2008 March

I’ve Been Had

Today I spammed everyone on my AIM contact list with an invitation to join Facebook.
I was searching for co-workers on the social network, trying to
understand the more useful apps and plugins available to the average
user, when I inadvertently clicked yes and authorized Facebook to
contact everyone on my buddy list. I was distracted. I was
multitasking. I was not as careful as I should have been. And, with one
click, I was totally humiliated. My heart stopped for what seemed like
an entire minute while I prayed for a confirmation screen that never
came. I had misread a question, given my permission, and there was no
going back. I just sat there and wondered how I’d explain to my
colleagues, friends, peers, and, of course, the random total strangers
I’d added to my list along the way, that I was a complete idiot who’d
let Facebook hijack my buddy list to solicit memberships. I was one
more unsuspecting pawn in the Facebook battle for world domination.

There is value in centralizing data. So many of us are out
devouring and contributing to content-rich websites and social
networks, connecting with long-lost friends, classmates, colleagues.
We’re finally in a position to leverage ‘who we know’. Because, what
have we always heard? It’s not what you know, but who. And the who has
never been more accessible. We’re separated by miles and years and
jobs, but we’re just a click away thanks to networks like Facebook and MySpace and LinkedIn.
There are new social and professional network sites trying to get in on
the action every day. Today alone I had two colleagues try to get me to
join Plaxo Pulse.
I couldn’t help but wonder if they even knew they’d asked me to join.
Recently a friend’s contact list had been hijacked by Spock (I refuse
to link to this evil entity) to invite 2500 of his closest friends to
join him there. I felt better about my 125 AIM
messages when I compared it to 2500. But the sting was still there.As
more and more of these networks fight for our information, who’s going
to prove the front runner? Clearly he (or she) who owns the most data
wins. And Facebook’s shift from social network to ‘platform’ seems to
suggest they believe they can connect all of this decentralized data
floating around on the web and make it accessible via their single,
simple, interface. So while the data might be scattered amongst iTunes, flickr, Amazon,
AIM and other lesser known entities, a series of simple web
applications can integrate all of it into the Facebook platform. What’s
more, Facebook turns it around and provides an aggregate snapshot of
your contacts’ data. It’s really a win-win. Or is it? Recently Facebook has taken some heat
for invasive marketing tactics via it’s Beacon system. Beacon takes
data from external websites and makes it available to your contact list
with the intention of promoting product through passive endorsements.
If you bought something on Amazon, and you’re my friend, the thinking
is I might be interested in that product as well. Because you, my
friend, are just so darn influential in my life. The problem with this
theory is you might be my friend, but I might not want you to know I
just bought zit cream from my favorite zit cream website. Its an
invasion of privacy and Facebook is still working that one out. Beyond
that though, Facebook is starting to look like the Borg. Resistance is
clearly futile. If you want to be in touch with anyone in this 21st
century the easiest and most practical way to do it is through the
web/Facebook, and peer pressure is unavoidable. Come on, everybody’s
doing it. There’s a suggestion of youthful trendiness that we all fall
victim to. Once you make the leap, though, you’ve sold your soul to the
internet’s equivalent of the devil. Because once you create that
profile, there’s (allegedly) no getting that data back. You can’t quit
Facebook. Not really, anyway.

What does it all mean? To those of us working in technology? And
those of us consuming it? These are tough questions to answer. But it
seems clear that one of the most valuable assets of our time is our
data. Our information. Yet, in spite of that reality, our data is
clouded by a mix of fear (identity theft) and ignorance (my dog’s name
is my password!). What’s our responsibility as creators of content, and
websites and systems and as participants of networks? What is our
contribution? How can we influence how all of this unfolds? I believe
that how we interact with, and collect data from users, needs to
reflect truth and authenticity. Sure, we publish privacy statements and
terms of use policies. We won’t store data or we won’t sell it or give
it away or use it without permission. But it’s more than that. We need
to help users understand what it is they’re providing and how easy it
is to exploit. We need to give them an opportunity to change their
minds, or confirm their understanding of an interaction. In my case for
instance, a simple ‘confirmation’ page would have saved me the
embarrassment of having to apologize to 125 friends and colleagues for
that unwanted IM spam. Facebook knew exactly what it was doing when it
required only a single click to access my list. I think it’s a cheap
tactic in the race for the most data. The downside is, I’m no longer as
enthusiastic about the value of Facebook as a networking tool. I see it
as suspect now. The upside is I’ll be more careful when I use little
web apps like that. But our standards for collecting this data aren’t
set in stone. We’ve only just begun, so what more can we do to extend
real value for the user, and tap into the thing that’s most valuable to
our clients? We can consider a user’s understanding of their valuable
points of data as part of our commitment to simple, usable web
experiences. We should see how we collect data as part of usability. We
should only collect what is absolutely critical to the experience and
we should make certain the user understands the cost of sharing their
data and the return on their investment of trust. Finally, we need to
keep our promises. Sharing data should have some reward for the user,
in terms of access to content, or connections or something of value. We
should treat our user’s data as sacred. If we expect to foster a
long-term customer relationship, we need to respect what we know about
a user and what we continue to discover. It’s common sense, really.

Any
of us, even presumed ‘experts’ can fall victim to guerilla data
collection tactics. It’s embarrassing. It’s painful. It’s avoidable.
The difference, though, is we have the ability to influence change. We
have the option of applying some code of conduct to how websites
interact with users. We’re not done. We’ve only just begun. Facebook
doesn’t get to decide. We do.

[cross-posted at the MIMA blog]