We all know that where the data is, the money is. What ownCloud is doing, then, is sort of surprising. The project (and the company behind it) is all about helping users and companies keep control of their data. That means giving up control of the software, and hoping that money comes from services and support.

Understanding ownCloud

Like Dropbox and others, ownCloud has a client piece that synchronizes data from your desktop to a server. The big difference here is that ownCloud also provides a server that's free software (under the Affero GPL), and ownCloud isn't in the business of storing user data at all.

Instead, it's up to third-party providers to offer hosting, or for companies to provide hosting for their employees.

The project provides a server and clients for Windows, Mac OS X, Linux, Android and (eventually) iOS. You can also access ownCloud via the Web to get to files and use its collaboration features.

What's New in Milestone 4?

The project is growing by leaps and bounds. The fourth milestone release includes versioning, encryption and drag-and-drop uploading from the Web client. Versioning and encryption are a big deal for business users, and something that the competition has had for a while.

The v4 release also includes useful collaboration features. ownCloud now has a tasks application, and this release also improves its calendaring features. For individuals, the release includes improvements to the gallery features, so users can not only sync photos - they can also create a Web-based gallery via ownCloud.

Perhaps most importantly, this release includes publicly defined APIs - stabilizing the server side should make it much easier for third-party developers to create applications against ownCloud. Now the company just needs a compelling developer program.

Finally, the Milestone 4 release offers migration and backup features so organizations that are deploying ownCloud can develop an effective strategy for their users' backups.

Not Quite There Yet

The ownCloud folks are making impressive progress, but there's still a few rough edges around the project. If you ask the ownCloud folks, they'll say that they're not a Dropbox competitor. But Dropbox is still the gold standard for users when it comes to easy file sharing and syncing.

The lack of a LAN sync option, which Dropbox has had for years, is a problem. The ownCloud clients are also a bit primitive compared to Dropbox and not entirely stable. Testing the ownCloud client on Linux, the client kept shutting down due to a segfault.

The opportunity is large, and ownCloud is something the market really needs - an open-source set of tools that allow users and companies to keep full control of their data and the ability to modify and extend the tools as needed. The question now is whether the ownCloud team can build a sufficient community and do the necessary development to get ownCloud to the stage where it's ready for adoption.

Here's hoping.

A paper published last month in the journal PLoS One shows how researchers were able to learn about nonmembers of social networks based on information their friends posted online. Using machine-learning models, German researchers Emöke-Ágnes Horvát, Michael Hanselmann, Fred A. Hamprecht and Katharina A. Zweig were able to predict whether two nonmembers of a social network knew each other based on information shared by a mutual contact on the network.

In other words, even if you’re one of those holdouts who refuses to join Facebook and other social networks due to privacy concerns, the data your friends share is enough to let anyone with access to that data draw conclusions about you. And while the initial research in the area focuses on the relatively innocuous facts surrounding who you do and don't know, it will become increasingly easier to draw profiles of people based on what their contacts share on Facebook.

“To our knowledge these are the first results on the potential of social network platforms to infer relationships between non-members,” the researchers wrote. They also noted that the relationships were predicted with an “astonishing” rate of accuracy simply by scanning readily available information on Facebook for students at five U.S. universities. 

And the authors were working only with publicly available information. Social networks may have a vast trove of data about members that isn't generally available. “Social network platform operators typically have access to much more detailed information on nodes such as the age, sex and (approximate) location of their members; and if they provide messaging services they can infer the quality of an acquaintance from its communication pattern,” they wrote. 

Researchers have long known that studying real-world social networks is a good way to predict individual behavior. We've previously reported on how online social networks can be used to predict a person’s risk of contracting a sexually transmitted disease. But the latest findings suggest a path toward an all-encompassing model that may one day be able to predict much more than who you know.

“Ultimately,” the study concludes, “it evokes the question of the ownership and exploitation of relational data in the information age.”

Photo courtesy of Shutterstock.

Update: GoDaddy has responded to Namecheap's accusations. See the statement below.

Here is what Namecheap has to say about GoDaddy as written on the company blog:

We wanted to give our customers a quick update on the status of domain transfers associated with one of our competitors, GoDaddy.

First, we're very sorry that some of you in the past 24 hours have experienced delays in transferring domains over to us.

As many customers have recently complained of transfer issues, we suspect that this competitor is thwarting efforts to transfer domains away from them.

Specifically, GoDaddy appears to be returning incomplete WHOIS information to Namecheap, delaying the transfer process. This practice is against ICANN rules.

We at Namecheap believe that this action speaks volumes about the impact that informed customers are having on GoDaddy's business.

It's a shame that GoDaddy feels they have to block their (former) customers from voting with their dollars. We can only guess that at GoDaddy, desperate times call for desperate measures.

Don't worry - each and every transfer request will be processed manually by our team. Every request will go through. We won't rest until everyone who wants to join the Namecheap family can do so!

Note: Italics emphasis is ours, bold by Namecheap.

The Verge reports that GoDaddy lost 21,054 domains on Dec. 23, 2011 yet gained 20,034 domains. While it has been widely reported that there has been an exodus from GoDaddy, it appears that much of the churn has been business as usual for the domain registrar.

Users began to boycott GoDaddy and transfer their domains away from the service after GoDaddy was revealed to be one of the official supporters of the Stop Online Piracy Act that has become very unpopular among technology circles. GoDaddy has since rescinded its support of SOPA but the damage has been done and the fact of the matter is that GoDaddy still supports SOPA in theory, if not in an official capacity.

Here is a screen shot from a user trying to transfer his website:

Reports surfaced last week that GoDaddy was calling clients with large numbers of registries that were trying to transfer away, begging them to stay. GoDaddy realizes that the cost of the SOPA blunder and PR nightmare could mean millions of dollars lost in the short term and less public trust in the longer run. Namecheap wants to position itself as the go-to destination for GoDaddy refugees. Hence, whatever Namecheap can do to make GoDaddy look bad in the process is good for business.

Are you transferring out of GoDaddy? Has the process been easy? Have you experienced delays? Let us know in the comments.

Update 5:18 EST, Dec. 26:

GoDaddy has responded to Namecheap's accusations in an email to tech blog TechCrunch. In the statement, Richard Merdinger, senior director of product development at GoDaddy, says that Namecheap never contacted GoDaddy about normal rate limit blocking for transferring of domains. According to Merdinger, the block has been removed and GoDaddy is not hindering domain transfers to Namecheap. See the statement sent to tech blog TechCrunch below:

Namecheap posted their accusations in a blog, but to the best our of knowledge, has yet to contact Go Daddy directly, which would be common practice for situations like this. Normally, the fellow registrar would make a request for us to remove the normal rate limiting block which is a standard practice used by Go Daddy, and many other registrars, to rate limit Whois queries to combat WhoIs abuse.

Because some registrars (and other data gathering, analyzing and reporting entities) have legitimate need for heavy port 43 access, we routinely grant requests for expanded access per an SOP we've had in place for many years. Should we make contact with Namecheap, and learn they need similar access, we would treat that request similarly.

As a side note, we have seen some nefarious activity this weekend which came from non-registrar sources. But, that is not unusual for a holiday weekend, nor would it cause legitimate requests to be rejected. Nevertheless, we have now proactively removed the rate limit for Namecheap, as a courtesy, but it is important to point out, there still may be back-end IP addresses affiliated with Namecheap of which we are unaware. For complete resolution, we should be talking to each other -- an effort we are initiating since they have not done so themselves.

-Rich Merdinger
Sr. Director of Product Development - Domains
Go Daddy

Several commenters and people on Twitter have noted that of the several domains they transferred off of GoDaddy, the last few have taken a lot longer than the first. What has been your experience? Let us know in the comments.

Those who hadn't memorized Metro's schedules had to employ its persnickety Trip Planner, a clunky Web form that not only won't let you click on a map to specify your location but also chokes on cities, states, Zip codes and even commas if you add them to a street address. Meanwhile, other U.S. cities had enjoyed transit directions from sites like Google Maps since at least 2005. But not DC.

Worse yet, after the first step to share schedules, converting data to the standard General Transit Feed Specification format, Metro had halted the effort. In December 2008, a spokesman told the urban-development blog Greater Greater Washington that continuing it was "not in our best interest from a business perspective." That left Metro riders with kludgey, screen-scraping workarounds like DCist's text-messaging service.

But now, Metro rail and bus directions are clicks or taps away in third-party sites and applications, allowing passengers to benefit from such innovations as Google's stop-by-stop transit navigation on Android phones. The changes in between suggest a road map for other organizations having their own open-data debates.

Start lobbying to open a conversation. Greater Greater Washington editor David Alpert quickly had hundreds of signatures on a petition protesting the decision. That persuaded Metro to detail its objections: fear of losing $68,000 in yearly ad revenue from the Trip Planner page, a wish to be paid for its data, and the legalese around data sharing. That then widened the discussion from an argument over APIs to one over the proper use of taxpayer dollars.

"David came along and started this campaign," said Christopher Zimmerman, an Arlington County Board member who chaired Metro's board in 2008. "It wouldn't have happened without the public pressure." Alpert could also lobby Metro from closer in after joining its Riders' Advisory Council in January of 2009.

Flipping the debate from potential profits to actual expenses. Gordon Linton, a former head of the Federal Transit Administration who served alongside Zimmerman on the Metro board, focused on the opportunity cost of giving data to other sites. He said the agency had given away resources - for example, free parking for car-sharing services - that it later realized could yield income.

"While we were raising fares and cutting service if we were investing staff time and energy for a product that would reap some financial benefit for those who would use it and sell it, then we in turn should get some money back," Linton said.

Zimmerman took the opposite argument: the ease of upgrading one aspect of the Metro experience. "We were having a lot of difficulties," he said. "If some of these things don't cost us anything or don't cost us a lot [to fix], we should do them right away."

Alpert suggested this debate encouraged Metro staffers to rethink things. "Staff may have felt they were under orders from the board to maximize revenue. Zimmerman gave them permission not to worry about that."

Oh, and Google never had any interest in paying for a schedule feed. Wrote spokeswoman Anne Espiritu: "We do not pay agencies for their data."

A change in leadership can help. All of this effort got sidetracked on June 22, 2009 when two Red Line trains collided and killed nine passengers. Things were set back further when general manager John Catoe unexpectedly resigned in early 2010 and his interim replacement Richard Sarles had to focus on safety upgrades.

But Sarles' earlier employer, NJ Transit, had provided rail schedules to Google back in 2008. He wanted to follow suit here, said Metro spokesman Dan Stessel.

Metro and Google signed a data-sharing agreement in July of 2010, once Google had dropped earlier demands for an indemnification clause. Metro directions showed up on Microsoft's Bing Maps in September 2010; they arrived on Google in May after a final shove from Sarles following his appointment as WMATA's full-time general manager in January.

(But even now, you must return to Metro's sites or a few third-party apps for bus and train arrival predictions. Google only announced a standard format for that data, GTFS-realtime, in August, and Metro is still weighing support for that. And some regional bus systems that Metro's Trip Planner includes have yet to provide their own GTFS data to mapping sites.)

What about the original financial arguments? We may never know how the math worked out: without detailed surveys, you can't draw a line from clicking on maps to boarding trains. But Stessel, who didn't provide a dollar cost for the work involved, suggested that the rationale merchants invoke to invest in intangibles like store or site designs works for public transit too: "Our primary motivation is improving the customer experience." Zimmerman had a more philosophical justification for how a government agency should act: "Putting information in the public domain is part of what we do."

Sometimes, being open isn't easy. You could say that there were many stops on the route that Metro took.

In an interview with Geekwire, Anokwa explained the kit is already being used to do socio-economic and health surveys. The survey data is tied to GPS locations and assigned images. Additional projects include creating "decision support" for medical professional sand "building multimedia-rich nature mapping tools.."

Anokwa, a PhD candidate in Computer Science at the University of Washington, created a group, Change, that examines ways of improving the lives of under-served and low-income areas and people through tech.

The ODK is an out-of-box tool that allows the user to build a data collection form or survey, collect the data on a mobile device and send it to a server, aggregate the collected data on a server and extract it in useful formats.

The kit has been used to monitor fraud in Afghanistan, map water sources in Ghana, monitor deforestation in Brazil, survey human rights violations in the Central African Republic, to support community health workers in Boston and more.

As a detailed example of the use of the Open Data Kit, he offered USAID's AMPATH project in Kenya.

"AMPATH in Kenya has been using ODK for their HIV home-based counseling and testing program. Their counselors go house to house with phones running ODK. The software walks them through a standardized counseling and testing protocol and the geo-tagged results are sent to their OpenMRS medical record system using WiFi or GPRS. AMPATH has reached some 65,000 individuals and has been able to rapidly and cost-effectively identify individuals at significant risk from HIV, saving lives."

What links did we miss? Let us know in the comments.

Called The Locker Project, the open source service will capture what's called exhaust data from users' activities around the web and offline via sensors, put it firmly in their own possesion and then allow them to run local apps that are built to leverage their data. Miller's three person company, Singly, will provide the corporate support that the open source project needs in order to remain viable. I'm very excited about this project; Miller's backgrounds, humble brilliance and vision for app-enabling my personal data history is very exciting to me.

Here's how The Locker Project will work. Users will be able to download the data capture and storage code and run it on their own server, or sign up for hosted service - like WordPress.org and WordPress.com. Then the service will pull in and archive all kinds of data that the user has permission to access and store into the user's personal Locker: Tweets, photos, videos, click-stream, check-ins, data from real-world sensors like heart monitors, health records and financial records like transaction histories.

Where data extraction is made easy already by APIs or feeds, Lockers will pull it that way. Where the data is appealing and the Locker community is motivated to do so, data connectors will be built.

Searching those data archives has been a technical challenge for many other startups, but the Locker team says it is trivial for them - because they only have to build search to scale across your personal data and the data you've been given permission to access by members of your network.

Seach and sharing across a user's network will be powered by Miller's eagerly-anticipated open source P2P project called Telehash, described as "a new wire protocol for exchanging JSON in a real-time and fully decentralized manner, enabling applications to connect directly and participate as servers on the edge of the network."

The team was not yet willing to disclose the identities of its investors on the record.

Apps on Your Platform

Building a developer ecosystem is going to be the team's biggest priority. What will apps look like in the Locker ecosystem? They'll be pieces of software run locally on top of your personal locker and across any of your network connections that give them permission.

The app model is a compelling one and provides a logical source of revenue for Locker and Singly. Presumably they will monetize sales of apps.

The team is collecting video testimonials from industry luminaries about what kinds of apps they'd like to see built on top of their data. Singly won first prize in the startup competition at the O'Reilly Strata conference and Tim O'Reilly himself later gave the project a shout-out in a panel on data ownership.

The team behind the project say they fantasize about apps like:

• food recommendations in neighborhoods they've visited from restaurants their friends have checked in at


• a newsfeed filtering out what their click-stream history shows they've already read


• pre-diagnosis of possible medical conditions based on personal medical and other history.

Your personal data will likely be of interest on its own, as a type of diary, but it's probably going to be much more interesting and useful when cross-referenced with other sets of data. Those other sets of data will provide context, surfacing correlations and patterns that would otherwise be invisible. Recommendations, personalization, alerts, benchmarks, social and self assessment: the types of value adds that can be built on top of a good data set are just beginning to be explored. And there are few data sets as interesting, to you, than you.

Part of a Big Picture

Kaliya Hamlin, long-time online identity expert and now Executive Director of the Personal Data Ecosystem Collaborative Consortium, is enthusiastic. Hamlin says Miller's project is "a great development from the perspective of this emerging market/ecosystem happening. Others are looking at getting into the personal data store market as well, personal.com is coming to market for example, services businesses too - this is really happening."

In a blog post on the sector in general earlier this week, Hamlin put it this way:

"A nascent but growing industry of personal data storage services is emerging. These strive to allow individuals to collect their own personal data to manage it and then give permissioned access to their digital footprint to the business and services they choose--businesses they trust to provide better customization, more relevant search results, and real value for the user from their data."

She also expects the personal data market to become subject to extensive regulation soon.

Miller says that some ad industry people he's spoken with hope that an independent system for data stores under the control of consumers themselves will help create an atmosphere concerning liability more amenable to innovation on top of that data than exists today. Advertisers are interested of course, but far more app developers will likely seek to build on top of that data once it's accessible and properly permissioned.

The people behind The Locker Project will have no shortage of issues to tackle trying to take a distributed, open-source, app-centric approach to leadership in an emerging era of data. It wouldn't be the first time that Jeremie Miller has managed to change the world though.

Facebook announced this weekend that it would begin offering third-party applications and websites a way to request that users share their "current address and mobile phone number." Simple enough, right?

While Facebook says that the move is intended to make it easier for users to take their information with them across the Web, members of the data portability community argue that its yet another move by Facebook to lock users in. At the same time, the question of how Facebook handles these permission requests and whether or not it's clear to the end user is a point of contention that further calls into question how a user's online identity should be handled.

We asked some experts in the field and here's what they had to say.

Update: Facebook has announced that it has suspended the controversial feature and will be "making changes to help ensure you only share this information when you intend to do so."

Facebook: It's All About Portability

First, Malorie Lucich, a Facebook spokesperson, told us that the impetus for the change comes down to enabling users to bring their information with them, rather than forcing them to type in the same information wherever they go:

We want to make it easy for people to take the information they've entered into Facebook with them across the web. This new permission gives people the ability to control and share their mobile phone number and address with the websites and apps they want to use for more efficient experiences. As always, no information will be shared with an app or website until a user explicitly chooses to share it.

David Recordon, a senior open programs manager at Facebook and member of the OpenID Foundation, commented yesterday that the feature was intended to offer precisely this portability. "Given that I trust Kickstarter enough to give them my credit card information, I also trust giving them with my address," wrote Recordon. "Why should I need to type my address in again versus them being able to ask me for it?"

Other members of the data portability community, however, see things differently and call into question Facebook's methods of data sharing.

A Central Hub or Cog in the Machine?

"The problem is not that the user can (and must be able to) choose to access their data from Facebook on a 3rd party site," said Chris Saad, co-founder of the Data Portability Project and VP of strategy at Echo. "The problem is that Facebook has architected the whole thing from the beginning to be an exclusive hub and spoke relationship with them rather than a peer to peer relationship on the open web."

According to Saad, Facebook's intentions are simple - to get third-party sites and apps to rely entirely on Facebook for user information. "It's like giving a taster," he said. "Paying comes later."

Alana Joy, an independent digital strategist, agreed with Saad that Facebook was vying to be the central hub, rather than another cog in the machine.

"Facebook seems to be more concerned with positioning themselves as the official global 'people registry', harvesting users' information for profit," said Joy, "than they are about providing a safe place for individuals to share their lives with only those they choose to."

Of course, Facebook founder Mark Zuckerberg has said rather plainly that the company wants to push people's boundaries and expand the idea of public versus private. A key point that the company stands behind is that the user is given the opportunity to decide whether or not they share this information, both in privacy settings and in the permissions dialog.

"We introduced the granular data permissions model last April to make it clear to users exactly what information an app or website is requesting, allowing them to make more informed decisions about whether or not they want to proceed," said Lucich. "That being said, we're always looking into ways to make the platform user experience as positive and clear as possible."

With Third-Party Apps, It's All or Nothing

This sort of granularity isn't enough for Elias Bizannes, a board member of the Data Portability Project.

"Something bugs me about the Facebook connect privacy options," said Bizannes. "When you connect, you see what permissions you have to give, but you don't have an option there to deny individual permissions."

According to Facebook, apps should only be requesting information they absolutely need and therefore, were a user to deny access, the app wouldn't be able to function anyway.

"The reason why people can't pick and choose what data to share is because the app needs the requested information in order to perform its core services, such as photo access for a photo app and birthday date access for a calendar app. Developers are required to only request the information it needs to provide a customized experience," wrote Lucich. "Ultimately, it's up to the user whether or not he or she wants to grant an app access to their information."

Bizannes argues that the current model of permission forces users to blindly accept and allow the sharing of their information, "because they know if they click 'no' they don't get any access to the app."

"Users should have the ability to decide upfront what data they permit, not after the handshake has been made where both Facebook and the app developer take advantage of the fact most users don't know how to manage application privacy or revoke individual permissions," argued Bizannes. "Data Portability is about privacy-respecting interoperability and Facebook has failed in this regard."

On The Other Hand...

Inside Facebook's Josh Constine takes a more tempered approach to the whole thing, suggesting that instead of kowtowing to fear, Facebook should "instead push forward while minimizing negative outcomes by helping users make [a] more informed decision."

Constine's article echoes Recordon's sentiments, reminding the fearful that Facebook has been diligent in other instances and made sure that third-parties were dealt with appropriately when they mismanaged user information. The new feature may ask users for more in terms of personal information, but "there are many benefits to allowing developers to ask users for their contact information," writes Constine. "Mobile phone number access could power apps that act as up-to-the-minute communication hubs between groups of friends, allowing members to be notified by SMS when friends are nearby, want to plan an event, or upload new content. Home address access could let ecommerce sites pre-populate delivery details during checkout, leveling the playing field so smaller merchants can compete with established giants like Amazon that have already forced users to type in their address manually."

Saad argues that Facebook continually ups the ante without properly notifying its users.

"It's obvious that most users don't understand the bargain they're making - and that's mostly because Facebook keeps changing it," said Saad. "The same prompt that once granted some basic permissions for authentication now grants permission to your whole life."

Pete Warden, a big data guru who recently found himself on the wrong side of Facebook's line between public and private, says that a big result of this new feature will be for third-party sites and applications to figure out who you really are.

"The most interesting part of this change is the ability it gives companies to connect Facebook accounts with information from offline databases," said Warden. "There's a treasure-trove of marketing data available for every household in the US that they'll now be able to use to profile their Facebook users for everything from buying habits to income, children and pets."

According to Warden, this sort of data will help sites connect your activities to your real identity in ways that were previously not possible.

While the word "privacy" has been a sore point for Facebook over the past year, is it that Facebook is entirely cavalier with user information or is it just that its scale provides an easy target? Warden said that Facebook isn't much different from many other sites. "They're just behaving like the rest of the marketing world, the only difference is that they're under a lot more scrutiny than everyone else."

To Share or Not to Share?

In the end, does this come down to the simple question of whether or not you should ever share this information if you don't want it to be public? This is a solution that many users advocate. On the other hand, should users be petitioning for a more granular control over their information, wherein they can make more individual decisions over when and where they share what information? The fact that Facebook wants to be your one true login is no secret and the company will continue to push the boundaries in this realm. How will most users react?

"Most people won't care until they personally are victimized by it," predicted Alana Joy. "Like the gentleman whose profile picture was used in a Facebook ad for singles when he is a married professional with a family. [...] It really does illustrate just how Facebook can and will do whatever they want with whatever you post there."

We spoke with a few members of the data portability community to see what they had to say about the debate between these two big companies and what it means for the rest of us.

It's a Game of Strategy

Eve Maler (aka XMLgrrl), host of the User-Managed Access group among other things, started off by reminding us that "Facebook's end-users are not its customers; they're the product." While Google's relationship to its end-users is much the same, she said, "it has developed a strategic stance on privacy and data portability that accepts and promotes greater user control of the personal data it sees, and this allows Google to capture the high ground in this debate."

Forcing Facebook's Hand

Chris Saad, co-founder of the Data Portability Project and VP of strategy at Echo, agrees with Maler that Google has the upper hand in the debate.

"Facebook has been a one-way beneficiary of Data Portability for far too long," said Saad. "Google asking for reciprocity from equal peers on the internet is a perfectly reasonable, if not overdue, move."

Elias Bizannes, executive director of the Data Portability Project was a bit more ambivalent in his approach, framing the entire situation in terms of global trade negotiations. According to Bizannes, nobody is winning at this point.

"This tit-for-tat approach is what governments still practice with trade and people-travel restrictions," explained Bizannes. "The reality is, Facebook and Google are hurting the global information network."

When user data can be moved around at a user's discretion, then for a company to have the best product becomes more important than having the most data.

Both Saad and Maler, however, said that the dispute was moving things in the right direction.

"Battles like the current one," said Maler, "along with the mutually reinforcing effects of social pressure and media attention, are a key way to ratchet up data control across the board for end-users who aren't paying customers of these services."

Saad said that it was unfortunate that Google had to add the clause to their TOS, "but it is clear that there was no other way to force the issue. Many open standards on the Internet - including HTTP, HTML, DNS etc assume/force two way openness, and Google is just trying to re-establish some fair use."

In the end, Bizannes said that both Google and Facebook would benefit from working together rather than duking it out.

"These companies need to recognize what their true comparative advantage is and what they can do with that data," explained Bizannes.

What a site really wants is persistent access to a person so they can tap into the more recently updated data, for whatever they need. [...] Having a uniform way of transferring data between their information network silo's ensures privacy-respecting ways that minimize the risk for the consumer (which they claim to be protecting) and the liberalization of the data economy means they can in the long term focus on their comparative advantage with the same data.

What if No One is Right?

Steve Greenberg, lead author of the first Portability Policy and self-described "product manager nonpareil", pointed out that while Google may appear to hold the moral high-ground, neither company comes out ahead in the end.

There is no "good guy" here.  To me, it looks like Google wanted to pick a fight with Facebook and used data portability as an excuse.  This is a shame because, from a portability standpoint, Google had been among the best in the industry.  I would ask both Google and Facebook to allow people to move their data around freely.

Why do I doubt Google's sincerity, especially since they've been friendly in the past?  Unless they were just looking for a pretense to shut off portability, it's hard to see what they hope to get out of this.  Everyone who might care already knows that Facebook won't let you export data.  Why punish your users just to get back at Facebook?

What's Next?

According to Bizannes, companies can only survive by being competitive and, in this case, that comes in the form of data portability.

Maler, meanwhile, cites the User-Managed Access group she hosts, saying that it "is creating opportunities for users to offer novel 'personal data products' in a way that increases their ability to dictate requirements for privacy and data portability."

Saad reminds us that data portability isn't just for show and "'Having an API' is not openness. Having the right terms of service and an INTEROPERABLE data format and protocol is openness."

Maybe it's battles like this, between the Internet giants, that will settle the debate. Perhaps folks like Maler, Bizannes, Saad and Greenberg will finally convince them that openness is in their best interest. Or maybe, one day, the users will demand a way to do what they want with their data.

While the move is a significant step in the right direction for the social network and its users, a few significant players in the data portability discussion are here to remind us that we aren't there quite yet.

There are some who are calling the move "data portability", but Alisa Leonard, the communications chair for the Data Portability Project, says not so fast. Leonard argues that the new feature "is NOT Data Portability", calling it instead "data accessibility".

Data portability is the idea that users are, and should be, in control of their data, how its used, and have access to it at any time. Beyond this, data portability inherently implies data interoperability-- the ability for your identity and social graph data to be used across any site or service, as controlled by the end user, and therefore requires the use of open web standards. [...] Facebook continues to maintain, under their TOS, the last word on your data usage through an all-encompassing license to do what they wish with your data (including sub-license it to other entities).

Leonard goes on to point out that, while you may now be able to more easily download your data to manipulate separately, it will still remain on Facebook's servers. You cannot remove it.

The Electronic Frontier Foundation similarly lauded and chastised Facebook's efforts this morning, saying that the feature brought Facebook closer in line with its Bill of Privacy Rights for Social Networking. The EFF offered a series of recommendations for Facebook to make it easier for its users to switch services if they so desired. Part of those recommendations included the ability to export more of your social connections and contact information, the ability for users to opt-out of allowing their contact information to be exported, and even the possibility of contact information available as a separate file.

Both the EFF and Leonard seem to agree that Facebook has made a big step to data accessibility, but have yet another step (or two, or 10) to get to "data portability". Leonard urged the site to adopt the DataPortability Project's Portability Policy, which she calls "the first true step towards data portability, transparency and end user control."

So, for the new feature, we have a resounding "here, here!", but we're reserving the real applause for the day when users can actually download their data and delete it off of Facebook's servers.

According to the HHS, the program is "a public-private collaboration that is encouraging innovators to utilize community health data to develop applications that help raise awareness of community health performance and spark action to improve health." At today's event a number organizations are demonstrating a preview of their work with the data, including Google, Microsoft and GE.

First Results

• Google: The company imported the public data into Google Fusion Tables where it can be explored and visualized.
• Microsoft Bing: "Using community health data, Bing has created new features that allow easier selection of hospitals based on patient quality of care ratings and new ways to assess potential areas to live based on a combination of community health measures and access to goods and services."
• The Network of Care for Healthy Communities: A Web portal combined with community health data provides officials with policy information, local services, best practices and evaluation tools that can spur local action.
• Community Clash: Created by MeYou Health, "Community Clash is an online card game that engages you in a discovery of your community's health and well-being status and how it compares to other communities in a head-to-head clash. Community Clash gets personal, prompting each player to compare his or her own Well-Being Score and encourage social comparison with friends through Facebook integration."

Opportunities

• Data mashups: Sharing information across data sets and regions will create multiple opportunities. Will there be a management system in place to fix or enhance data sets and their underlying models as needed?


• Services engine: There are a mix of CSV, XML, map data, and other sources available in the data set. Will the sets be offered as APIs and how it will be leveraged across different parties?


• Missing gaps: Will the community health data initiative spawn new areas of research funding?


• Public and private: What will be the focus of private companies that offer services based on this initiative? Will it attract VCs and investors outside of the public sphere?

As the one of the people who popularized that concept in relation to social networks, and as a founding member of the organization representing that cause, I'd like to call bullshit on that.

Guest author Chris Saad is VP of strategy at Echo, a leading provider of comment/conversation technology to Tier 1 publishers. His role is to track trends in the marketplace, listen to and participate in the community and translate those needs into actionable product direction. His background includes co-authoring the Synaptic Web strawman , co-authoring the Attention Profiling Markup Language (APML) specification, and co-founding the DataPortability Project. The DataPortability project's mission is to advocate interoperable data portability for users, developers and vendors.

Until now I have stayed largely silent on the privacy hoopla because data portability and the open Web are not strictly related to privacy - at least in the sense that things don't need to be public for them to be portable or interoperable.

For example, just because the Web is based on open technologies (HTTP, HTML, SSL, JavaScript, etc.), it does not mean using your credit card on a properly configured website is public or unsafe. Sending email from one person to another does not mean third party websites can now suddenly "instantly personalize" their recommendations to you based on keywords found in your inbox.

Despite being based on interoperable technologies, these transactions remain private and secure.

Advocating Open Technologies Is Not Promoting the Death of Secrets

In the face of this, however, Mark Zuckerberg and Facebook continue to (deliberately?) confuse the idea of open technologies with "sharing in public." The attempt to correlate the two things is at best misinformed and at worst dishonest.

With his latest statement, Zuckerberg and Facebook are now going so far as to declare their privacy missteps as "data portability." Actually, Facebook's changes have nothing to do with data portability. In fact, the root of the user backlash has nothing to do with what the company is doing but rather how its are doing it.

Its problem is that, as a service, Facebook started as a place for people to share with friends and family in a private setting. Users expected privacy. This expectation is referred to as a "social compact." It is an implied agreement that has less to do with the terms of service and more to do with user expectations and ethics. When I give you my business card, for example, I expect (through our implied social compact) that you won't give it to spammers.

It turns out, however, that this compact was good for users but not great for Facebook's business. There are two broad reasons why Facebook has felt forced to make the service more public.

Mark Zuckerberg Facebook SXSWi 2008. Photo by deneyterrio.

First, it's hard, if not impossible, to monetize private communication. People don't use those kinds of service with the intent to buy, but rather with the intent to communicate. Intention is critical when it comes to advertising and e-commerce.

Second, competition from services like Twitter have made it cool to be public, and it's finding interesting ways to monetize this public information (the least of which is selling its inventory of Tweets for $15 million a pop).

Most of Facebook's very mainstream users, however, still just want a private place to keep up with their friends and family. In short, the economic interests of the service are not in line with the interests of its users. Despite this, Facebook has been forced to smashed big cracks in its privacy blanket and started forcing its users, en mass, to adopt more transparent and public online personas.

This (now public) data can be used by advertisers, publishers and other third parties to help Facebook attract even more users, more data and ultimately more dollars through targeted ads and micro-transactions.

The Wrong Social Compact

The problem, then, is not Mark Zuckerberg's stated goal of making the world a more open (read, less private) place, but rather that Facebook did not initially establish the right social compact - promise - to its users to justify its role in this vision of public sharing.

As a result, users feel (rightly) violated. Facebook broke its promise for business purposes. And this is not the first - or last I suspect - time it will do it. (Remember Beacon?)

Finally - in regards to actual data portability, interoperability and the Web - the technology choices Facebook makes are anything but open. It uses proprietary technologies, protocols and formats to capture value from the Web and lock it up in its hub.

In short, nothing about its cultural or technological approach is open or interoperable; it has nothing to do with interoperable data portability - the only kind that matters.

Facebook has every right to do whatever it likes with its service. The market will decide if it continues to like the service or not. Any backlash from the media, or demands for more fairness, are largely irrelevant unless users vote with their feet and stop using the service. Facebook knows this is unlikely, though, given its deep (and growing) integration with the rest of the Web.

But claiming that users love the changes because more and more of them are stumbling into the service by way of widgets on publisher pages is dishonest. There is a real fear amongst the user base (and their partners) about these changes.

When it comes right down to it, the lack of honesty and clarity from the company and its representatives about these issues, and the continued trend of taking established language - such as "open technology" or "data portability" - and corrupting it for its own marketing purposes, is far more disconcerting than the boundaries it's pushing with its technology choices.

What Are the Next Steps?

We as responsible members of the technology community and the open web must be clear and honest about what we see - and any threat it might pose to our industry or the wider world. While jumping on the bandwagon might be fun and easy (and even profitable), it is a abjection of our own responsibilities.

So what can Facebook do in the face of this criticism and push-back?

• Declare clearly and unequivocally that its service has changed from a private place for sharing to a tool for public publishing.
• Go beyond what it has already done to correct the issue and provide a giant status indicator on the top right of a user's profile page indicating if they are in one of three modes: Public, Private, or Friends and Family only.
• Alternatively, (although highly unlikely) it can change its business model from one based on ads and publishers and to one that's based on charging users for pro services in order to align its economic interest with those of its users.

What can others do to protect their privacy or capitalize on Facebook's faults?

• Right now: Recognize that Facebook has violated user trust over and over for the sake of its business model, and will do it again. Stop sharing private information with the service.
• Short term: Create a properly private sharing network where people can feel safe to be with their friends and family.
• Medium term: Recognize (or decide to ensure) that Facebook is only one service, and in order to maintain and encourage competition and respect in the marketplace, other smaller (and not-so-small) players must be supported when making technology decisions (i.e. publishers must choose cross-platform tools and technologies).
• Long term: Continue to create an open alternative to Facebook whereby the Web is the platform and users can choose the applications that make sense for them, which includes privacy.
• Forever: Understand the difference between an "interoperable, open Web" and "Death of Privacy" - they are not the same thing.

Next week The DataPortability Project will be announcing a new initiative that will improve communications between Web services and users - stay tuned.

Facebook maintains that PV is violating a number of its terms of service, including one that insists you cannot "collect users' content or information, or otherwise access Facebook, using automated means (such as harvesting bots, robots, spiders, or scrapers) without our permission."

All Facebook said that in itself is not illegal, but by utilizing a proprietary site's information without its permission makes it "a criminal violation under the California Penal Code Section 502(c) and the Computer Fraud and Abuse Act (CFAA)."

The Electronic Frontier Foundation filed an amicus brief in support of Power Ventures.

Facebook argues that by offering these enhanced services to users, Power violated California's computer crime law. It grounds its claim in the fact that Facebook's terms of service prohibit a user from having automated access to a user's own information and that Power continued to offer the service to Facebook users even after Facebook sent Power a cease and desist letter demanding that it stop. Yet merely providing a technology to assist a user in accessing his or her own data in a novel manner cannot and should not form the basis for criminal liability.

It's hard not to buy the logic of EFF's argument. It's equally difficult not to see the possibility that this suit is an attempt to discourage any actions on the part of users to master Facebook information. That interpretation is certainly in keeping with Facebook's recent activities, in terms of its providing user information to developers and forcing users' hands when it comes to their own information. Facebook, it might be argued, wants to be the only arbiter of its information. And by its information, of course, they mean yours.

"The system will coach the athlete based on their training plan, monitor's the athlete's performance via wireless sensors and provide feedback during performance to help the athlete follow their plan," according to COO Jeff Broderick.

The integrated system runs real-time training data to a web site that is inflected according to that data and checked against a workout plan. Any modification is then "pushed back down to the phone in time for the next workout."

"One of the biggest problems we solve is to give each workout context within the athlete's overall plan and how it relates to their goals. Because our system knows the athlete's plan and listens to the athlete's body in real time, our customers are more likely to avoid fatigue-related injuries and performance issues," according to CEO Kirk Ewing.

The packages contain the wireless sensors to record heart rate and sport specific data, a phone application and a subscription to the MyEnki online training app. The first platform to be supported will be the iPhone. iPhone Sport Packages for Cycling will ship in June with Running following in August and Triathlon later in Q4 2010. Support for Android will arrive in Q4 2010 with Blackberry and other phones following in 2011.

The smartphone connection may help to distinguish Enki Sports from competitors such as Nike, as well as BodyMedia, Fitbit and others.

Envisioned by four NYU computer science students, the Diaspora project would replace today's centralized social web (yes, they mean you, Facebook) with a decentralized one, while still offering something that's convenient and easy for anyone to use.

According to the project's homepage, the students, Daniel Grippi, Maxwell Salzberg, Raphael Sofaer, and Ilya Zhitomirskiy, "bonded over many late nights building a Makerbot," (to you non-geeks, that's a type of robot) and they "started discussing what a distributed social network would look like."

The end result of those discussions was the idea for Diaspora. So they stopped talking about it and started building.

The project is now hosted on Kickstarter.com, a social fundraising platform that lets entrepreneurs and other creative types crowd-source funding by setting up a project goal, deadline and optional set of rewards for project backers.

In Diaspora's case, they're less than $2000 short of their $10,000 goal with under a month left to go until reaching their deadline. If the project receives the necessary level of funding by June 1st, it will be built and the code released as free software using the aGPL open-source software license.

What is a Decentralized Social Network?

So what is Diaspora anyway? Instead of being a singular portal like Facebook, Diaspora is a distributed network where separate computers connect to each other directly, without going through a central server of some sort.

Once set up, the network could aggregate your information - including your Facebook profile, if you wanted. It could also import things like tweets, RSS feeds, photos, etc., similar to how the social aggregator FriendFeed does. A planned plugin framework could extend these possibilities even further.

Your computer, called a "seed" in the Diaspora setup, could even integrate the connected services in new ways. For example, a photo uploaded to Flickr could automatically be turned into a Twitter post using the caption and link.

When you "friend" another user, you're actually "friending" that seed, technically speaking. There's not a centralized server managing those friend connections as there is with Facebook - it's just two computers talking to each other. Friends can then share their information, content, media and anything else with each other, privately using GPG encryption.

Diaspora, the Turn-Key Solution

Because not everyone will be technically capable of (or interested in) setting up their computer to function as a "seed," there are plans to offer a paid turn-key service too, similar to Wordpress.com, the blogging platform. Wordpress itself is software you can install and configure on your own server, if you're inclined to do so, but if you're less technically-savvy, you can opt to quickly start a blog via Wordpress.com instead. Diaspora would function in a similar way.

If a lot this sounds reminiscent of Opera's Unite project, the Web browser maker's overly-hyped plan to "reinvent of the Web," it should. In Opera Unite, users can share documents, photos, music, videos and run websites and chat rooms by directly linking two computers together.

However, in Unite's setup, there are Opera-run proxy servers involved, which led to issues - especially when those servers went down. Diaspora wouldn't have that problem.

Mainstream Success?

Still, the concepts behind Diaspora, while the sort of thing tech geeks will eat up, may be harder to grasp for the everyday Facebook user who is still trying to figure out how post a link or video to their Wall. Distributed, decentralized, open-source what?

If Diaspora is realized, it will be up to technology advocates to position the turn-key service in a way that will make it sound simple and appealing to precisely those sorts of mainstream users if it is to ever succeed. Taking shots at Facebook's privacy issues may be a good course (Take back control with Diaspora!).

We would like to see Diaspora come to be, even if it never goes mainstream because it would finally offer privacy advocates a real alternative to the increasingly data-hungry Facebook.

Plus, after watching the video of students explaining their idea, saying "no" would be like turning away a Girl Scout cookie seller empty-handed. We just don't have it in us.

For more information about the project and the potential for distributed social networking in general, check out the Q&A between Mozilla's Luis Villa and the team here. We couldn't do a longer interview with the team members ourselves because they're busy with "finals and graduation," we're told.

In this world, keeping up with all the work in the community itself is a feat in itself. As proven recently, even aligning the naming of standards in our small community (xAuth, XAuth) proves challenging enough. With that said, we'll share we what we've learned about this version and what work has been incorporated into it.

For those coming up to speed on the issues surrounding OAuth 2.0, here is a brief summary of the state of the union:

The OAuth Working Group in IETF generated a first draft of OAuth 2.0. This group that is credited with this document consists of active leaders of both the Twitter API team as well as Facebook community standards team. A robust number of daily discussions are happening in the working group hosted at IETF include topics such as the default use of JSON that show the opportunity and challenge of growing the standard from a web-based to a broader set of devices and scenarios.

One of the stated goals of the IETF OAuth working group is to maintain backwards compatibility with OAuth 1.0. From our sampling of the depth of change in scope and conceptualization of the standard, this may be a big deal for the group, especially if key members decide to legacy their support for the first versions.

As part of the evolution of OAuth, there is the case of the OAuth WRAP Google Group. This group has forged ahead to develop profiles for scenarios seen as extensions to the profile OAuth 1.0A. This includes new ways to gain tokens bringing the use cases of Javascript or RIA applications. WRAP also redefines the dependency on SSL and provides a simpler way to get started using tools easily accessible to the web resource. With some changes noted, this work has been brought forward in the OAuth 2.0 public draft.

David Recordon, a chief thought leader in the open web (also employee at Facebook) recently offered this summary "What's going on with OAuth?" to help align the understanding of the evolution of the standard.

Here we show one of the better known descriptions of the OAuth flow as provided by Yahoo. The annotations show a few of the areas that are under consideration for changes in OAuth 2.0 and/or in the work done in the OAuth WRAP group.

Last week, at Twitter's Chirp '10 the Twitter API team gave this presentation, "Too many secrets, but never enough: OAuth at Twitter". This document contains overview of the basic process of Twitter, commitment to the movement to OAuth 2.0, and discussion of Twitter's xAuth and OAuth Echos projects.

Twitter Likes to Optimize

Twitter is deeply intertwined with the inception and direction of OAuth. The company is both involved in the specifications but also is a lightening rod for discussion in the development community. In the Twitter blogs and developer groups, OAuth is being considered deeply in the trade-offs in implementation, design, and risk in the Twitter ecosystem.

A few areas under discussion is how to remove the re-direction from the process, and also how to keep a running log of all account client accesses available to the user as a way to make sure users are aware and signaling proper account use.

The Twitter API team has been willing to make change happen in the community by deprecating legacy processes, such as basic auth. With the changes coming in OAuth 2.0 the company may be in the best position to bootstrap developer adoption of the new standards.

In this way, OAuth 2.0 need to adapt to the speed and need of the Twitter use cases, to avoid becoming like XML. XML is a good thing, of course, but when push comes to shove, JSON is lighter weight and more compact. This is helping it become the preference for data attribute exchange in APIs like Twitters that support OAuth.

With the rise of the social ecosystem as the hub for authorization, it is becoming clear that the IETF efforts need Twitter as much as Twitter needs the IETF. This seems like a good balance that will guide use cases along the way to practical standards formalization.

There are a lot of questions out there about OAuth 2.0. Top of mind is whether this technology release will see the effective join of Twitter, Facebook, and Google? Or, will the practical matters of business and strategy keep the standards intact, and the implementations as islands?

What is your prediction for OAuth 2.0 and web resource authorization?

As Programmable Web pointed out this morning, it looks like Yahoo actually implemented OAuth several days before Gmail got around to it.

OAuth access to your email means that you can give simple, one-click authorization to external applications to have full access to your emails. This also means you can have seemless access to the information in your email account, from the contents of the emails themselves to your contact list, on other websites.

If you think of going to a website and finding all the people you know on there by using Twitter, you're most likely already familiar with OAuth - it's that window that pops up that you click "Allow" on.

From the Yahoo! Mail Developer Community group on March 25:

Today we're super exited to announce our OAuth API for Yahoo Mail! Not only have we moved to a much cleaner authentication technology, but we have removed all the restrictions limiting message access of "free" accounts. That means that you can now use the full API for all Yahoo Mail users regardless of their free/premium status, accessing full message contents if your application needs it. Cool, eh?

For those of you out there using Yahoo Mail, which is still a majority, expect to see some cool new add-ons for the age old email service to be released soon. At least, that's what we're hoping for.

Even ReadWriteWeb was not free of the need for smelling salts as one of our new iPad-owners followed her instinct and hooked the tablet up to her laptop in the same fashion she always has for her iPhone. That feeling that mixes acid running down your bones and your stomach dropping into your shoes was temporary if acute. A bit of rummaging and she plugged the proprietary charger in.

Endgadget reported that neither USB hubs nor Wingtel rings would charge the device either.

Apple's iPad support page on charging states that this is a result of insufficient power output from some computers, rather than a design fault. Further, if you put your iPad to sleep, it will charge up.

Either way, the charging constraint is an issue, mostly as it limits the available avenues to recharging on the go. But perhaps as important was the apparent failure in the company's user experience process. Not a hard ball to drop, given how intently a company and its teams live with the product they are developing, but an important one nonetheless. At the very least, the message "Not Charging" was inaccurate if not outright untrue.

Generally speaking, RTFM is not enough. Thinking through user experience, including testing by people outside the team, is mandatory. We will see if this sort of oversight will result in similar issues in the coming days.

Audrey Watters contributed to this report.

What does that mean? It means mashups based on the actual emails in your inbox. If you've given a 3rd party app secure access to your Twitter account, then you'll be familiar with the user experience. The first example out of the gate is a company called Syphir, which lets you apply all kinds of complex rules to your incoming mail and then lets you get iPhone push notification for your smartly filtered mail. Backup service Backupify will announce tomorrow morning that it is leveraging the new technology to back up your Gmail account, as well.

People are often wary about the idea of giving outside services access to their email, and well they should. OAuth is designed to make that safe to do. Combined with the IMAP/SMTP email retrieval protocols, it gives an app a way to ask Gmail for access to your information. Gmail pops up a little window and says "this other app wants us to give it your info - if you can prove to us that you are who they say you are (just give Gmail your password) - then we'll go vouch for you and give them the info." The 3rd party app never sees your password and can have its access revoked at any time. You can read more about OAuth, how it was developed and how it works, on the OAuth website.

Why is this so exciting? Because it means that the application we all spend so much time in, where so much of our communication goes on and where you can find some of our closest work and personal contacts - can now have value-added services built on top of it by a whole world of independent developers, without your having to give them your email password.

That's the kind of thing that the data portability paradigm is all about. It's the opposite of lock-in and seeks to allow users to take their data securely from site to site, using it as the foundation for fabulous new services. Google says it is working with Yahoo!, Mozilla and others to develop an industry-wide standard way to combine OAuth and IMAP/SMTP.

See also: Rapportive - an incredible GMail contacts plug-in.

Facebook isn't implementing Salmon, but that's what Canadian open-source business microblogging service Status.net and Florida-based stream service Cliqset announced they have implemented between their networks this morning. Think of this as a technical foil for monopoly beginning to unfold.

Because Salmon is an open standard, any service can implement it without formal business relationships, and Google Buzz is expected to enter the Salmon ecosystem next. If a substantial portion of the technical community implements Salmon, Facebook could be under a lot of pressure to do so as well. (As it was with OpenID, for example.) If you could still message your friends inside and outside Facebook, it would be a lot easier for innovative new alternative networks to lure you away from the one big site that 400 million people use today.

The Players

Evan Prodromou of Status.net says his service has 1.2 million users, hosts 12,000 sites on its cloud and is adding 800 sites per week. It's a hot little startup that's fast implementing new technical protocols and making high profile hires. Status.net began rolling out Salmon support earlier this month but today announced that it was working with Cliqset on displaying the cross-network communication. "We've got disparate implementations communicating well using this open standard for cross-network conversations," Prodromou said today, "It's the first time!"

Cliqset is better at trailblazing innovation than at user acquisition but is a very respected member of the technical community working to create social network interoperability.

Google Buzz appears to have seen a lukewarm public reaction to its launch but is most disruptive because of its support for open data standards. Salmon is still listed in the "coming soon" stage of the Buzz roadmap.

Today's news isn't just about those players, it's about the Salmon protocol that would allow any social network to participate. Salmon was developed primarily by Google employee John Panzer. If you've seen the way that the Echo commenting system displays Tweets, trackbacks and other social media mentions below blog posts, that's the kind of model that Salmon aims to make open source.

Interoperability as Foundation for Choice, Innovation, User Control

Facebook's near monopoly on mainstream social networking means that users have limited options in how they experience social networking and they have to play by Facebook's rules. Not everyone likes how Facebook changes its rules, especially its privacy policy.

Likewise, though Facebook is incredibly quick to innovate, it's generally assumed that a market with more than one competitor gives all companies in question more incentive to try to win the hearts of users.

Simply put, if you could leave Facebook and still communicate with people using Facebook (you can't today) then leaving Facebook would be a lot easier, and more social networks would have reason to invest in building a compelling service for you to use. If there was more than one meaningful option, those services would compete to build the best social network they possibly could. And Facebook would have more reason to be careful when considering dramatic changes in things like its privacy policy. Today, where else are you going to go without losing touch with all your friends?

That's why interoperability is important and that's why it's a big deal that two small social networks used by early adopters have pushed Salmon-based interoperability out into the wild.