It's Rishi

Ever since Facebook launched their Beacon program, there’s been a non-stop attack on it from journalists, bloggers, and even advocacy organizations like MoveOn.org. Facebook has been accused of invading privacy so much so that some are actually describing the publishing of Mark Zuckerberg’s college application and personal journal entries by 02138 Magazine as Zuckerberg getting a taste of his own medicine.

The fact is, the Beacon is designed to be an opt-in feature for Facebook users. If a user does not want to publish an event him/her triggered on a third-party website, they need not do so. In other words, activity is only published to a user’s feed if that user approves. Moreover, if users are sure they never want to do so, they can permanently opt-out.

It turns out, though, that Facebook is being a bit sneaky though in how the Beacon system is implemented. According to Stefan Berteau at CA, even if a user on a third-party site – via a Beacon – declines to publish an event to their Facebook feed, information about the event is still sent over to Facebook. Whether they are doing something with this info is unknown. My guess is it is being recorded. Gathering as much information about what a user’s recent activity is may well help predict/define what their near-term future intentions are. Such info is critical for ad targeting.

What is distinct about this privacy blowup at Facebook compared to the News Feed privacy blowup back in September ‘06 is that the Beacon is a much less visible feature. Beacons launched a month ago and a very small minority of users have actually seen it. Both because only a small percentage of Facebook users have used third-party websites that employ the beacon and because, as a result, few beacon-sourced news feed items have been created (and my guess is that even for those feed items that have been published, few users users viewing the feed clicked on it and realized it was an external link). As a result of this slow uptake, most users haven’t heard of the Beacons and those that do haven’t been personally affected by it. Those that have been prompted by a Beacon were pleased to see that it was opt-in: the user had full control.

The “spying” issue brought up by Stefan is simply not going to be important to the vast majority of users. Unless you’re a techie, you’re not even going to understand the technical details. More importantly, the truth is that most users have simply become used to the idea that companies are spying on them or, worse yet, simply do not care one iota. Heck, some percentage of users probably think such spying may be a good thing because it could mean that companies can offer them better service. Let’s not forget the insanely high number of people who have Google and Yahoo toolbars installed on their browser. The primary purpose of most browser toolbars and plugins is to track your browsing activity. Oh and don’t even get me started on the Doubleclick’s of the world. I cringe to think of how many tracking cookies from all the different ad networks that are sitting in my Firefox right now.

Ask a random sample of 10 your Facebook friends questions about privacy, beacons, tracking cookies, etc. The replies you’ll get back will be filled with ignorance and indifference. I’m not saying this is a good thing, but it’s a reality. This passive attitude towards personal privacy isn’t new either. Traditional companies have been tracking individual consumer behavior for decades and only until a person is directly inconvenienced or violated do they actually start to take interest in their privacy.

Perhaps Facebook’s mistake is not so much the Beacon program itself as their recent marketing blitz over SocialAds, which is all about whoring out user profile data to advertisers. It’s a concept that everyone new was coming but to a lot of people I’ve talked to, including myself, it does feel a bit like they’re exploiting the user. Yet, Google attaches ads to everything from your searches to your email and nobody cries foul. Maybe Facebook just needs to adopt a “Do No Evil” mantra to divert attention from their secret goal of beating out Google in becoming the Big Brother of the Web. =)

It came to my attention here and on TechCrunch a couple of hours ago that there has been a few changes on Facebook tonight. In addition to a minor makeover to the look of certain pages on the site, the two changes with the biggest potential impact are the News Feed and the Mini-Feed.

News Feed highlights what’s happening in your social circles on Facebook. It updates a personalized list of news stories throughout the day, so you’ll know when Mark adds Britney Spears to his Favorites or when your crush is single again. Now, whenever you log in, you’ll get the latest headlines generated by the activity of your friends and social groups.

Mini-Feed is a new part of the profile that shows all the latest stuff someone has added on Facebook. Mini-Feed is similar, except that it centers around one person. Each person’s Mini-Feed shows what has changed recently in their profile and what content (notes, photos, etc.) they’ve added.

So basically a record of each action you perform on Facebook and each profile update you make is logged and listed both on your profile and is streamed to all the people in your network. Of course, the intent of this feature is to help keep your friends updated with happenings in your life. So this is a great feature right? Here are some reactions from Facebook users on a big message board called OT that I’m on:

“this is horrible. i might just kill my account now”
“this is complete bullshit.”
“god damn these are stalker tools at its finest”
“good thing i graduated so i don’t use this anymore.”
“the Newsfeed business is the worst thing they could’ve possibly done to the site”

and my favorite comment which humorously points out how the feed system can be manipulated…

“I just got into a relationship, got engaged, got complicated, got married and now I’m single”

The facelifted UI also got negative reactions mainly because people think it’s too cluttered. One guy likened the messy design to MySpace, another wishes for a return to the simple purity of Facebook of 3 years ago, and another was worried about getting epileptic seizures from the new layout. =)

One aspect I think people overlooked is that you can delete any item from your Mini Feed that you don’t want people who view your profile to be alerted about. Facebook needs to emphasize this point. Currently there’s a tiny blue ‘x’ to the right of each item in your Mini Feed and I think people are not noticing it. However it’s not clear if deleting an item from your Mini Feed also deletes it from being published to News Feeds of people in your network.

We all know that a big reason why social networks are big is because people enjoy seeing what’s going on in other people’s lives. But there’s a big difference between looking and stalking. The News Feed feature turns social networking into social stalking and that’s just creepy. I think Facebook really needs to re-evaluate how the system works. Facebook has recently caught criticism from users who feel like the company just keeps stuffing the site with unnecessary additions (i.e. workplace communities) that spoil what once was an authentic experience. One of the best comments in the discussion was one user’s crude, yet truthful, opinion of what Facebook once was and what it’s now becoming.

The beauty of Facebook is to find people in your classes to borrow a book or locate a local college slut for a hookup. It’s now marketed to those who play wall tag with each other and try to make it a more sophisticated MySpace.

If you have a Facebook account, check out the changes for yourself.

UPDATE: Fred Stutzman had some great comments on this topic. Click here.

UPDATE 2: Just saying thanks to Margaret Kane at CNET News, Jack Schofield at the Guardian in the UK and Oliver Ryan at CNNMoney.com for quoting this post of mine in their news coverage of this story.

UPDATE 3: A reader asked me to comment on what I thought Facebook could have done differently. Here is an excerpt from a comment that I made on Fred Stutzman’s blog:

I feel like the biggest mistake Facebook made was in the rollout of the feed system. They should have given users a heads-up about the feature in advance of the launch and explained to users the benefit of the feed system and the related privacy issues (and include steps on how to control privacy). From all the comments I’ve read, I think people are negative because they logged into Facebook this morning and saw that a detailed log of their actions on the site is now in the public domain.

If I put my cell phone # on my profile, that is my choice and I do so knowing that it will be publicly available. Facebook did not give users the choice to publish their action history via the News Feed. They just went ahead and did it. Sure, the user can go back and delete individual items from their feed but it’s not hard to see why tons of Facebook users are having knee-jerk reactions of anger due to privacy invasion feelings. Users felt like they’ve lost full control of their Facebook identity.

As many of you know, I’ve spent the past couple of years in the comparison shopping space. In that time, I’ve spent endless hours contemplating solutions to help consumers be more successful shoppers on the Web. One idea that kept recurring in my mind was a site where you could browse and search what other people have bought. For example, you could search “digital camera” and instantly see which cameras were the most popular today, this week, this month, etc. What the product is, how much was paid, and where was it bought. Of course the list of cameras purchased in any given day woudl be massive and even for a given camera, the list of merchants and prices woudl be massive as well. However, the key thing is that you would see purchasing trends. The data would indicate which products are hot and where the hot deals are.

The problem with such a site is how to get the data? There really is no feasible way. At best you could do an FF extension that could intelligently scrape a purchase confirmation page on a merchant’s website. The problem with this is that there’s no incentive for the consumer to do this. I as a consumer probably would not mind this data to be recorded if it was done anonymously and both the collection process and resulting data set was very transparent. However, it’s unlikely I would actually spend even a couple minutes to make sure the data was recorded accurately. Moreover, FF represents a small minority of Web users and the % who would have this extension installed would be small (there’s no real immediate motivation for a user to install it).

Well, this all changes with Google Checkout. By acting as a payment provider for merchants who use Checkout, Google can record the details of each transaction: what was bought, what price (possibly even what coupons were used?), etc. Voila! You have the data you need for the tool I described above. And because the data is taken straight from the horse’s (merchant’s) mouth, you do not rely on scraping or the user which are flaky. Beyond just the community value, there is also value for the user in that he/she could log-in and see all the purchases they’ve made online and possibly view receipts, rebates, etc. in one spot.

Sound cool? I think so…

Whether you realize it or not, the interactions you have with other people and businesses are a big part of your identity. Every interaction you have says something about who you are. If you kept a journal that summarized every interaction you’ve ever had, that journal would paint an accurate picture of yourself.

Of course, no one actually writes down summaries of interactions they have. However, while you may not actually write anything down, you are likely to record in your head a little memory of the experience i.e. “My barber John kicks ass. Another bitchin’ haircut!” or “WTF, the drive-thru guy seriously doesn’t understand a word of English. I’m never going back! “. Those memories of your experiences usually just remain in your own head. You might share your experiences with friends and family, but that’s about it. As a result, you, and maybe your friends, know that your barber John rocks, but at the same time there’s many more people in your community that are either in search of a good barber or are walking into John’s barber shop with no clue of what to expect.

So what’s a solution? The (now) obvious answer is to rely on members of the community to publicly share their experiences with one another. I can read about the experiences of others who have interacted with this person/business. Generally speaking, this additional information will help me determine whether I want to interact with this person/business.

Okay, so blah blah, what I just described is simply the concept of what we now know to be a community feedback system. Far and away the largest, most mainstream feedback system belongs to eBay. eBay’s feedback system works well because it is a very tight system. Each user on the system is required to validate their identity and each feedback entry is linked to an eBay transaction. Because of these two requirements, it’s relatively difficult to game their system.

People networking sites from social networking sites like Friendster and MySpace to career networking sites like LinkedIn are founded on this principle of exposing one’s identity and reputation for a possible gain. Users of LinkedIn are encouraged to thoroughly describe their backgrounds and solicit endorsements from past colleagues to bolster their professional reputations. The same thing happens on social networking sites. In both cases, your profile page is your reputation so users naturally want to pad it as much as they can. The problem with these sites is that they are much easier to game. There is no concept of identity verification and one can easily fabricate a profile. Nevertheless, networking sites continue to grow rapidly in popularity and will likely be a force to be reckoned with in the identity/reputation space.

For quite some time I’ve been thinking about the implications of reputation on both personal and business interactions in the Internet of the future. One of the most intriguing topics around reputation is privacy. Of course, I want to use my reputation when it can help me get what I want. For example, I’m generally protective of my credit history, but when applying for a loan, I’m more than happy to divulge this information to help me obtain better loan terms. Similarly, even as recently as a decade ago, one’s resume was considered to be a fairly private document. Nowdays, many people make their resumes publicly accessible on the Web in hopes of landing an even better career opportunity.

Right now, fragments of your reputation are spread all across the Internet on different sites. It’s all but impossible for anyone to assemble those fragments to get a complete view. Let’s say you have a a couple eBay transactions gone bad. What if a bank saw that and rejected your loan application because of it? Sounds kinda farfetched but is it really that crazy? After all, your eBay feedback represents real transactions that you were involved in. So, really, we want to utilize our good reputation when it will help us but mask any negative reputation when it might hurt us.

And that is precisely where things get complicated. First of all, how should reputation be applied? What are its boundaries? How can your reputation in one space be applied to another space? Does it make sense? Who gets to decide? As it is now, most reputation systems are closed systems so for now there is no cross referencing. I can have a horrible reputation on a dating site and no one outside of that dating site will ever know.

One site that’s trying to knock down those boundaries is RapLeaf. They’ve built an open community system. Any site in which the users exchange feedback can integrate with RapLeaf. Initially, they’re focusing their attention on the classifieds and bartering space. Basically every site but eBay. There certainly is value in bringing together reputations from many different communities into a single place. If your reputation is stellar across all the communities, then this is a big win for you. However, if you have some holes in your reputation, now they will be visible across many communities. RapLeaf’s mantra is “it’s more profitable to be ethical”. While this mantra makes sense in the context of transactions, the idea of being “ethical” does not always make sense in other contexts.

The bottom line is that within every community, no matter how small or large, that we belong to, we have a reputation. The Internet is slowly revolutionizing how that reputation can be used for and against us.

Hmm.. this post didn’t really come together as much as I wanted too. There’s still some more points that I wanted to cover like universal/portable identities but this post is already too long and disjointed so I’ll stop now…