I’ve thought a bit about the announcements that Facebook has just made to make the entire web ‘social’. GigaOm has a good writeup about that here.
On the surface their attempt at socializing the web fits a transformation of a current document centric web to a User-Centric web. Placing the user and his interactions at the center of the web is recommendable. I do have a major issue with the way this is now happening. Facebook positions itself at the heart of this transformation and wants to be your identity owner/provider. Their message ‘we want to make the web social’, is covering the part where they wish to own it all.
It’s wrong. It’s a threat to your privacy. And most of all it’s a threat to a truly open social web. Privacy can never be the sole responsibility of a company. Privacy is the responsibility of the user. A company can maintain privacy on behalf of a user, but this model becomes flakey as soon as the company has a purpose and business model other than the sole purpose of maintaining your privacy. In other words, as long as Facebook has a revenue model that exploits your profile and interactions, they disqualify for keeping your privacy. No matter what privacy settings they offer, there will NEVER be a privacy setting that protects the user from Facebook itself.
Privacy needs to be in the hands of the user. We do not need Facebook to become our moral defender of privacy. We need to turn that model upside down. The user should be in control, and Facebook should be allowed to obtain the user’s privacy settings from the user, and act accordingly.
Only one type of company should be trusted to act on behalf of the user when it comes to privacy. It needs to be a company that has only one purpose, and one business model, that is, serving the user and his privacy. Think of it as a bank that servers your identity and privacy, based upon rules set by you. If Facebook wants to personalize your experience, it will have to ask permission to the user, or his representative.
Current practice is exactly opposite. Because Facebook has a huge need (revenue) to ensure you share everything with everyone, they create privacy settings that are hard to comprehend, and more evil, they are now opt out by default, leaving the user confronted with a situation in which he needs to act to prevent things from being shared elsewhere. Just look at how they implement instant personalization:
And when you click through you will find the switch at the bottom. It’s turned on ‘for your convenience':
And finally, when you decide that you’d rather not share everything with the rest of the world and hit the switch, it gives you a warning pop up. Instead of directly confirming that your privacy is tightened again, it warns you. Psychologically pop ups suggest that you might be doing something stupid here.
I haven’t touched the ‘open’ part of their solution yet. Chris Messina has a good writeup about that here. Basically, open isn’t open. Open means everything will be directed to Facebook. As I said before, Facebook wants to encapsulate the entire web, making it one big pretty walled garden. But a walled garden isn’t an open web. And Facebook shouldn’t be the keeper of that garden. Open means that if I use a ‘like’ feature, I can send my ‘like’ to any destination I want. Not just to Facebook.
I think it is great that we are moving more and more towards a User-Centric web. I think it is great that companies like Facebook are developing and providing the technology to make this happen. But unless we switch the balance of power from companies like Facebook to the user, we will never reach that stage. Instead we will all be trapped in a pretty walled garden called Facebook.