Tales from the Net

Myspace has announced a set of child safety measures — and proposed them as industry-wide standards.  Scott Duke Harris reports in the San Jose Mercury News:

Under an agreement with attorneys general of 49 states, MySpace agreed to a host of policy changes, including changing the default setting to “private” for 16- and 17-year-old users. The move represents another departure from the open, free-wheeling culture that helped make MySpace a teen sensation. Another measure allows parents to submit children’s e-mail addresses to limit the potential for the creation of bogus profiles.

There’s general praise for the change in default settings and other improvements like making it easier to report obscene content and abusive behavior.  Criticism has centered on the address list.  First of all, it’s not really likely to help very much, since kids can (gasp!) easily create new email addresses on gmail or hotmail or a zillion other sites.  And as Parry Aftab of Wiredsafety.org points out in the article:

“There’s no system that will work for age verification without putting kids at risk,” she said. “Age verification requires that you have a database of kids and if you do, that database is available to hackers and anyone who can get into it.”

Paula Selis, a senior counsel in the consumer protection division of the Washington State Attorney General’s Office, describes it as a “good start” in a Seattle Post-Intelligencer article, and noting that one out of five kids has been solicited online adds “you are going to probably see it proliferate even more and (be) used for even more things.”

Andy Greenberg’s MySpace’s Shaky Safety Balance on Forbes.com talks about MySpace’s challenges in this situation, and does a good job both of presenting privacy advocate’s concerns as well as those government officials (such as the Texas attorney general, who refused to sign on) who argue the filtering system still hasn’t gone far enough because it doesn’t require age verification — and the challenges of technical reality:

Connecticut Attorney General Richard Blumenthal pushed MySpace to go further by creating a system that would automatically block users below the site’s minimum age of 14, and also prevent sexual predators from impersonating teens. “If we can put a man on the moon, we can do age and identity verification,” he said.

MySpace Chief Security Officer Hemanshu Nigam wasn’t so sure. “Today, there is no product that can prevent someone from pretending to be a different age than they really are,” he told reporters.

Marc Andreessen, originally of Mozilla/Netscape fame and now at Ning.com, has a lengthy blog post up on Porn, Ning, and the Internet.  The context here is suggestions that a large part of Ning’s traffic is from adult content; since Penthouse just spent $500 million acquiring a set of adult content-focused social networking sites including Adult Friend Finder, this wouldn’t be completely surprising.

Although he disputes the numbers (“adult topics and content are a relatively small percentage of the total activity on Ning”) and warns in general that reported numbers are often misleading (“I’m talking about Compete, Quantcast, Alexa, and even Comscore — none of their data maps in any way to numbers or patterns we see in our own server logs and activity metrics”),  Andreessen isn’t apologetic about the presence of porn and adult content on Ning.  In fact, he draws a hard line about why Ning doesn’t attempt to eliminate or restrict legal porn and adult content:

“In a nutshell, we aren’t pro-porn, but we are pro-freedom.”

However, he’s also very conscious that any social network platform like Ning needs to support the people who don’t want to deal with content that that find objectionable:

Social networks on Ning are segmented by definition — and networks can be configured to be totally self-contained, so you don’t see any content or users outside of your network.

You can use Ning safely for many purposes without ever being exposed to any potentially offensive content.

He ends by looking at how different internet companies have responded to porn, contrasting what he sees as the relatively balanced approach of some companies with the “much more activist — or harsher, depending on your point of view” approach of YouTube and Facebook:

I think both approaches — agnosticism and zero-tolerance — can work to build a business. We’re very comfortable with the approach we have chosen, because we find it comfortable to be on the side of relative openness and freedom, along with AOL, Yahoo, and Google.

Of course, it’s a lot easier to take this stance in the current climate where the 2257 regs (which have very onerous requirements on web sites which host content that could be considered adult) aren’t being actively enforced.  Still, it’s a strong statement that Andreessen is willing to be so explicit about Ning’s stance, rather than take the “let’s not talk about it” approach that AOL and Yahoo prefer.

Your friends are spread across a bunch of IM networks:
Yahoo, MSN, AOL, Google, etc.

but they are all on Facebook!

Even though it’s not the first of it’s kind, social.im’s alpha release last week of a chat/instant messaging client for Facebook has gotten some good coverage, including by Megan McCarthy on her Wired Blog and Michael Harrington in Techcrunch. This version’s Windows-only; a Mac version, and clients for other networks, are in the works.

I really like the promise of a ‘universal’ client that can connect with my Facebook, Myspace, tribe.net, etc. friends as well as my MSN, Yahoo, and AIM contacts. My initial reaction is that this initial release wouldn’t help me personally in terms of connectivity: I already use multi-protocol IM clients (Adium on the Mac, Trillian on Windows) so while my friends are indeed scattered across networks I can connect with all of them. And a lot of my friends don’t use Facebook because it’s so creepy from a privacy perspective — or just because they don’t like it; so the implication that people aren’t your friends (and maybe don’t even exist) if they’re not on Facebook is really troubling.

Still, it’s worth keeping an eye on, and once they get a Mac client, I’ll check it out …

In the aftermath of the Scoble/Facebook scraping brouhaha, DataPortability.org (“sharing is caring”) has announced that individuals from Google, Facebook, and Plaxo have joined their workgroup. There are big names involved: Brad Fitzpatrick is the inventor of LiveJournal and runs Google’s OpenSocial platform, and Benjamin Ling (who recently left Google) now runs Facebook’s platform group. Marshall Kirkpatrick describes as “a bombshell” on ReadWriteWeb and Duncan Riley is even more effusive (“this changes everything”) on TechCrunch; Dennis Howlett has a more skeptical view in his DataPortability.org workgroup is stillborn. It seems to me that while it’s hard to know what if anything the consortium will produce, it seems like at the least a pretty strong signal.

Of what? Well, in a blog post yesterday, workgroup chair Chris Saad said “The question is not if Robert Scoble had a right to get the data and the data of his friends – the question is why Facebook won’t let him.” I’m in the camp with a lot of others who think this takes the real trust issues off the table: Scoble didn’t have the right to the secondary uses of my data he took either according to his TOU or to the permissions I thought I had given him. So hopefully it’s not support of that.

And given how much heat the various companies are taking over privacy issues recently, Saad’s comments in the same post that the top privacy issue in social networks is that “Privacy Concerns are somewhat over-exaggerated” is a sign either of some major upcoming evolution in the group as more responsible businesses get involved — or more fiascos to come under the guise of “helping the user”, with increasing political and legal pressure to follow. Let’s keep fingers crossed for the former. Saad’s comment on Alec Saunders’ Privacy Manifesto for the Web 2.0 Era today is encouraging: Saunders manifesto is based on fair information practices, and characterizes Facebook has having done the right thing in the Scoble scrape-up and describe’s Plaxo’s behavior as “disappointing”; Saad descries the post as fantastic, and asks him to join the standards discussion.

Howlett brings up a very good point about the apparent US-centricity of the effort:

In all the discussions around this topic, I have yet to see cogent description about how this is going to work given the data privacy laws that exist around the world. Once again, we have a US centric view of the so-called flat earth that fails to recognize there are real laws with real force that will almost certainly kill this initiative stone dead.

As to how real the commitment by the various companies is, hard to know; we’ll have to see whether they make meaningful strides towards true openness, try to use it as a mechanism to lock users into their individual sites … or just continue to say the right things while not doing very much.

Update on January 15: an spiffy video by Michael Pick of Smashcut Media describes the problems DataPortability is trying to help with. Unfortunately the code they provide to embed the video on the page messes up the formatting; so please check it out on Marshall Kirkpatrick’s post on ReadWriteWeb, where a commenter usefully points out that despite the calls for participation, there isn’t any kind of “join” button on the DataPortability.org site.

Wikia, a for-profit company started by Jimmy Wales of Wikipedia fame, has gotten a lot of attention both for their open-source focus and for their plans for applying community effort to refine search results, an approach generally known as “social search”. The alpha version of Wikia search was released today, with loads of coverage including the New York Times and Business Week. From Wikia’s “about us” page:

We are aware that the quality of the search results is low.

Wikia’s search engine concept is that of trusted user feedback from a community of users acting together in an open, transparent, public way. Of course, before we start, we have no user feedback data. So the results are pretty bad. But we expect them to improve rapidly in coming weeks, so please bookmark the site and return often….

I believe that search is a fundamental part of the infrastructure of the Internet, and that it can and should therefore be done in an open, objective, accountable way. This site, which we have been working on for a long time now, represents the first draft of the future of search.

The initial experience is a combination of a social network (a photo, friends, a “whiteboard” a la Joomla’s chatbox or Facebook’s wall) and search results, very similar to Mahalo Social. From a quick experiment, Mahalo made it much easier for me as a user to contribute: I could just provide my favorite link in response to a search result, along with 100 characters about why I liked it, and a few tags. Wikia, by contrast, invited me to write a “mini-article” on the topic, and when I bring up the page it emphasizes that they want content and not just a link — and warns me four times not to spam or I will be blocked. How inviting. And yeah, the search results are pretty bad. Still, it’s early days yet; wouldn’t want to jump to any conclusions.

Initial reviews are a mixed bag — as somebody said on the Slashdot conversation, “don’t they understand the meaning of ‘alpha’?” Michael Arrington describes it as “a complete letdown” on TechCrunch (in a comment, he defends his views because he’s been using it for four whole days); MG Siegler focuses more on the social aspects and is “more intrigued then I would be.” Wales makes some good points in his responses (summarized nicely on Terrence Russell’s Wired blog) and his comments a week ago in a Slashdot thread, emphasizing that for approaches like social search (or Wikipedia) which rely on “wisdom of the crowds”, rushing to judgment before the crowds are there is ridiculously premature.

Wikia’s well-funded (including $10 million from Amazon), and despite the controversies there’s no question that Wikipedia showed Wales can build a community that can create generally-high-quality results, so we’ll certainly be seeing a lot more about this over the course of the year. In South Korea, Naver dominates the search market with a social search approach; a lot of people are skeptical that a new site can overcome Google’s huge advantages, but if Wikia can get to their goal of 5% market share they’ll be hugely successful. I’ll check back from time to time and perhaps even get up the nerve to do a mini article one of these days.

Judi Sohn’s got an good perspective on this week’s high-profile social networking kerfuffle:

This week’s blog storm centered around Robert Scoble. He temporarily lost his Facebook account because he got caught trying to scrape what he erroneously believed was “his” data into Plaxo using a script that violated Facebook’s terms of service….

It’s not about data portability. It’s about trust.

Well, it seems to me that it also is about data portability (Dare Obasanjo aka Carnage4Life and Nick Carr both have excellent posts on this). In addition to privacy concerns, one of the reasons I don’t put much data into Facebook or its applications is because I can’t take it with me. Visual Bookshelf, for example, is something that I’m continually tempted by; but if I’m going to go to the trouble of inputting all of my library, I want to be able to access it and display it from any site — and continue to use it if I decide to leave Facebook. Alas, social networking sites today generally regard the data as theirs, not their users; and so they don’t make it easy to move it.

Still, the trust aspects are paramount here, and there are at least a couple of interesting vectors:

• between Scoble and his friends. When I added him on Facebook, my intent was to give him access to my Facebook information and create a channel by which we could communicate; sure, he could proceed to scrape my information and use it for all kinds of purposes without asking me, but as Tara Hunt tweets “I’m appalled that someone can take my info 2 other networks w/o my permission. Rights belong 2 friends, too.” Did he violate our trust relationship by doing the scraping without asking for permission? He says he was just doing some testing and threw away the data; do I trust him not to have left any stray traces? Also, Scoble’s got a lot of friends, and Judi comments in her post that for the vast majority of them, he is the equivalent of a magazine publisher and the “friends” are his subscriber base/audience. These are very different connotations than we usually think of for friends; how does this affect the relationship?
• between Facebook and its users. Scoble used a script that he knows violated their rules of service; are they right to reinstate his account after his apology when his posts make clear that he still doesn’t think he really did anything wrong? On the other hand, Scoble points out that when there automated defenses flagged him as a potential security violation, they erased him without warning. Does this mean that all Facebook users are essentially living on sufferance?

Interesting issues. Shel Israel’s summary suggests that the overall impact is nil (although it helped the day go faster), and I tend to agree that it didn’t affect the reputations of Facebook (even though they looked good here), Plaxo (who’s already generally regarded as evil) or Scoble (who is known for doing stuff like this). Still, it’s a fascinating microcosm of a couple of the issues that are likely to come up again and again in the social networking space; so it’s well worth thinking about.

Update: Ed Felten’s It’s not about data ownership makes some very important points here and is well worth reading.

There’s a application called “Secret Crush” on Facebook whose entire purpose is to trick the user into installing the spyware/adware package Xango.  Fortinet’s description on Help Net Security has some excellent screenshots.  Facebook applications are likely to be fertile grounds for social engineering attacks because the invites usually come from your friends.  Not only that, when applications install they require you to give the application permission to all your information, and encourages to spam your friends with invitations.  After consenting to that, actions you’d typically think twice before doing  (like “download spyware now”) seem pretty natural.

Some of the comments in the Slashdot discussion imply that Facebook’s already deactivated the app; no word on how many users were affected.  The timing of this and the Facebook phishing attack Ryan Singel might just be coincidence; then again, it might be more evidence of a trend to increased spamming and scamming in the Facebook world.

Ryan Singel reports in Wired on a phishing scame is targeting Facebook users:

Some Facebook users checking their accounts Wednesday found odd postings of messages on their “wall” from one of their friends, saying: “lol i can’t believe these pics got posted…. it’s going to be BADDDD when her boyfriend sees these,” followed by what looks like a genuine Facebook link.

But the link leads to a fake Facebook login page hosted on a Chinese .cn domain. The fake page actually logs the victims into Facebook, but also keeps a copy of their user names and passwords.

(more…)

This thread is to collect and discuss the about the social networking world around the turn of the year. Sufficiently-interesting topics can be threads in their own right; collecting them here makes it a useful “state of the world” snapshot as well as reference list.

A few to start out with:

• Pew Internet’s Teens and Social Media; danah boyd’s got a nice summary. While not specifically focused on social networks, Pew’s Digital Footprints is also relevant: it reports that while 47% of internet users have checked to see what information is available about them online, 61% of adult users don’t take any steps to leave information about them online.
• Caroline McCarthy’s year-end review on CNet is a great quick summary and has excellent links to many of the top stories from the last year.
• Ari Melber’s About Facebook in The Nation (and the related threads TPM Cafe’s Table for One, including Facebook and the National Surveillance State and Facebook and the “New Privacy”) illustrate how questions of privacy and civil rights on social networks may be hitting the mainstream political scene.
• Michael Libermann’s Goodreads rising in the Seattle PI’s Book Patrol looks at the three different book-related social networks (although bizarrely doesn’t mention Visual Bookshelf on Facebook), and John Mello’s Social Networks and Baby Boomers: Bonanza or Bust? ticks off the various networks targeting boomers.showing how much action’s going on in even a “niche” category.
• Slashdot’s Social Network Aggregation, Killer app in 2008? links off to a post by Ujwall Tickoo but equally well could have referred to Marc Canter’s post announcing funding for People Aggregator.
• Penthouse buys a group of social networking sites, including adultfriendfinder, for $340 million.
• David Berkowitz notes that the debate about social ads on Facebook is far from over; when even marketers start finding advertising too intrusive, it’s a sign that things are out of whack.
• “Facebook fatigue” makes Business Week’s list of 10 predictions for 2008 and Graham Taylor asks Could 2008 be the year for a social network backlash? If you have a feeling you’ve seen these before, fatigue and backlash were also predicted for 2007).
• Pringo’s CEO Gary Hall makes some social networking predictions for 2008, written up by Eric B. on Social Media Method.

Welcome to the blog for Tales from the Net, a book-in-progress on social networks by Deborah Pierce and Jon Pincus.   We’ll be using this blog along with discussion boards on various sites, a wiki, and other social computing technologies to create, discuss, and edit large chunks of the book, as well as for topics that don’t make it into the final draft.

One of our main goals for the book is to demystify social networks, both to make them less scary to people who don’t have experience with them — and to empower people who are currently using them. A lot of media attention today focuses on the value of the big social networking sites (is Facebook really worth $15 billion?) or the downsides such as their potential for privacy invasion,  or patronizingly dismisses them as just the latest fad for teens and college students with too much time on their hands. We think that highlighting the stories of people and groups who are using social network sites as part of their day-to-day lives for staying in touch with old friends and meeting new ones, learning, personal growth, professional development, and political activism will help people better understand the transformative possibilities of this medium, and give a new lens for exploring the tough issues related to privacy and free speech.

We’ll be using this blog to collect information (reference lists, pointers to good stories to tell), to discuss news stories and some of the key issues, and to get feedback on what we’re writing about. There are lots of good blogs out there already focusing on social networking; we hope we’ll carve out our own niche.

Stay tuned!

Deborah and Jon

PS: All posts and comments on this blog are licensed under a Creative Commons “by” (aka “attribution”) license, allowing unlimited sharing and remixing for commercial and non-commercial purposes under the condition that it is attributed to the individual author and “Tales from the Net”.