A stream of consciousness from the brain of B.K. DeLong
« Tool for Managing LiveJournal Custom Friends Groups? | Main | Look at me, Here in DC »
February 3, 2008
It's about time for my annual bitch about the lack of robust, truly protected trust relationships on social networks. Google's announcement and release of the Open Social API has gotten me to thinking about this again and, truth be told, I'm not sure how much closer the OpenID project is to solving this problem.
In order for this to happen, grouping needs to be more explicit - Livejournal continues to do this very well with "Custom Friend Groups" with the exception that we're missing a good set of standard groups we can pull from. Those "groups" might be based on the core XFN values or the vocabulary terms of the FOAF "relationship" schema. At least if every (major) social network utilized one of these as a base, we could get closer to having initial uniformity across the Social Networks (SNs) we use.
[Continue for How Social Networks could be way, far better than they are today.]
Relationships and categories
Each person (or friend) would first be assigned a relationship based on how I know them i.e. friend, spouse, parent, sibling, cousin, in-law, colleague (work), social friend (through hobbies or interests)...the above base standards would work well for that.
Each friend would then be placed in a group or series of groups. Each group would be assigned a trust metric as well. They'd go in more general groups like family (spouse, child, sibling, parent, cousin, in-law), social (SCA, Harry Potter fandom, security community, Transhumanism/Futurist), work (clients, collegues, peers), educational (schoolmates from elementary through college) and other, more custom groups.
That's two levels of metrics - then many of the people in the above categories may be broken down into subgroups. There's always some folks in a large group we may trust more than others or small breakout groups we'd be working with on particular things.
Finally, there's the "bonuses" (yay D&D) that get applied due to various factors and attributes that I can't currently think of a category for. People who you've let into your life regarding a particular matter due to a shared experience or values. Ideally, these would also be standardized in some means whether it be mental health, raising children, physical health, politics, religious beliefs etc.
My trust could/would then be further informed by friends. If I trust one friend Alice n + 4 and trust another friend Bob only n + 2 but they were friends with each other then I'd use Alice's trust metric to at least help inform my own. I should, in theory, be able to set the degree to which a friend's trust metric of another friend will change my trust in that other friend. ;)
Unfortunately I am absolutely abysmal at math so this is going to have to be made easy by whatever system managing said social network information.
Anyway, what you then have is a final metric for each individual that should give you the ability to set a trust threshold on certain segments of information in order for people to read it. You may categorize a "post" on Livejournal or your blog based on your relationships, groups, subgroups/projects, and bonuses as well - automatically setting the metric for you and ideally reducing the amount of effort you have to put into constantly creating custom groups.
Personal information would also be classified - date of birth, where you were born, information about your family - specific data points that every social network wants access to but gives you very little granular control over protecting.
Information Protection and Encryption
On top of that, I believe to truly protect the privacy of each other we should add a level of encryption to everything. So on each social network, I'd be assigned a key and that key would be used to encrypt each point of data or post that has a privacy preference with the keys of those I've chosen to allow access to. Ideally, a project like OpenID could eventually be used to have a single key that transverses multiple OpenID-compatible networks.
Corporations are tackling this data classification and encryption scheme to protect information in the increased awareness of data loss through theft and accidental breaches. Once information becomes classified, it becomes far easier to apply security to it as not only do you know to what level it needs protecting but you can also setup means of knowing where it is and where it's going.
But here's the rub with regard to encryption - in order for this to happen on social networks , the user base of these social networks are going to have to push for it. This user base is already mostly comfortable sharing their information publicly. It's the rest of the huge population NOT on certain social networks and NOT sharing their information because of their lack of trust of these networks.
It is these people who would then become social network participants if a robust trust relationship system were in place, seamlessly allowing for them to assign metrics to both people, relationships, groups, projects and a threshold for privacy preferences. Alas.
The other problem, (obviously), is how most major corporations and large organizations are struggling themselves to create a Public Key Infrastructure (PKI) that works for them. How will social networks do it? Especially social networks that want to remain free to their user base, encouraging widespread adoption and use? That's where the potential sharing of said information with....advertisers and for-profit entities that want it.
Sharing Information with Advertisers
The discussion here can then branch off into a much larger conversation about privacy. More and more every day the government and corporate America continues to discover and implement new ways to get access to our personal information to sell to add to their bottom line.
Some don't care about the information itself except that they can get money for it. Others (like Amazon.com and the local supermarket) seek to utilize the information to better sell to the consumer - Amazon on a more individual basis and (I think and hope) the local supermarket to figure out what they need to keep in stock and purchase more of.
This is one of the reasons I like working where I do. Many organizations out there that put on events produce tradeshows where they try to get anyone to attend. This presents a large amount of prospects that "hopefully" will go to the booth of one of the vendors and "possibly" have the ability to be a buyer of the product they are selling. My company takes a different approach reaching out to only those who actively work in the industry we support and would most likely be buyers of the products participating vendors sell.
Before I stray too far from the point - I know if I'm going to be using an ad supported why not see ads for things I'd most likely consume?
Though I have to admit, I'm surprised Amazon / IMDB hasn't gone poking around my public "Must See" My Movies list or my votes to determine what movies I like and therefore use those preferences to feed Amazon ads. I mean, it already does that with purchases and gifts and anything I rate... but not really just "movies" as an instance as opposed to the DVD or VHS its on.
They do have some in-theatre information that I started transferring my IMDB votes from to but that got tiring fast. I did some of the same with Flixter/Facebook - further information I'd like to standardize. Use this information to push me new trailers for movies I want to see or might want to see. Create metrics to determine based on the genre and subject of movies I rate (in addition to the ratings themselves) and "learn" further about what movies I will like.
The Wrapup
So, to wrap this up (I've been writing this in and out of a few hours with breaks to clean house), let's start with further standardizing relationship groupings on social networks. I'm toying with going back to my LiveJournal groups and defining based on the categories mentioned above and then re-assigning various posts to them as a test. But I want to be able to do this on Facebook and Flickr and other sites that currently have limited, often binary means of denoting privacy preferences.
I want that private information encrypted so if there's a system glitch or criminal penetration of the service my information is protected and still only available to those it is keyed to.
I still don't want to have to pay for social networks but I'm willing to continue to deal with ads - however as long as you're sucking in all of my personal information, it's time to get much smarter about using it. I want to see ads personalized for me and - who knows - I may actually start clicking on things if they're actually something I may consider buying.
Between Tivo (television habits), Amazon (purchasing habits), Fandango, Netflix, IMDB (movie habits), supermarket cards (shopping habits), Google (online searching and emailing habits) there ain't much left to be secretive about - especially with a warrant.
The technology is there, the skills are all around us, we're still consumers but we still want our privacy. At least, those of us who choose to - I'm completely discounting those who want to be off the grid.
So what's the hold up?