Google's OpenSocial API initiative got a lot of buzz and hype last week which I thought was misguided. This week my friends Mark Cuban and Tim O'Reilly cut through the hype and get right to the heart of the matter with two excellent posts.
Mark Cuban's idea -
I thought that if you put the 2 together, enabling Yahoo to access the Facebook database of users within the current API constraints, Yahoo search and ad serving would improve considerably. Expand the Facebook database with an opt in option to add further personal data that could be used FROM WITHIN THE YAHOO WEBSITE, the results for Yahoo could be extraordinary. A Yahoo search box within Facebook , or a search from a Yahoo site that recognizes you are the owner of a Facebook profile and customizes the results according to information culled from your profile would be incredibly powerful.
Great idea Mark. Substitute Microsoft for Yahoo and that sounds like a great plan :-)
Tim O'Reilly's idea - Tim agrees that Mark has a good idea, but extends it further. Tim says;
We all want what Mark describes: a definitive place under our own control where we can describe who we are and what we care about so that applications can use that data to provide us with smarter services. We don't really care whether that repository is at Facebook or Google or any other site, or perhaps even if it's an aggregation of data from many places, but we do want it to become more useful to us. Not just more useful to the holder of our profile, but to every site we touch on the internet. Whichever company gets there first, to a truly open, user-empowering, internet-turbocharging social network platform, is going to be the net's next big winner.
I like both ideas. I also have two concerns - security and privacy.
Security - The first OpenSocial app on Plaxo was hacked within 45 minutes, and quickly taken down. We are talking about personal information here...names, pictures, contact information, friends lists, etc. Security is important here. It can't be just an afterthought.
Privacy - Tim O'Reilly nails it with this quote "What would it take for me, as a user, to have fine grained control over that authentication, so that some applications could see all of it, and some could see only a little? What kind of system would make it easy for me to manage the data that appears about me, to reduce duplication of effort, yet to give me a single credential that I could proffer as a proxy for "the real me"?"
My Friends List is not like an OPML of my RSS feeds. Everyone is talking about data portability of "my data". Some have used the example of being able to take their list of RSS feeds in an OPML file and export it to another RSS reader of their choice. They want to be able to do the same with their Friends List. Be careful. The concepts are similar but the data and implications are very different.
My RSS feeds are a list of my favorite blogs. I can show that list to anyone without exposing anything personal about those blog authors. My Friends List is different. It includes the names, pictures, activities, and contact info of my friends. Even if it were just the names and pictures, and even if they can't interact or access the friends, that is still too much personal information to expose anywhere without their permission.
What if? - OK, what if I am a friend of someone on MySpace. Cool, my name and picture appears on their friends list and anyone can see it. But what if this MySpace friend joins a PornSpace social network site and wants to import his friends list to that site? Now my name and picture shows up on his PornSpace page as a friend of his? Hey, wait a minute, I didn't agree to that. How do I control where my name and picture go once I become a friend of someone? Will there be guilt by association?
Social Networks are fun and will evolve to be even better. I like Mark and Tim's ideas. However, security and privacy must be considered in these new initiatives.