I think that stopped being the case quite some time ago.

This has some serious mal-effects — and one of them relates directly to that usefulness thing.  Consider: Twitter is most useful if you limit your following to people whose post information you find useful.  It’s still a social network, though, so unfriending is fraught — I’m sometimes forced to do so, in the interests of keeping that filter narrow, but it’s not something to do casually.  And if somebody’s feed is locked, I can’t see anything they say until *after* I friend them and they allow me in.

The result is that I find myself leery of friending anybody whose feed is locked.  Before I friend them, I can’t see what it’s like, to figure out if it’s information-rich.  And I’ve been doing social networks for long enough to be just a little nervous about the potential drama if I follow somebody, see that they’re posting way too much, and immediately drop them.  So I wind up not reciprocating a bunch of follows, which hurts the social network.

(Yes, it’s now possible to use lists to limit who I am actually reading.  In the long run, this may ameliorate the problem.  But third-party support for lists is still often crappy, so I’m not using them as much as I might wish yet.  Someday…)

And speaking of Twitter, let’s talk Metadata

April 19, 2010

Another Twitter topic for today, possibly even more interesting: they’ve finally woken up to the value of metadata.

This one’s not a surprise to me at all — it was in the plans for CommYou, and I’ve always thought that it was necessary.  The thing is, when you’ve got a service like Twitter, that is fundamentally about Text Dammit, you have to wrestle with the question about what to do with the rest of the world.  I mean, there is a lot more to a modern online conversation than just text: pictures, video, even embedded games and such can matter enormously.

There are a variety of ways to deal with this — for example, Wave chose to define an open API so that, if you format your other stuff properly, it can be embedded inside a wave no matter what it is.  Twitter is going a different and arguably more open route, pretty much the same one I was planning on: let people embed whatever metadata they want inside the conversation, and let the Twitter clients decide what to do with it.

(For the non-programmers out there: “metadata” is mostly just a fancy way of saying “other stuff that is attached”.  The formal term in the Twitterverse is “Annotations”.)

We’ll see how they implement it, but I like the general approach.  The implication is that they aren’t particularly trying to control the attached metadata — they’re just going to allow developers to put stuff into Tweets, to use as they see fit.  As this post discusses, that’s potentially problematic, especially if all the developers go haring off in different directions.  But I don’t actually expect that to happen: frankly, the obvious thing for most sensible developers to do is to develop mime-type standards for the various kinds of metadata, so that it works pretty much the same way email does.  Indeed, I’ll be very surprised if we don’t see mime-based metadata extremely quickly after the Annotations feature rolls out, sometime in the next few months.

Impressions?  What uses do you see for this feature?  What dangers do you see?  (It *is* a potential malware vector, but given the diversity of Twitter clients I actually don’t expect that to be an immediate crisis.)

ETA: I just came across this Ars article, which points to this posting, which gets into more detail about how Annotations will work.  Summary: they’re very open-ended, but small.  You can’t actually embed much in the tweet itself (annotations probably capped at 512 bytes initially, 2k in the long run).  That makes lots of sense, but means that we’ll quickly see an ecosystem evolve around linking things *from* tweets.  For example, I give it weeks, at most, before we see clients integration photo sites with tweets, so that you can do something like take a picture from your phone and just tweet it, with the client saving the photo to a site, putting a link into an annotation, and compatible clients pulling that out and displaying it as if it was simply embedded inside the tweet…

Twitter makes a grab for namespace dominance

April 19, 2010

Twitter has been in the news a bunch lately, especially due to their new deal with the Library of Congress to archive the entire public feed of all tweets.

(And that is worth a brief tangent: what do people think about this?  Is a permanent archive of Twitter actually worthwhile in isolation?  How many conversations occur solely on Twitter, and how many are bouncing between that and other social and online media?  I sort of wonder if future historians are going to find this feed incredibly frustrating — basically getting to read half a conversation for the entire world.  But I digress…)

Anyway, today’s main Twitter topic is their new @Anywhere service, which is looking pretty clever.  It’s their equivalent of Facebook Connect, and many of the features are similar — for example, it allows you to log into Twitter via a third-party site and do Twitter-ish actions from it, lets the site do some actions on your behalf, and so on.

But the really intriguing bit that I note in their documentation is that, if you put a little @Anywhere Javascript into your site, it will scrape the page and hook up all @-tags for you.  That is, if someone refers to @jducoeur on the page, it’ll show up as a live Twitter link to me, with a popup card, a link to my Twitter feed, and so on.

This is smart and forward-looking, and recognizes that namespace matters.  Most services today still have completely flat namespaces, where everyone gets a unique moniker.  (With the conspicuous exception of Facebook.)  You can make arguments about whether that is good or bad (and I suspect most serious computer geeks would argue that it’s a horrible idea), but it’s damned convenient to have that global handle for yourself.  It’s not at all unusual for people at high-tech meetings these days to put their @-tag on their name badges, since it’s a convenient shorthand for finding them later.

But of course, there are a hundred disjoint services out there, each of which has its own namespace.  So what is your “real” handle?  Twitter wants to make that your Twitter handle — your @-tag is the center of your universe, from which people can get to the rest of your social world.  They’ve recognized that the @-tag is one of their key bits of intellectual property, and they’re starting to leverage it.

(I’ll note that Google Buzz is already doing some fancy and smart things with their own @-tags, having picked the style up from Twitter.  But that only works within Buzz — the interesting thing here is that Twitter is trying to reach outside its own domain.)

I don’t know if they’ll succeed in this, but it’s a smart game to play, and I’d bet that we’ll see more services try to dive for this.  I’ll be very curious to see if they get any traction with it…

Buzz, Beta, and Can it Recover?

February 12, 2010

As most of the Internet is aware by now, Google released Buzz earlier this week.  If you have a Gmail account, you’ve probably encountered it already.  If not, the easiest summary is that it is much like your Facebook news feed, but it tries to infer your social network based on who you exchange email with.

The core of the idea is fairly clever, and not unreasonable.  Honestly, I rather like the service.  But a number of my friends have had reactions that range from “meh” to burning, fierce hatred, and I can’t say they’re wrong.

The thing is, for the first time in living memory, Google didn’t label this a “beta”.  Presumably that’s because it was well-tested and solid — and really, it is.  On the purely technical level, I haven’t encountered any bugs yet.  (Although I do think there are some design flaws — for example, catching up with new comments isn’t nearly as clear as it is in Wave.)

Where they ran into trouble, though, is in the usage model.  Buzz is doing a lot of stuff that is actually kind of dangerous, because they are building a social network through the back door.

Traditionally, a social network has started out with the network itself — a system that lets me say who my friends/contacts/whatever are — and has gradually layered functionality on top of that.  Today they add a news feed; tomorrow photo-sharing; the next week, multi-player games.  But it’s all in the context of the communities that you’ve established explicitly, so you feel in control of those communities.

Google’s kind of doing it the other way around.  They have all these properties, like Gmail and Picasa, that started life as separate projects.  Now, they’re trying to tie them together into a unified whole, with as little friction for the user as possible.  I’m sure that the mindset inside Google was, “Let’s make it as easy as possible for existing users to do more with their friends”.  Put that way, the idea sounds almost admirable.

Problem is, the users weren’t really consulted on this.  The usage of those separate systems can be pretty different, and people have long-standing expectations about them.  Worst of all, trying to infer a public social network based on private email — well, it can lead to leakage of links that people thought were private.  And that’s exactly what has happened, causing anything from embarrassment to anger to actual danger in a few cases.

Some folks are crying conspiracy, that Google hates privacy, and stuff like that; frankly, I think that violates the “never infer malice where incompetence will suffice” rule, and is certainly wrong.  Rather, they took a product that was really, truly a beta — good, but needing wider testing — and released it as if it was completely done.  It absolutely needed to be labeled a beta, and it absolutely needed to be strictly opt-in (and much more cautious about data exposure) for at least the first few months.  That would have slowed down its spread — and I suspect that somebody inside Google argued that they had to go fast, to compete with Facebook — but the result of not doing so was a huge misstep, and unusually bad PR.

But what’s done is done.  A lot of folks are pissed off, and a lot have turned the system off.  So I’m curious: what’s your reaction to the whole flap?  Do you like the system?  Are you angry about the privacy screwup?  And perhaps most interesting: can they redeem themselves in your eyes?  What mea culpas and changes would they have to make in order to make you give them a chance?

Trust and Impersonation in social networks

May 20, 2009

[A quick meta-note upfront: I haven’t been posting much lately, because I started a Real Nearly-Full-time Job a few weeks ago.  I’m continuing both CommYou and Art of Conversation, but my time is now much more limited.]

My friends mindways recently posted a link to an interesting but not surprising article about the growth of fraud in social networks.  The idea is quite simple: since Facebook verifies nothing but your email address, it is terribly easy to pretend to be someone else.

I’m not talking about fancy high-tech breaking of security here — it’s simply that, if I was to claim to be Bill Gates, how do you know that I’m not?  (In practice, a quick search turns up a bunch of them.)  More to the point, how do you know whether or not I’m your buddy Jim?  If I have Jim’s picture, and a little of the right biographical information on my profile, I sure look like Jim.  Do you vet your Facebook friends carefully, to see if they are who they say they are?  Would you even really have a way to do so, short of calling Jim and asking if he friended you on Facebook yesterday?

This is all the flipside of the “pseudonymity” question that comes up from time to time.  If you have a lot of persistent information online, that is all strongly linked together in a secure way, that counts as a fairly clear identity — perhaps not an identity linked back to the real world, but an identity.  OTOH, if all you have is a bunch of information about a real world identity, but no secure relationship between that and the online one, you don’t really have anything meaningful.  But most people are still used to thinking in terms of real names and faces, so the gut reaction is to believe the latter more than the former, even though it’s actually much easier to fake.

Curiously, I suspect that LiveJournal is actually less prone to this problem than Facebook is, precisely because it does not use your real name as your handle.  (And many/most people don’t use their picture for their icon.)  This preconditions people to be just a hair more suspicious: there isn’t the knee-jerk, “Oh, look — it’s Jim’s picture so it must be Jim.”  And on LJ, Who You Are is mostly determined by What You Say.  If you post a lot of things that only Jim would say, you’re probably Jim.  But just asserting your identity and friending people is more likely to make them suspicious: there is more burden of proof.

At least, that’s my guess.  I don’t know that anyone’s really studied the matter yet — it would be interesting to see what came out of such a study.

What do you think?  Have you found yourself more apt to simply friend someone on Facebook than on LJ, because they have the right user name and photo?  Do you think the rise of OpenID and other online-identity-linked mechanisms will gradually reduce this threat, by raising expectations of a deeper, richer and more consistent online profile?