Many people have put forward the benefits of decentralizing social networks. Some of the more prominent ones are Tim Berners-Lee and Dave Winer. Today I came across a post by Jens Alfke where he argues in favor of decentralizing social networks. Actually he goes in step forward: “… I believe that implies that a very Facebook-like social network could be built as a distributed architecture that didn’t rely on a central server or organization. It might not even look that different; you’d just notice (or not) that, as you surfed from one friend’s profile to another, the domain name in the address bar changed.” He goes on to suggest the benefits of decentralizations. And he concludes with, “I think we may be at a tipping point now — people seem to be increasingly aware of the problems that centralization brings, and in their aftermath I keep running across discussions of how it should be possible to do this stuff without pesky corporate overlords messing it up.”I could not agree more. EnThinnai is our attempt on delivering on this objective.He also makes another interesting observation. He notices that Facebook “has no visible identifiers for user identities.” He opines that since Facebook is a social network, there is no need for universally unique identity. It is enough for the identity is uniquely resolved within each user’s social graph. Since EnThinnai is a distributed network, it goes one step ahead – it allows a user to assign names for each of the buddies. Thus I am “Dad” for my daughter, “Hubby” for my wife and “Pointy Head” for that person. The names have only local significance, but universal identity is maintained by OpenID.
We read more and more stories of users expressing concern about Facebook’s recent ad program called Beacon that monitors users’ activities at partners’ sites and report the friends in Facebook. Some are concerned that friends are notified indiscriminately and others do not want even Facebook to be notified by the partner sites in the first place. People expressing concern spans the full spectrum of technical capability and or disposition.
Martin Geddes wonders how to balance the need of his privacy sensitive mother to stay in touch with former colleagues, with the fact that Facebook is a “serial privacy violator”. Business Week states that “Some threatened to move to other social networks or start their own blogs if Facebook takes that decision out of their hands.” As an example, it quotes Matt Flaschen, a Georgia Tech sophomore as saying, “I will set up my own blog. It is a little less convenient, but if [Facebook] can’t understand the privacy implications of what they are doing then it’s not worth it.”
Then there is Matt Mower, who goes to the heart of the matter. In a recent post he states: “I think Facebook and the rest have gotten an overinflated view of their importance to us. What, after all, do they actually do? They run a website with some gadgets on it. … Nothing about their site is particularly rocket science or even innovative. … But, as with blogging, I believe we don’t need large corporations to do social networking and, in bringing the network back under our control, we gain benefits and protection from interests other than our own.”
Right on Matt. We are in agreement. Indeed EnThinnai is an example how it can be done without ceding control to an external party. But we need encouragement and support.
In today’s post “Phoneboy” talks about the need for a federated identity in the context of Jangl. He frames the context by describing the need for correlating his identity in Facebook that Jangl recognizes with his native Jangl identity. Even though Jangl is willing to do this correlation, he observes that it has taken a bit longer than he would have liked. He then extrapolates the difficulty one would have if it involves more than one company. By explicitly identifying me, he considers the role of OpenID. Of course if the involved sites use OpenID as the authentication mechanism and the user uses the same OpenID in these sites, the problem is moot. But he recognizes the possibility that for a user to use different OpenIDs in these sites. This brings up an important feature that must be implemented by a site that accepts OpenID for authentication.
Since the OpenID provider is an external entity, a failure at that provider will lock the user out of the service provided by the relying party. This is not an acceptable situation. So, any site that supports OpenID for authentication must allow for the users to associate multiple OpenIDs with a single account. This should be one of the best current practices. Once this becomes a standard operating procedure, then OpenID will meet Phoneboy’s needs while addressing his concern. (EnThinnai does not do this currently and we recognize that. It is in our roadmap to add the capability to allow multiple OpenIDs with a single account.)
By the way, I wish the OpenID community deemphasizes the single-sign-on aspect of OpenID. The real benefit of OpenID is that with it we can separate the Identity provider with the service provider. One can derivatively use a single identity at multiple places, but this should not be the primary benefit.
In preparation of Internet Identity Workshop, Johannes Ernst is soliciting discussion questions. One of the sample questions he poses is “How do identity providers make money?” He goes on to state that, “The answer is very much still in the air.” ID providers like Vidoop have some plans because they plan to offer some rewards to their affiliates. Though I do not have any official details on their plans, one could guess that it is displaying ads as part of the pictures they display during the authentication process. Here I am suggesting an additional source of revenue. As we do in EnThinnai, identity can be used to enforce a whitelist. But then there will be times when we would like to deal with a person outside of the whitelist. So consider the case of B not in the whitelist of A. In this case, A can demand and B can post a bond to circumvent the whitelist filter. After the initial contact, if A is satisfied, A can release the bond. For this service the ID provider can charge a service fee to B. This will be a way to put some weight behind the current level of authentication.
This morning the chatter level is high regarding Wall Street Journal story regarding Google’s GDrive. It is not clear what the excitement all about is. After all Google is already providing me a storage space of 5GB, via GMail. Without minimizing its benefit, the difference will be only in the UI. But what will be nice is if they offer something like a micro instance of Amazon’s EC2. Suppose the instance is 100th of AWS EC2, it will cost a user only $1 a month to run their instance of EnThinnai. Imagine if Google can manage to offer it in lieu of running ads. Then we can have distributed social networking and run our own telephone service. I hope they offer something like that soon.
Concerns have been raised regarding who owns the content generated and shared by users in public networks like Facebook. For example, Dan York notes in a post from July that for all the desirable qualities of Facebook, the data can freely flow into but can not easily flow out of such networks. Furthermore he observes that users can share only among others in the network. In an earlier post, he had stated that all these modern networks look more and more like old e-mail – they are all walled gardens. He hopes that just as SMTP opened up email across enterprises, some protocol development brings down the current set of walled gardens. Recently, Rich Tehrani also expressed this opinion when he compared the current crop of social networks to AOL of a generation back.
Related to the question of who owns the user generated content is the question of privacy. This question has become critical with the recent announcement from Facebook regarding their ad placing program that they call Beacon. Many people like D. Weinberger, Fred Stutzman and others they reference have expressed their concern on privacy issues. In a more recent post, Dan York references a video from the Privacy Commissioner of Canada.
We at EnThinnai share these concerns and are betting our sweat and equity that such concerns are valid and are widely held. EnThinnai is architecturally designed so that each user’s data could be isolated with the user deciding on the set of people who can have access to each piece of the data. You can get details on this from the presentation available in the previous post.
One of our business plans call for a hosted service model. Even in that model, the user will have control over the data and the extent of privacy will be determined by the users. We subscribe to the principles of Attention Trust.
If you also share these concerns, please take detailed look at EnThinnai. If you have concern with some of our decisions, please leave a comment. We will address them. But we are confident that you will like what you see; in that case please spread the news. We can use all your encouragement.
A couple of weeks back I presented a talk at VON Fall 2007, that abstracts the service objectives and the driving philosophy behind EnThinnai. Here it is (a feeble attempt at emulating Lessig style presentation):
In a whimsical mood, I had tagged EnThinnai to be an un-social networking application, in the spirit of uncola campaign from the 70’s. Many didn’t react positively to this tag line as they were equating to “anti-social”. So we have decided to disuse that tag line, even though it has been a conversation starter. Since the original commercial is a personal favorite of mine, I want to share it with you and explain why I first thought of that tag line.
You see, EnThinnai has many of the features people associate with social networks – social graph, Presence information, sharing digital life like photos and videos. So it is “wet, wild … and all that.”
But it has lots of uncola nuts. For one thing it uses OpenID exclusively for identification. This means, users do not have to go to a third party for assigning user name and be dependent on them for ever. Your friends do not have to be registered with that third party to be declared your “friend”. There is no walled garden anymore. Or rather, any wall that is there, it is erected by you and not an external party.
Second, your network is under your control. All the data – your social graph, the data you have uploaded to be shared with your friends and the Attention Data are all yours. You do not worry about losing control of the data or ways of porting to another place and all that.
Like this there are lots of marvelous little things. Try and explore the features of EnThinnai. You will say, “Marvelous! Absolutely marvelous!”
Yesterday Oracle launched an internal social networking application (Hat tip: Anne Zelenka) called Oracle Mix: “Mix is our combination social network, idea sharing site, group collaboration tool, and answers forum.” Interestingly, when the initial planning stages, the team was bombarded with many questions. One of the interesting one was: “Would I be able to invite customers into this network?” Any application targeted for the enterprise market needs to address the conflicting requirements – the need for safeguarding proprietary information and the ability to share information with customers and temporal business partners. One of our targeted market segment is the enterprise market, we need to address this question as well. On the one hand users must be able to add people outside of the enterprise and share information with them; at the same time, their access must be restricted in a discrete way. We meet this objective in two ways. We use OpenID for authentication. Since OpenID is user-centric, enterprises need not be concerned with managing authentication mechanism; also a person who may partner with multiple enterprises can use a single id to belong to all their networks. Secondly, EnThinnai subscribes to the philosophy of “default deny”. Because of this, a user will be able to control the access to every data. This gives the user the ability to share some with their external partners while denying access to others.
In a post yesterday, Saul Hansell wrote in The New York Times’ Bits Blog that Google and Yahoo are planning on using email as a backbone of a social environment. As a concluding thought he stated that, “running social networks is like starting nightclubs” and since Google and Yahoo already have hundreds of millions of customers, they “can get a fair number to stop and chat” in their new “nightclubs”. In an unrelated post, Jeff Pulver equates his recent net experience (thanks to Facebook and Twitter) to being inside “social media living room”. Indeed his subsequent description suggests what he really means is that even though he is in his living room, it is as if he is in a popular, public place where he can meet thousands of people. And he is inviting everyone to visit him there. For every thousand such people, there are people like Mark Evans, who would like to have a better control on their social graph. Mark not only wants to prune the tree to a manageable size, he wants the virtual graph to reflect only the graph that he has formed outside of the virtual social network. As Mark recounts it, Om Malik also expressed the same opinion. Some of the comments to his post seem to be in agreement.
For us at EnThinnai, this is a development we have been betting on. We felt that people will prefer to identify as “friends” whom they “know” otherwise. Accordingly, the application does not identify or locate the possible pool of friends. The users have to locate and identify them based on their contacts external to this application. We also feel that some of the potential friends may not prefer to use our application. Accordingly, we do not require the friends to be registered users of this application. Luckily for us, the user-centric identity mechanism OpenID allows us to meet this requirement. Even among friends, we suspect that users would like have much finer control on the information they share. This prompted us to allow our users to identify which friends can access each piece of data. These are some of our differentiators.
Update: I meant to add reference to one other item, but I omitted when I drafted this post. A couple of days back, Rich Tehrani observed that “… social networking sites are like the AOL for our children. They are an encapsulating experience which one might call AOL on steroids. It just goes to show you how cyclical ideas are in the computer space. We refer to a site like Facebook as a Web 2.0 site but it really isn’t anything more than an AOL experience with some fancy new features.” He further states that, “Remember convincing your mother and/or father that AOL was a crutch and you didn’t need it to surf the web or have an e-mail account?” We are hoping that EnThinnai is but a first attempt in migrating to the open Internet from a walled garden.
