This past week Facebook made a load of changes to how it works at their F8 conference. Very little of it is new or innovative, other than it is taking the ideas mainstream (and the ideas are poorly executed in usual Facebook style).
There are a lot of things that are problematic and troublesome. This is not directly about "the world is becoming openly social", which is a tiresome untrue meme if you talk to most people who are outside the tech industry. There is no quicker sanity check on this than watching use and more importantly non-use (more importantly why it is not used) of social tools inside the firewall of organizations. Being openly social is something that is very counter to most human cultures as we are not wired nor raised that way.
This is a listing of the personal problems Facebook has put me through. None of them were my decision or had my approval. (Also an overheard conversation included here toward the end that was pure gold.)
Reason I Use Facebook
First off, I have used Facebook to interact and keep up with friends and contacts I have met across life's travels. People are really amazing and Facebook is one place many of those who are not in design or technical industries hang out (exactly like AOL was in the 90s). Many of these people I have no idea of their views, beliefs or values, I am just connecting to them because I knew them at one point in life and I valued that relationship then for some large or small reason.
I joined Facebook just as it was opened to the non-academic crowd for the sole reason of connecting with and following the social software researchers who were (and still are much more) on top of what is good, missing, mis-understood, and wrong (still) in these social tools than most of the developers, designers, owners of the services, and pundits/gurus in this genre of tools and services. Ironically, these researchers really are not using Facebook as much and more ironically are finding, using Facebook data, that Facebook claims that people want op it to open up is far from the case (roughly 16,000 to 60,000 of Facebook's 400 million plus users requested things to be more open).
Opening Profile and Getting it Horribly Wrong
The first instance I ran into Facebook's mis-steps was with their Profile. Facebook turned all of the statements about one's self into links and made all of those open to the world. All of these statements had permissions closed to what I was comfortable with prior.
The big problem, as it always does with name and subject resolution is disambiguation (what is meant by a word, e.g. what is "apple", etc.). Any Profile likes or interests that I did not want to use the Facebook auto link would be removed from my profile (what challenged developer thought that one up?). The first look at my Facebook account it asked for me to give a blanket approval, to approve the creation of links one by one, or do it later. With 70 some links and I could see a few were not right and I was in Facebook check on a work contact so I was coming back later. I came back later that same day and still was focussing on work and Facebook asked the same and I replied the same.
The following day I looked at Facebook with a little time (10 minutes or so) and opened the select the links I want to make. The screen allowed me to approve all links with a check box and save. There was no, cancel option or come back later. I realized a couple of the links were horribly wrong (disambiguation problems) and I needed to sort out how to get them right. Since there was no cancel button I closed the page in the browser. I came when I had more time and found Facebook approved all of the links, even the wrong ones with out my permission.
The problems with this are it linked one of my favorite movies Blue of the French three colors trilogy to a porn movie (there are 3 it seems with this same name, according to various web searches). It created a fake page for my company, keep in mind Facebook doesn't care about pointing to actual pages or canonical (the source) source on the web (the web matters little to Facebook just like it did to AOL in the 90s). I don't nor will not have access to edit that fake Facebook page it created. The company I worked for prior also had a fake representation made up in Facebook and aggregated people from the four different companies with a similar name that none of these companies can fix either.
Cleaning Up Profile is Intentionally Hard
The only option to clean up the porn link and the remove other things while trying to sort out how to fix my own company link. In trying to remove the porn link first I found removing the link on the profile page by hiding it and then deleting it does nothing. The link was still there when I refreshed my profile page (as expected Facebook has either has no clue what it is doing or makes things intentionally difficult, and it is really hard to find designers and developers this incompetent). I went through my privacy pages and stumbled on something related and removed that, which did nothing to the profile link. An hour later I found a third place (I have no clue where) that had a remove option for that link, which finally worked for it and the other links I was removing.
At this time I also was locking down permissions by making all Facebook shared interactions with the service only available to 'Friends'. This lead to going through screen after screen and repeating the same changes for the same apps and services, because Facebook management is made intentionally hard and cumbersome. The global changes are not global, there are many more steps to getting things and keeping things locked down.
Why Tighten Permissions?
I had most of my Facebook permissions set to 'Friend of Friend' as I am rather cautious about what I share into the service. In February and early March I sat through 3 demonstrations from different marketers showing the great trove of personal data that Facebook offers up when you use Facebook Connect as a login to your site or service. But, not only is it the person's own personal information they are getting access to but anybody's information who has 'Friend of Friend' selected, as companies, advertisers, marketers, and any organization is your 'Friend' right? Many in the room realized how egregious this is, as most mainstream people (non-tech industry) using Facebook do not think about how widely this information is being shared and it is far from their intention to share the information with marketing or ad services (in many instances talking with mainstream people they are appalled and would not share that info or change what they say had they any idea). All three people demoing Facebook Connect clearly understood the ease to do evil with what was being surfaced and blatantly said "we will never do anything like that as we are an ethical marketing firm" (nice sentiment, but most in the room were not worried about these people presenting).
Where it became really clear to all in the room at one demo, was when the marketing analyst brought in live data they had collected (all three of the demonstrations did this, "to show the power" of their tools and ideas). The marketer selected one of the guys whose information was just added to their database and looked at all of the info that was shared. We all saw is name, his work, his home address, his phone numbers, he was married, his wife's name, and link to his profile, and many many other pieces of data, including people he friended. The marketer used the profile link to show this guy's page, which showed he had not linked to his wife's profile if she had one. But, it was clear most of his current interactions on Facebook were all with gay men and attending various "coming out parties". The marketer became very nervous and uttered, "I guess this guy's wife doesn't know he is gay". This statement may be completely incorrect, but having only partial context (perhaps not knowing his brother died of AIDS and he actively raises money for that community, while not being gay himself, or many other possibilities, even he is actually a gay man).
Transference of Reputation
The point is most of what is shared in Facebook is done with the understanding it is more of a closed private system than it is. But, also our friends and connections information is also part of who we are perceived to be. If we are connected to someone who turns out to be a member of the Klu Klux Klan, there is very quickly questions and assumptions of the similar is likely for us.
Facebook also opened their open social graph, which shows that people are connected and people are connected to things. There is no context in the social graph other than connections. These connections are built by friending someone or using Facebook's new Like feature. [Adina has a really good post on this The problem with Facebook Like]. The problem with an open social graph is it lacks context, it just shows who is connected to who or what. This is a problem with the unknown connections like Klan member, but also it opens up great trove of understanding for people to social engineer information and relationships to gain false trust for crimes or other deviant reasons.
I have stated over the years "The social graph is dangerous without context and much more dangerous w/ partial context", which is this social graph with no context is the just raw connections can be harvested and used in ways people never dreamed of when they made these connections. There is some trust that the organizations capturing this information will look out for us, but in this case Facebook is openly selling access to just that information. Facebook doesn't have your back, it has their own wallet. But, these partial context issues like the friend from years ago who is a Klan member and the usual human transference of reputation is more problematic and dangerous. The claims (assertions) people make about who and what they are connected to need context and it needs to be as robust as possible.
A Facebook "Like" has very little value to the person who clicked that link and has very little value to their connections. If you "Like" a restaurant, is it because of the food? Staff? Close to your work? The pies? Not knowing any of this makes that Like rather pointless. Services like Yelp allow for reviews and ratings. That level of context can start to have more value. But, solid value is when you get down to the level of Foodspotting, which gets to the real context of why somebody likes something, such as what at Shake Shack you liked. The ambiguity is removed and the understanding is clear. With this kind of information Facebook's Like is pointless and meaningless to people, but it does have big value to Facebook as it creates inbound links for Facebook.
External Opt-ins and Data Retention
Saturday I spent a few hours trying to clean-up Facebook while deciding to close my account there or if I could close access to account the few hundred people I am connected to there and make it harder to keep up with them there. After doing this I went to the Washington Post to check to see what activity was going on that had contacts on Twitter commenting about police activity in Washington, DC. The Washington Post greeted me with a large Facebook widget showing my Facebook connections and articles they like in the Post. This was something that the Washington Post opted me into with out my permission. Knowing that Facebook opened data retention from their partners from requiring them from having to dump data they get about its members after 24 hours to allowing them to keep it as long as they wish, also combined with Facebook opening access to parties open access to this new public information Facebook created with out asking permission (and making wrong open statements about the information in my profile).
Facebook is completely overstepping the bounds of anything right and decent by allowing opt-ins without permission from members. But, the Washington Post showed they have little understanding of the reality by opting me in with out my permission as well. All of the valued relationship I have with the Washington Post over the years, particularly after advising Post employees in my workshops more directly about social interactions, the fragility in keeping good relations, and getting social interactions right showed they have very little grasp.
Where to Now?
I still have not closed my Facebook account as it is the people I care about deeply who are there. But, it is those same people who are also realizing they are being thrown under the heap thanks to Facebook.
The other day Marshall Kirkpatrick asked me for comments on Facebook's steps and the need for a more distributed social network and that more distributed open network is where I think the next step will be. I think there will some really interesting discussions at the Internet Identity Workshop next month along these lines as many in the identity community are amazed at the lack of basic understanding of identity, privacy, and related social interactions Facebook has shown in these latest steps. Who widely people in the mainstream grasp what has been done to them (stereotypically people in the United States of America give very little concern to privacy, as they expect it is there and do not think it would be eroded or even the consequences of that). The distributed model where your identity and profile is housed in a place where people have deep trust and access to that can be accessed through permissions (think along the lines of Mine.org) is where we are headed next. When your provider is not as trustworthy as you wished or were lead to believe you can move to another and keep the relationships across all the services you already have as well as the permissions for who has access to what that you are comfortable with get moved as well.
Who Feels this Pain?
I don't know how widely this pain is felt, but one conversation I overheard gave me insight into one place where this pain is felt.
This weekend I was leaving an activity as the next group was arriving. One guy was particularly irritated and was complaining about Facebook and his profile links:
Irritated guy: I just went to check my Facebook account to see if my friend was coming this morning and I found my profile page was now all links. I didn't give them permission to do that.
Guy's friend: Mine did too, but I didn't have much there, just school and work.
Irritated guy: It is the work link they screwed up. The linked law firm Facebook now claims I worked at is not where I worked, but it is some ambulance chaser firm with a similar name. That is the last thing I need is that crappy of a reputation. I did not give Facebook permission to do that. They rather need to get to my permission by law, as it is they are making up lies about me.
Guy's friend: You moved on from your old firm? Where are you now?
Irritated guy: I am now a lawyer for the Federal Trade Commission. I left my old info as current as I haven't had time to change it.
- What's there to like? Facebook Likes and social object relations by Adrian Chan
- Privacy, Consent and Collaboration by Oliver Marks on ZDNet
- The teachings of failure by Doc Searls
- How to Delete Facebook Applications (and Why You Should) by Sarah Perez at Read Write Web