So their theory here is that when I add a friend on Facebook, I am really saying this: "I share some of my contact info with you, but only as long as we both use Facebook?"
That's a convenient notion if you happen to work for Big #3b5998. But I think almost anyone would agree that it's really two people making a connection, and Facebook is just the middleman.
The theory is that by accepting someone's friend request you're not automatically granting them the ability to export your email address to any application that asks for it. If it were possible there's a good chance your inbox would quickly be filled with spam from apps your friends use. I know of no social network, including Google's own Orkut, Twitter, and Myspace, which allows this kind of mass exportation of friend emails via its API.
So on the other hand, by emailing someone, you are granting them the right to download your contact information to a third party application who will then ... email you that you should join ... Facebook?
A slightly different way to look at it is "I share some of my contact info with you as long as I can control how you use it (e.g. look but don't re-share, I can revoke it later, etc.)." Facebook allows that kind of control by preventing data export.
Facebook allows that kind of control by preventing data export.
In other words, "If everyone uses Facebook for their data control needs, we'd all have perfect data control."
This sounds suspiciously like an argument for DRM, which all end up failing and being bogus. Remember those email client plugins that would keep people from printing or remailing an email, that would have only worked if just everyone you sent something to had it installed?
Laugh while you can. During the Buzz launch, I recall Google found it just as hard to negotiate the intrinsically tricky balance between privacy and openness. There is a real trade-off between the two in products that allow you to share information with groups larger than one.
Would anybody like to actually read the words, understand them, and engage with the argument they contain, rather than snark about how FB == teh hatez? The meat of it is:
"Each person owns her friends list, but not her friends’ information. A person has no more right to mass export all of her friends’ private email addresses than she does to mass export all of her friends’ private photo albums.
Email is different from social networking because in an email application, each person maintains and owns their own address book, whereas in a social network your friends maintain their information and you just maintain a list of friends. Because of this, we think it makes sense for email applications to export email addresses and for social networks to export friend lists.
Facebook Platform and the Graph API enable everyone to bring their own information to millions of sites and applications, including even Google’s YouTube."
He is talking out of both sides of his mouth though.
If Facebook exports a list of friends, what do you get? A list of names with no links? That isn't really useful. You either need email addresses or Facebook profile URLs to actually make a graph. What if your list is Billy Bob, Joe Smith, John Doe, and Mike Collins. How many of those are there are facebook? Dozens? Hundreds? It is meaningless.
If Facebook exports a list of all of the friends' Facebook profile URLs, that is a step in the right direction.
The graph API provides exactly what you are asking for. It doesn't provide friends' names, but FBIDs. http://www.facebook.com/profile.php?id=<id>; is the user's profile, and http://graph.facebook.com/<id>; is the public JSON for that ID. If you have an access token (on behalf of a logged in user), the graph API will also let you see other information for the user that you are entitled to see.
Have you ever used a Facebook Connect site, like Google's YouTube? Have you noticed you can find your friends on the site? This works because the service gets FBIDs of both logged in users and friends.
> Email is different from social networking because in an email application, each person maintains and owns their own address book, whereas in a social network your friends maintain their information and you just maintain a list of friends.
1) People are automatically added to my address book as soon as they email me. Maybe not my "personal" address book or whatever, but their address has been recorded regardless. This is not something I have to maintain, it happens as soon as you contact me.
2) If I change my primary email address I need to send out a blast mail to everyone who I might care to have my new address. A pain in the ass. I'd much prefer to have contact information pushed to me through, say, existing networks.
I honestly don't see a difference. I look at my address book as a "friends list" as well - just an annoying one that I need to keep up to date, instead of allowing my contacts to update as they need to. And if someone doesn't want me to have their contact information, why would we be friends in the first place? (I suppose you could fence off access to a select group, but really)
Facebook is being completely two-faced about this. They're obfuscating the situation by turning this into a matter of "Google-owns-mail," whereas "Facebook-owns-contacts". In other words, Facebook's stance is that users own contacts in Facebook, meanwhile users own email addresses in Gmail. The truth is: all this really boils down to is email addresses and nothing else. If you said, "No duh!" to that last sentence and you're still siding with Facebook, re-read that last sentence again and think about it. Let me explain.
According to Facebook: Facebook can get email addresses from Google, but Google cannot get email addresses from Facebook.
Huh, does this sound fair?
I see the gears in your are head turning, stop thinking about this as a matter of "Gmail users own email" vs "Facebook users own contact lists."
That Facebook argument is fallacious because it's a lot like saying, "If Google were to deal drugs, it'd be okay for Facebook to acquire said drugs from Google. On the other hand, it would be oh-so-bad for society if Facebook were to sell drugs, when they're actually in the matchmaking business." Whether or not it's morally reprehensible to distribute drugs, at least one's stance on the matter should be consistent. Don't insult a user's intelligence by turning this into a matter of business and occupation, which is what they're doing. This is a matter of email-contacts between parties A and B, and nothing more.
I don't think Google is as open as they COULD be, but they have a long history of doing a helluva lot better job than Facebook.
As I said to you earlier, why can't I, the user, download whatever data my friends make available to me, subject to whatever privacy controls the data is already under and (perhaps) to load restrictions or resource availability?
And this is the important point, I could do the same thing manually by visiting my friends' pages. So this is all about convenience for the customer, not about some crusading policy position.
If my friends don't want me to "mass export" "private" email addresses, they shouldn't leave them out where I can cut and paste them (and sell to 419 scammers, if I were the vengeful type). The same argument applies to all my friends' data.
That is a really fine line they are drawing there. You have access to the same information on both services and you acquire it in essentially the same way i.e. by the other party volunteering it. Facebook is effectively asserting that their users rely on the fine details of how the service works to maintain their privacy, even though Facebook has never had much regard for that principle themselves.
He is right about the "when it's convenient" thing though. If you want to adhere to a moral standard then great, do it, consistently. What other parties do is irrelevant.
And corporations morally crusading against each other is a complete joke. Corporations will slit your throat for a nickel. My stomach is not looking forward to the "who's less evil" war Google has started.
> Because of this, we think it makes sense for email applications to export email addresses and for social networks to export friend lists.
But a list of friends is useless without their emails or at least, their facebook ID which the dump doesn't give. Why can't you give a hash version of their friend's email?
Also, if I'm able to import emails from gmail or yahoo into facebook, I should be at least allowed to export those friends emails as it is proven that I already have them! If you allow users to import emails but you don't allow them to export those same emails, I'm sorry but that means Facebook is a closed silo.
Here's my problem: Since when is my email address your information? Why is it okay for you to hand it over to a complete stranger, just so you can play Farmville? I understand that there's always a risk that my email address might become public, but when the recipient is responsible, it's a violation of trust.
Yes, let engage with this position. I claim it's conniving double-talk: "Email is different from social networking because in an email application, each person maintains and owns their own address book, whereas in a social network your friends maintain their information and you just maintain a list of friends. Because of this, we think it makes sense for email applications to export email addresses and for social networks to export friend lists."
Hmm, so the (arguable) implication first is that an email address are more personal than a friend-name. They're more like photos, somehow. So sharing these is a more personal thing than just sharing the name of a friend. But then, email program should still export email addresses? (why, 'cause it's an "email program"!) I suppose then, a photo sharing program should allow you to export your friends' photos where-ever too??
The whole idea of what's appropriate to share is ill-defined and nebulous but this particular effort to draw a line is just a hoot... "Time flies like an arrow, fruit flies like a banana"
I'm trying to find a way to figure out how this line of reasoning wouldn't also apply to arguing that facebook shouldn't exist at all, and I'm not having much luck.
A friend won't care that you have their email address it's sorta expected, and one could also argue about whether an email address is even private information.
Or maybe Facebook could allow the export of some other friend identifier.
If, for example, you used the email of your friend to email them, you would have the address in your email program...
So Facebook is saying that it's OK that you could take the email address and put it in your email program and address book - but that automatically doing so is "just crossing the line"...
Who cares. Seriously, this stuff is very much inside baseball which is why Facebook doesn't even care to comment. Changing the icon on the Like button will generate far more negative PR than this ever will, and spawn 10,000 "OMG, I hate the new like button" groups.
They made up their contorted Social Expectation. Most of us have never really thought of what we expect our friends to be able to do with our information. I think we all assume that we trust our friends to occasionally share too much but you have to trust them to some point to just use their best judgement, even now they can go share your email anyway.
One way network grabs are cheap tactics. A user should be able to leave a network with the data that's been entrusted in them, just like with Address books, Calendars, or other trustingly shared data.
This is all about crippling the convenience of people leaving their network for competitors. You can already share with out permission, just not easily. This isn't about protecting our privacy, it's just about slowing down our power to go elsewhere at will.
Readit News
That's a convenient notion if you happen to work for Big #3b5998. But I think almost anyone would agree that it's really two people making a connection, and Facebook is just the middleman.
Apps like, um, FaceBook?
Deleted Comment
In other words, "If everyone uses Facebook for their data control needs, we'd all have perfect data control."
This sounds suspiciously like an argument for DRM, which all end up failing and being bogus. Remember those email client plugins that would keep people from printing or remailing an email, that would have only worked if just everyone you sent something to had it installed?
(Disclaimer. I may be biased by working for Google. But I'm also not opposed to switching from a BSD to GPL strategy to encourage freedom.)
Good luck with your new social product.
"Each person owns her friends list, but not her friends’ information. A person has no more right to mass export all of her friends’ private email addresses than she does to mass export all of her friends’ private photo albums.
Email is different from social networking because in an email application, each person maintains and owns their own address book, whereas in a social network your friends maintain their information and you just maintain a list of friends. Because of this, we think it makes sense for email applications to export email addresses and for social networks to export friend lists.
Facebook Platform and the Graph API enable everyone to bring their own information to millions of sites and applications, including even Google’s YouTube."
If Facebook exports a list of friends, what do you get? A list of names with no links? That isn't really useful. You either need email addresses or Facebook profile URLs to actually make a graph. What if your list is Billy Bob, Joe Smith, John Doe, and Mike Collins. How many of those are there are facebook? Dozens? Hundreds? It is meaningless.
If Facebook exports a list of all of the friends' Facebook profile URLs, that is a step in the right direction.
Have you ever used a Facebook Connect site, like Google's YouTube? Have you noticed you can find your friends on the site? This works because the service gets FBIDs of both logged in users and friends.
> Email is different from social networking because in an email application, each person maintains and owns their own address book, whereas in a social network your friends maintain their information and you just maintain a list of friends.
1) People are automatically added to my address book as soon as they email me. Maybe not my "personal" address book or whatever, but their address has been recorded regardless. This is not something I have to maintain, it happens as soon as you contact me.
2) If I change my primary email address I need to send out a blast mail to everyone who I might care to have my new address. A pain in the ass. I'd much prefer to have contact information pushed to me through, say, existing networks.
I honestly don't see a difference. I look at my address book as a "friends list" as well - just an annoying one that I need to keep up to date, instead of allowing my contacts to update as they need to. And if someone doesn't want me to have their contact information, why would we be friends in the first place? (I suppose you could fence off access to a select group, but really)
According to Facebook: Facebook can get email addresses from Google, but Google cannot get email addresses from Facebook.
Huh, does this sound fair?
I see the gears in your are head turning, stop thinking about this as a matter of "Gmail users own email" vs "Facebook users own contact lists."
That Facebook argument is fallacious because it's a lot like saying, "If Google were to deal drugs, it'd be okay for Facebook to acquire said drugs from Google. On the other hand, it would be oh-so-bad for society if Facebook were to sell drugs, when they're actually in the matchmaking business." Whether or not it's morally reprehensible to distribute drugs, at least one's stance on the matter should be consistent. Don't insult a user's intelligence by turning this into a matter of business and occupation, which is what they're doing. This is a matter of email-contacts between parties A and B, and nothing more.
I don't think Google is as open as they COULD be, but they have a long history of doing a helluva lot better job than Facebook.
http://news.ycombinator.com/item?id=1887085
And this is the important point, I could do the same thing manually by visiting my friends' pages. So this is all about convenience for the customer, not about some crusading policy position.
If my friends don't want me to "mass export" "private" email addresses, they shouldn't leave them out where I can cut and paste them (and sell to 419 scammers, if I were the vengeful type). The same argument applies to all my friends' data.
He is right about the "when it's convenient" thing though. If you want to adhere to a moral standard then great, do it, consistently. What other parties do is irrelevant.
And corporations morally crusading against each other is a complete joke. Corporations will slit your throat for a nickel. My stomach is not looking forward to the "who's less evil" war Google has started.
But a list of friends is useless without their emails or at least, their facebook ID which the dump doesn't give. Why can't you give a hash version of their friend's email?
Also, if I'm able to import emails from gmail or yahoo into facebook, I should be at least allowed to export those friends emails as it is proven that I already have them! If you allow users to import emails but you don't allow them to export those same emails, I'm sorry but that means Facebook is a closed silo.
Dead Comment
Hmm, so the (arguable) implication first is that an email address are more personal than a friend-name. They're more like photos, somehow. So sharing these is a more personal thing than just sharing the name of a friend. But then, email program should still export email addresses? (why, 'cause it's an "email program"!) I suppose then, a photo sharing program should allow you to export your friends' photos where-ever too??
The whole idea of what's appropriate to share is ill-defined and nebulous but this particular effort to draw a line is just a hoot... "Time flies like an arrow, fruit flies like a banana"
Or maybe Facebook could allow the export of some other friend identifier.
Email address abuse is extremely common however, so public should not be the default.
If, for example, you used the email of your friend to email them, you would have the address in your email program...
So Facebook is saying that it's OK that you could take the email address and put it in your email program and address book - but that automatically doing so is "just crossing the line"...
The arguments put forth either stand on their own or they don't. The fact that they came from a Facebook engineer is irrelevant.
He's explicitly accusing Google of committing a crime they didn't commit, even as he himself is guilty of it.
Sounds very noble but I suspect this is far from Facebook's "most important principle."
Deleted Comment
One way network grabs are cheap tactics. A user should be able to leave a network with the data that's been entrusted in them, just like with Address books, Calendars, or other trustingly shared data.
This is all about crippling the convenience of people leaving their network for competitors. You can already share with out permission, just not easily. This isn't about protecting our privacy, it's just about slowing down our power to go elsewhere at will.