Gowalla Archives - Stay N Alive

Privacy is Not an On and Off Switch – "Do Not Track" is Not the Answer

privacy-9756530Victoria Salisbury wrote an excellent blog post today on “Who’s Creepier? Facebook or Google?“.  I’ve been intrigued by the hypocrisy over criticism of Facebook’s own very granular privacy controls when sites like Google, Foursquare, Gowalla, Twitter, and others have an all-or-nothing approach with some things (location and email in particular) that are even more private than anything Facebook is currently making available at the moment (if you want some good examples read Kim Cameron’s blog).  The fact is that Facebook, despite the amount of private data available, will always be my last resort as a hacker when I want to track data about an individual online due to the granular control of data available, and lack of default public data.  However, despite all this, even Facebook isn’t at the ideal place right now in terms of privacy. The fact is my private data is still enclosed on Facebook’s servers, and with that, there will always be some level of risk in storing that data, no matter where it is.  So what’s the solution?

Browsers such as Mozilla and Chrome are now beginning to implement “fixes” around this problem of tracking data about users across online services (note my article on how even Wall Street journal is tracking data about users), called “Do not track.”  The extension, or in some cases native browser functionality, seeks to give users the option of completely turning off the ability for sites to track a user around the web, removing any personalization of ads and in some cases the removal of ads completely from the browsing experience.  This experience is fine and dandy – it gives the user an option.  But as my friend Louis Gray puts it, “all it does is ensure off-target ads with a crappy experience.”  It is clear an on and off approach is the wrong approach, and I fear those behind these extensions and browser integrations are missing out on an important opportunity.

So where can we go from here if “Do Not Track” is not the answer?  The answer lies in the problem I stated above – the problem being that individual user information is being stored on 3rd party servers, without the control of users and assumed risk of relying on a 3rd party.  We saw this as Facebook made a temporary mistake earlier in 2010 when they launched Instant Personalization on 3rd party websites along with other 3rd party website features, but in doing so accidentally opened up a majority of their users private information with little notice to users (I did get an email warning of the change, however).  Facebook quickly fixed the privacy problem with even better privacy controls than before, but by that point the damage was done.  It was proof positive that there is huge risk in storing private information on 3rd party websites.  The advice I give to customers and users and news organizations in interviews I give is, “if you’re not okay sharing it with the world, don’t share it at all, regardless of privacy controls.”  It’s an on or off solution at the moment, and I’m afraid there are no better choices.

There is a solution though.  Chrome, and Firefox, and IE, and every browser out there should be working towards this solution.  We need to take the granular controls that sites like Facebook provide, and put them in the browser.

Awhile back I spoke of a vision of mine I call “the Internet with no login button.”  The idea being that using open technologies (we already have Information Cards, for instance), the more private information about users can be stored in the browser, reducing the risk of that information being shared by accident with 3rd party websites.  Rather than something like Facebook Connect (or Graph API), for instance, a browser-driven version of OpenID would control the user authentication process, identify the user with a trusted provider (Facebook, Google, Religious institutions, Government institutions, you choose), and then be able to retrieve private information about individuals directly from the browser itself.

The fact is I already use tools to do some of this.  1Password, for instance, allows me to keep a highly encrypted store of my passwords, credit card, and other data on my hard drive and provide that data, as I choose, to the websites I visit.  A browser-native experience like this would make this process automatic.  I would specify which sites I give permission to have my data – name, address, phone number, email, location data, etc. – and I would also be able to choose what users have access to that data.  I could then choose to store my more public data on services such as Facebook and elsewhere, with the same option to still store it on my own hard drive if I choose.  With such a fine-tuned integration my more private information is completely in my own control.  My browser controls access to the data, not any 3rd party website or developer.

At the same time keys could be given to 3rd party websites to store my data on their servers.  In order to render that data, they need my computer’s permission to render the data.  The solution is not quite evident yet, but some how a trusted, separate service should be able to provide the permissions to render that data, and when that permission is revoked, all data, across all 3rd party websites, becomes disabled.  Or maybe just a few sites become disabled.  The goal being control is completely handled by the user, and no one else.  Maybe sites get disabled by my browser sending a “push” to the sites, forcing their data of mine to delete completely off their servers (or render useless).

Chrome and Mozilla have a huge opportunity here, and it’s not to provide an on or off switch for privacy.  I should be able to decide what information I want to be able to provide to ads displayed to me, and that data shouldn’t come from Facebook, Twitter, or Google.  My browser should be controlling that access and no one else.  Privacy belongs on the client.

I’m afraid “Do Not Track”, in the browser or by government, is no the answer.  There are better, much more granular solutions that browsers could be implementing.  It is time we spend our focus on a dimmer, not an on-and-off switch, for the open, world wide web.  I really hope we see this soon.

Now You Can Check in on Twitter Through Facebook Places

This post is syndicated from the SocialToo Blog – please check it out! I think this feature’s pretty cool:

Recently Facebook launched the ability for users to checkin to any place with their mobile phone, sharing with their Facebook friends where they are and what they’re doing, but what about their Twitter friends?  Services like FourSquare and Gowalla offer the ability for users to share their checkins to Twitter as well as Facebook (or just leave them on Gowalla or Foursquare).  Facebook, with the exception of Pages, has seemed reluctant to include Twitter syncing for Facebook status updates.  That is where SocialToo comes in.  Starting today, you can now sync your Facebook checkins automatically from Facebook to Twitter using SocialToo.

The feature is completely free for anyone on Twitter and Facebook. To enable the feature, just log in to SocialToo through your Twitter account, click “Settings”, and click “Associate a Facebook Account”. Once you have both a Twitter and Facebook account linked in SocialToo, go back to the “Inbox” tab, and check the box next to “Facebook to Twitter” in the upper-right. You can now check the boxes next to the things you want to share, including, “Autopost Places” to automatically post checkins from Facebook. Once checked, any new checkin you post on Facebook will now go to Twitter.

In addition to checkins, you can also automatically post links and status updates. Any checkin with a note attached will show the note as the text of the Tweet and a link back to the checkin on Facebook. To exclude the checkin from Twitter, just add a “-” after a space at the end of your note and it won’t go to Twitter. The same goes for status updates and links that you post to Facebook.  We are also considering the potential for an opt-in “+” in the future (let us know in the comments if this is interesting to you).

Hopefully some of you find this feature useful.  We think it’s a powerful way to let others know, now on both Twitter and Facebook, where you are and what you’re doing, and has the potential to generate some interesting conversation.  Let us know how you plan to use it!

More about SocialToo:

SocialToo provides features to complement the experience people, businesses, and brands, have on the social networks they participate on. We’re a utility providing tools to help automate the process of managing a brand image, while at the same time enabling users to clean up spammy messaging, track followers and friends, and manage those friends and followers in the process. Here are some of the features we provide:

  • Auto Follow – follow back the people that follow you or your brand, providing potential discovery and networking opportunities, opening up communication channels, and giving those that follow you a sense of belonging in your community

    • Auto Follow is a one-time $10 fee.

  • Automatic DM and Stream filtering – do you get spammy DMs on Twitter? We’ll delete them automatically for you. Set up simple filters with keywords in DMs you don’t want to receive, then set rules, such as “unfollow”, “delete”, or “ignore” to get rid of them. Turn off Twitter’s DM e-mails and turn on ours, and we’ll also respect your rules with the DM e-mails we send, meaning if you say “ignore”, we won’t send you the DMs that match your rules. In addition, you can filter out people that say certain things in your stream, or that Tweet from specific (and some times spammy) applications.

    • DM filtering is free up to 4 filters. Stream and Application filtering comes with the monthly SocialToo Premium plan. The monthly SocialToo Premium plan is $29.95/mo, and includes every feature we offer, including support for unlimited Twitter accounts (and all features for each). There is a 7-day free trial.

  • Bulk Unfollow – need to start over on Twitter? Unfollow all the people you’ve ever followed at once. Set a whitelist under “Friends” and you can exclude specific people as you do so.

    • Bulk Unfollow on Twitter is a one-time $35 fee.

  • SocialToo Stats – one of our most popular features, you get a daily e-mail with all the people that followed you and stopped following you the previous day on Twitter. We try to organize them by the Tweets we detected at the time of the unfollow or follow. We also provide additional information about each person and the ability to unfollow or follow them straight from the e-mail. In addition, for our monthly Premium users we provide an organized interface, showing a timeline of all your new follows and unfollows in a graph, your number of Tweets, and if you click through to any day it will show you the new followers and unfollowers for that day at any point we’ve tracked, along with your Tweets for that day.

    • The daily stats e-mail is a one-time $20 fee. The monthly SocialToo Premium plan is $29.95/mo, and includes every feature we offer, including support for unlimited Twitter accounts (and all features for each). There is a 7-day free trial.

  • SocialToo Surveys – a “Social” way of posting quick polls to your friends on Twitter and Facebook. Create a quick poll, and share it with your friends on multiple networks. Your friends can take the poll, share it with their friends, comment on it, or create their own!