Conversations about privacy are an increasingly vital part of any planning process for a membership-driven website. Having been engaged in such a conversation for a new project and fielding support emails for an existing one, it’s been on my mind quite a bit lately.

We’re all managing a lot of personal data, whether we’re running sites that might be described as “social networks” or simply a blog that provides a way to connect up a commenters contributions. On any new project questions inevitably come up about whether or not users should be able to hide their profiles or specific pieces of information, often influenced by the way facebook’s closed walls give a sense of privacy by not letting google index profile data. I’m given to thinking that facebook’s approach has actually hurt such discussions, by implying a level of privacy they don’t really offer.

The problem is that approaches like facebook’s are far more about an illusion of privacy than any actual protection. The artifacts of our online presence, our comments, our photos, etc. and perhaps more importantly our friends’ comments and photos, are never going to be entirely shielded just because we can hide our profiles, but hiding profiles can make us think that protection is there. Similarly attempts by some sites to hide profiles from users who aren’t logged in offers an illusion. Because there’s a hurdle to see your profile it’s tempting to think that it’s protected, but that’s simply not the case.

Our designs need to guide people to be careful about what they’re putting in their profiles rather than having those profiles hidden, and to remember that their online artifacts will last even if the attention given to them dips from its initial high. Unless we’re providing something much more secure than a “hidden” profile, we should avoid the implication that our tools (rather than their behaviour) are what will offer privacy.

[Obviously there are some cases where our architecture needs to work harder to offer privacy, but that's far from the general case]

Recommend this post:

Whether or not you should build your own social networking site and/or make use of sites like facebook is currently a hot topic within the not-for-profit web developer/consultant world. The launch of sites like Amnesty International’s “unsubscribed”, which bears many hallmarks of a social networking site, combined with growing attention for facebook campaigns and tools like SuperBadger bring the options and potential into clear focus. Elizabeth Dunn’s post last month “social networks, walled gardens, and decision trees” makes a compelling argument that non-profits should be focussing on these questions now even if they’re not key for their current audience: sooner or later they will be and you don’t want to be playing catchup.

There are certainly many advantages to having your own social networking site. A facebook or myspace presence may attract attention, but the data you’ll be able to gather about your supporters and the potential for inserting your own branding are limited. Set up your own social network and you have full flexibility to integrate that data with your supporter databases, and to tune the site to your very specific requirements. But not only are they a significant investment of resources, there’s also a significant cost of time for supporters who will need to sign up for yet another site, identify their friends once again and give their attention to even more online data. Online campaigning’s great strength so far has been its low barrier to entry; for cause-specific social networks to really make sense their barriers need to fall.

That desire is definitely not unique to non-profits. As Brian Suda’s “Portable Social Networks: Take Your Friends With You” highlights, finding ways to let users move their data from site to site is a hot topic across the web development world. Sites like traveller network dopplr have succeeded in part by letting their (so far highly tech savvy) users import data from other social networks such as twitter. The real breakthrough will be when the mass-networks of the moment (as facebook is today) become similarly open. That won’t make it easy, but it will mean that there is suddenly a huge audience who can become fully signed up for your site with just a couple of clicks.

Right now most efforts hinge on a set of emerging standards, two of which will be familiar to anyone who’s been reading this blog for some time but which bear some more attention. There’s plenty of information around the web on these so I’ll just touch on them briefly:

Microformats are a way of taking plain old HTML and, by following some conventions, adding meaning to the content that could be understood by machines. While a human might be able to look at some information and infer that it is describing an event, machines aren’t so good at that, so we need standardised ways to say “this is describing an event, that bit is the date,” or “this link is to the homepage of my brother.” There were already ways to do that, but it involved adding extra things to your website. With microformats, so long as you (or your content management system) follow some simple conventions when creating a page, a machine can get the content out of the page as easily as a human reader can. That lets us identify friends/contact lists in a portable way, among other useful functions.

OpenID is a way to get rid of the frustration of having to create a username and password for every new site you visit. Instead when you visit a new site that you want to sign up for, you enter a URL that is your OpenID and that site will check with a central system (which may require you to log in) whether you do in fact own that OpenID. Rather than having to remember dozens of usernames and passwords, you’ll probably just have to remember one URL, one username, and one password. And because you’re using that same OpenID for lots of sites, when you sign up for a new site you can be identified on others. So if you sign up for a new site I’ve created using the same OpenID you use on livejournal my software can identify you on livejournal and import your posts from there. So there’s less work for you to tell that new site you’re creating a profile on how to find your blog and to import the posts, and an easy way to make your profile active and informative.

OAuth is the newest of the standards and goes hand-in-hand with OpenID. It allows you to grant one web application permission to access certain parts of your data in another application without giving your usernames and passwords all over the places. If you’ve ever used a site that redirected you to flickr to get your permission to do something with your photos, you’ve seen something like it. If OAuth is widely adopted, no longer will you have to give every social networking site your webmail username and password in order to have your address book checked for other users of the site, simply trusting that they won’t abuse it. Instead, it becomes easy to give a one-off permission while keeping your details as secret as they should be.

What these pieces add up to is a significant reduction in the psychological hurdles that might prevent your supporters from joining your new social network. Instead of pouring hours into their friendster profile only to find everyone has moved to myspace, and so not signing up for your site because they’d have to go through the whole process all over again, they can sign up with their OpenID, perhaps grant you a few permissions with OAuth (knowing that they’re not handing over the keys to their email, online photos, or whatever) and be signed up with an already complete profile.

In other words, persuading people to sign up and build their profiles is no longer the issue and you can focus on providing them with compelling reasons to keep coming back.

So if you’re wondering whether now is the time to start building out your campaign’s fancy new social networking site, it just may be, but chances are a few months from now will be a better time. As OpenID and OAuth become better established—and maybe even get adopted by some of the big players—your life is going to be easier and provided you pick web developers who’ve been keeping up you’ll be able to focus on your campaign strategy rather than coaxing visitors to spend another few hours re-entering the same old details.

Recommend this post:

A number of people have been linking to Jeremiah Owyang’s presentation at the Web Community Forum (I think I found it via Beth Kanter). It’s a good overview of the pros, cons and options for using facebook to promote a cause, campaign or brand, and well worth some time if that’s your focus.

There are two pieces from his presentation that I wanted to pull out. The first appears to be a recurring theme in his work on web strategy, centered on the acronym POST. That breaks down into:

People

assess you customers’ Social Technographics profile

Objectives

Decide what you want to accomplish

Strategy

Plan for how relationships with customers will change

Technology

Decide which social technologies to use

The third and fourth of those are particularly good to see. Not only do you need a strategy, but you need to recognise that your relationship with your customers will change when you engage them in a new medium. Too much of the focus on using Web 2.0 to promote a cause has focussed on other ways of putting across a message. It’s simply a translation of “if you’re not everywhere, you’re nowhere” from offline to online media. But part of the promise of the web lies in the fact that it’s no longer your job to get yourself everywhere. Instead you need to build stronger relationships with key stakeholders and they’ll then spread the word if they want to. You just need to look at facebook for evidence — you can put all the time in the world into building a profile, group, application or Page, but unless people want to friend you, use your app or call themselves a fan, your message won’t be seen.

Looking to the future it was also good to see the reminder “Don’t limit to Facebook,” summarised with the bullets:

• Brands should not limit strategy to Facebook Alone
• Prepare for The Distributed Web
• Understand OpenSocial
• Understand the Aggregation of Social Graph
• Tools come and go, what sustains is a strategy

Beth has some good points about building on that last one, but I was just glad to see a perspective looking beyond the current dominance of facebook. If the announcements in the web world over the past couple of months about technologies like OpenID, OAuth and OpenSocial are anything to go by, 2008 is going to bring some significant changes in the world of ’social networking sites.’ (I’ve had a draft on that topic sitting around for far too long, hopefully I’ll get it finished and posted this week!)

Recommend this post:

Third Sector have a report today about MyCharityPage, “a new website billed as the sector’s answer to Facebook”. The site is currently just showing a page to sign up for notifications, so any reporting or commentary is likely to be speculation, but I have to say I find the whole thing rather puzzling.

Special interest social networking sites are far from new. Whether it’s last.fm for music, flickr for photography or dopplr for travellers there are plenty of examples around the web. One of the strengths of those sites, however, is that they don’t describe themselves as or set out to be a “facebook.” They each focus on serving their niches and doing what they do very well. In the case of dopplr, it’s very clear that they see themselves living alongside other social networking sites by providing excellent tools for importing your contacts from other places, and displaying your dopplr data outside their site.

It may well be that MyCharityPage sees itself in a similar way and that the copywriters or reporters got a little carried away. It wouldn’t be the first time that reports were written about the web that tried to compress it down to variations of the site-du-jour. But the emphasis of the reporting on MyCharityPage also makes it seem like a strange proposition as there are already so many options for charities to reach out to supporters on existing sites (where they already are) that it hardly seems worth the effort of already overstretched web communications officers to set up profiles on a site that is solely focussed on the sector and so unlikely to bring in new supporters.

Just as for musicians, what would seem helpful would be a site that set out to help charities manage their profiles and activities across the burgeoning world of social networking sites. That may well have the spin-off of also hosting profiles for those charities, but it would do it by simplifying their operations rather than adding yet another point of focus to an already crowded landscape. Maybe I’ll be pleasantly surprised by MyCharityPage, but I’m already hearing enough commentary from people who are confused about where to focus their limited resources that it will take a lot for MyCharityPage to impress.

Recommend this post:

Facebook appear to have given in to pressure over the debacle I wrote about a few days ago. According to their announcement:

Users must click on “OK” in a new initial notification on their Facebook home page before the first Beacon story is published to their friends from each participating site. We recognize that users need to clearly understand Beacon before they first have a story published, and we will continue to refine this approach to give users choice.

That’s definitely progress and will assuage the fears of many users. Unfortunately, as the unofficial facebook blog points out they are still storing data on your shopping preferences, even if they’re not displaying them. You can get around that by changing various settings in your web browser, but there’s no easy way to opt out.

Reactions around the web have been mixed: Some are advocating quitting facebook entirely (or as close to entirely as is possible, you cannot completely delete your account), while others continue to question whether most facebook users are concerned.

I quite like the idea that if facebook are going to use advertising they should target it based on what I’ve told them are my interests and who I’ve identified as my friends. So far, they’re doing a pretty poor job of that as I’ve yet to see an advert on there that interests me, but that’s data I’ve consciously given to them, and it’s my responsibility to moderate that if necessary. The problem is when I may be giving them more data than I realise because of who their partners are. That’s not an entirely new situation for the web —think of all the sites operated by yahoo or google — but so far it’s at least been limited to sites within specific networks.

For those who use facebook socially, it’s well worth considering how much you want facebook (and their investors) to know about you and what measures you can take to limit that if necessary. For those using facebook for promotion it’s well worth considering what your audience’s reaction is likely to be to this situation, to be clear about how you’re using data gathered from facebook, and to think very carefully about these issues before touching the social ads system.

Recommend this post: