This piece was updated 4/29 -- see addendum below:
One piece of advice for Facebook CEO Mark Zuckerberg whenever he meets with New York senator Chuck Schumer over the social network's privacy: bring a translator, who can explain
technology in layman's terms. Because most of the world -- including some very influential organizations, and millions of Facebook members -- have no idea what the Open Graph does, or doesn't do.
In case you hadn't heard, Zuckerberg is meeting Schumer, a senator who has rarely found a consumer protection bandwagon he couldn't jump on, over the new Open Graph social plugins that Facebook
announced to great fanfare last week, including from the Social Media Insider. News of the meeting
comes one day after Schumer and three other senators wrote Zuckerberg expressing concern over "instant personalization," which is at the heart of the Open Graph initiative, since it lets users see how
their Facebook friends have reacted to content on other sites, while they are on those sites. Of particular concern to the senators, according to The New York Times, is "that this feature will now allow
certain third party partners to have access not only to a user's publicly available profile information, but also to the user's friend list and the publicly available information about those
friends."
Meanwhile, MoveOn.org has started a "Respect My Privacy" group on Facebook, currently at about 21,000 members, which says:
"[Facebook has] launched a new program that shares info about you and your friends with external websites-whether you want them to or not.
"They're calling it 'instant personalization.'
We're calling it a major violation of your privacy. Again.
"Facebook is testing this new scheme with a small group of partners, but they're hoping to expand to more sites. We need to make
it clear now that using our personal information without our permission is not acceptable."
Scary, huh? Except it doesn't look like either the senators', or MoveOn's, interpretation
of instant personalization is true. According to my understanding of Facebook's announcement last week, and the Facebook blog, this isn't happening. The blog, in answering the question about what
information Facebook is sharing, said:
"None [emphasis theirs] of your information-your name or profile
information, what you like, who your friends are, what they have liked, what they recommend-is shared with the sites you visit with a plugin. Because they have given Facebook this 'real estate' on
their sites, they do not receive or interact with the information that is contained or transmitted there. Similarly, no personal information about your actions is provided to advertisers on
Facebook.com or on the other site."
This gap in understanding (and I'm going to leave open the possibility that even my own research is leaving something out) is why Facebook is now
facing its "death panel." Like the misinformation in the healthcare debate that turned end-of-life consultations with doctors into a belief that the government would decide when to off Grandma, the belief that Facebook just opened its databank to third-parties is taking on
a life of its own. And, unless Zuckerberg & Co. hire a translator, this belief is going to persist. In fact, it's even possible that "Facebook privacy" has become an oxymoron to so many people by now
that hiring all the translators won't make a difference.
The problem, in addition to Facebook's customary naiveté about how people will perceive its actions, is that technology has
become so complex that it's hard for many people who use it to understand how it works. That can be viewed as mildly disturbing when a consumer is cookied and the sharing of data is anonymous, but
it's at a whole new level when a new technology -- such as Facebook's social plugins -- makes it appear as though you and your best Facebook friends have shared your digital fingerprints with the
staff of Yelp or Pandora.
If you were a layperson, and you were just going on appearances -- as in what a site that has enabled social plugins looks like when you log on - of course you
would assume that, in order for a Facebook frame to reside on a third-party site, that site must also have access to your information. After all, you're seeing your information on their
Web page. It's very simple to understand, even if it isn't true.
But Facebook still hasn't learned to think like a person who doesn't know html from Hotmail, which, since it's now
at almost 500 million users, probably represents the vast majority of its customer base. The entry on the Facebook blog I referenced above didn't show up until Monday, five days after Facebook
announced the program. Meanwhile, it has largely let external sources, such as GigaOm, walk people through how to turn off instant personalization. It should have taken the lead on both counts, even
if helping consumers opt out hurts its business plan. The social Web is all about transparency ... isn't it?
I've taken a considerably darker tone in this week's column about the Open
Graph as compared with last week's, written only minutes after the announcement. I'm still enthusiastic about the technology and what it can do, but, if Facebook doesn't get better at explaining what
it's doing, even the best engineer in the world won't be able to code its way out of the killer virus it's dealing with right now -- which is misperception.
Addendum: OK,
there is a loophole that makes what Schumer and MoveOn are concerned about real. The 11th (!) question on the Facebook blog post, asks "Why does a blue bar appear on some sites
telling me it's being personalized by Facebook?"
The answer: "Separate from our social plugins, we have established a small pilot program with an exclusive set of partners-Microsoft Docs.com,
Pandora and Yelp-to offer personalized experiences as soon as you visit those services. These partners have been given access to public information on Facebook-such as names, friend lists and
interests and likes-to personalize your experience when you're logged into Facebook and visit their sites." (You can read more of it here.)
On the one hand, obviously, I regret the error. On the other, I'm not at all surprised -- and I don't regret it the way
I normally would. Why? Because, the whole time I was writing this week's column -- even after studying what Facebook was doing, watching last week's F8
keynote several times, and reading more about it over the last week -- I realized its complexity meant there was a much higher possibility than normal that I would make an error, for just the
reasons I stated in the column. I also knew there was the possibility that even if there was a loophole concerning whether Facebook is sharing data, that most users wouldn't make the distinction
between those sites and ones running a plain vanilla social plugin, so whether I was right or wrong, the "death panel" analogy would still make sense.
In fact, though MoveOn uses the term
"instant personalization" to describe what Facebook is doing with Docs.com, Pandora and Yelp, that's not the way Facebook director of products Bret Taylor used the phrase during the keynote. He
described "instant personalization" in reference to social plugins.
Further, though Zuckerberg mentions this pilot project 35 minutes into the keynote, he's not particularly forthright
about how it works. He speculates about what it might be like if a few "trusted" sites "already knew the public information about all of their users" before launching into a demo of Docs.com. Maybe
Zuckerberg's use of the word "public" is different than mine. If you look at the answer to the question above, you see that what he really meant was "public within Facebook." Most of us would think he
was referring to data that was already in the public domain.
Unfortunately, since none of us can get the terminology right, or what it relates to, this only proves my point. Thanks to my
MediaPost colleague, Wendy Davis, for pointing out the loophole.
(Editor's Note: OMMA Social NYC, scheduled for June 17, is shaping up. Take a look.)