There are a lot of people beating up Facebook for their supposed privacy issues. I am not one of those people. Does Facebook have issues? Sure, no company or website is without issues. However, Facebook is the poster child for our current centralization cycle. Information technology has gone through these cycles before. We were mainframe centric, then PCs distributed some of the computing power. Then AOL became the internet for most people, which was followed by a more open internet with various search engines and email providers. Now, we are centralizing again as people try to find the place to store their identity. Facebook hit a home run with their service as everyone seems to have a Facebook account. Facebook is so large, that I have even argued that they are now infrastructure for the future.
However, in order to be infrastructure, Facebook realized that the walled garden approach would not work in the long term. They needed to become more open, and their steps in this process have caused much of the privacy angst. Jesse Stay has an excellent perspective on how Facebook broke our trust:
The problem with starting out private is that users are being tricked into thinking their data will never be exposed. It’s too difficult to know what is open, and what is private. Sure, privacy controls are cool and all, but what good are they if no one knows how to use them and everyone just assumes that everything they put on the service will remain between just them and their “friends”?
However, he does not continue down the same privacy road as others, he takes a different direction saying that these steps were needed:
Privacy is good. So is openness. Identity is good. Anonymity is not. By making Facebook a more open place, they are encouraging us, as a society to be more open about what we share.
So, openness from Facebook is good for the users. Openness from Facebook is also good for developers. As I mentioned earlier, if Facebook wants to become infrastructure. In order to do that, you must provide openness in the form of APIs and other hooks. By providing these capabilities, Facebook is providing developers the opportunity to interoperate with Facebook. People can create open source versions of the API so that other sites may conform to the standard without completely giving in to Facebook. By allowing this level of interoperability, Facebook is basically giving us a way to build applications that may lure some users away from them.
The big problem here will be decentralizing identity again. Blaine Cook has an excellent post on identity where he says “the centralisation of identity is stifling innovation on the web.” I do not agree with stifling innovation, but it may be hampering it. Thankfully, there are many people looking at identity and authentication. We already have OpenID, OAuth and XAuth as functioning standards. There are also newer technologies for identity like WebFinger (Google Group) and Mozilla Account Manager. The biggest hurdle for all of these technologies is adoption rate. Facebook already has a few hundred million users. Email providers could have been the identification source, but many had tied themselves to OpenID and nothing else.
Let’s take a different perspective on this. What if Facebook being the main identity provider is not a bad thing? If you go to a site and you login using your Facebook credentials, that provides a simple experience for the user. Given the new OpenGraph initiative, this site will be able to take advantage of your preferences within your social network as well. If other social applications start adopting the Facebook APIs, OpenGraph and other standards, then they could provide the same general experience as Facebook. Because of Facebook’s new found openness, these other sites could become your default social provider. As Facebook provides more openness, they give us more opportunity to define the future and decentralize again. This is not a bad thing.