Portable Profiles and Privacy: Choppy Ux Ahead
I’m always watchful for how the words describing goals and software features can influence the final form and flow of those features. If I think a part of the product’s vocabulary works against its brand or the kinds of outcomes it’s supposed to create, I’ll work to get it changed.
Last week, changing words brought something I’d been mulling over into much clearer resolution. This week, conversations at Open Web moved it to the point where it might be good to share here.
Food for Thought
At SxSW, almost exactly a month ago, I watched the lively Building Portable Social Networks panel discussion (expertly moderated by Jeremy Keith, I’ll add. He shares some thoughts on moderation with reference to the same panel). Shortly after opening remarks summarizing the goal to make our identities and relationships portable across different social networks, Leslie Chicoine stressed the magnitude of the challenges such capabilities will present to product designers.
That obviously caught my attention, but it didn’t get much traction in the discussion, and my hope for the group to circle back didn’t pan out. I took away a lot from that panel, but the what left me wondering most was Leslie’s concern about complexity and usability.
I’ll try to summarize the issues: a way to think about the goal of portable networks is to imagine online identities that knowing more about us, like the avatars we like to use or our relationships with other people. In that world, we can enter and act in new social networks with a consistent identity (if we want that) and our network of people following us across different networks. Among the strongest arguments for doing this is that it eliminates the need for people to re-find friends and re-block the not-so-friendly each time they settle into a new service. Putting all that in control of non-expert web users, making it relevant to their lives, making it understandable and accessible, is critical to realizing the potential of growing identity and authorization technologies.
It’s a Tricky Thing
How hard can all that be? Fairly. Some of the challenges are partly answered already: how do we know that Todd S on Upcoming is the same Todd S on Ma.gnolia? If I’m using the same verified identity on both services, typically an OpenID, then it’s pretty easy. Others are more complex, by far: how do we recognize that what I share with friends is different from what I share with colleagues, or clients?
Work has been done to classify common types of relationships and encode them in microformats, but the list has grown quickly without nearly exhausting possible relationships, all of which can impact what we want different people to see of us online. Chris Messina proposes a simplified relationship list to spur some adoption of portable relationship recognition at a fundamental level, reducing the set of social identifiers to “me” and “contact”. In other words, you or someone you know. He’s also written about why relationship specification is complicated, and it’s worth reading if you’re doing any kind of work in apps where one identifiable person interacts with another.
Think about any stories you’ve heard about someone losing their job over a questionable photo or comments on Facebook, MySpace, what have you. I’d bet that the hapless protagonist or well-meaning friend assumed that what was posted was only visible to the ‘right’ people. It’s easy to write that off as people being naive, but naive understanding of the activity and content the system exposes is what we need to design for. As the software gets better at finding the people you already know on different networks, those using the networks are sure to expect that each relationship works the same in different places. We’re setting the bar high in striving for portable identities.
It’s worth a few moments to wonder: what if social apps were designed from the start to know when you’re at work or school, and when you’re in personal life mode. That one division of presence along real-world lines is a natural basis for a more context-appropriate experience. It wouldn’t fully eliminate mistakes, as people find ways to break anything, but it would keep actions and content contained in their professional and personal contexts, preventing by default the awkward collisions that happen now. Had social applications built this assumption in, the reaction by businesses and institutions when social networking started to appear inside their walls might have been very different. But, they didn’t, so back to the here and now.
Facebook has taken steps, like introducing Pages for companies/brands/causes, and adding more privacy controls (some 50 controls in 4 major categories). The controls are very numerous though well-organized, but apparently not changed by many people. They’re good efforts, but inevitably don’t line up with natural social boundaries between the personal and professional, and as such just don’t come together effectively.
Even achieving professional and personal contexts within the same network is only a first step. Within each context there are still more types of relationships. Many more: client, coworker, contractor, boss, friend, acquaintance, partner, biking buddy. And of course, a given relationship can have multiple valid labels. Now try to make all that work on many networks with different social experiences, keeping in mind the consequences should the wrong thing happen. Given that complexity, the scale of the challenges Leslie was clueing us into should be apparent: it’s big.
Privacy is Really Just Sharing Done Carefully
When you think about it, online social applications are bad places to put things that are meant to go unseen, and it makes the notion of privacy start to feel like the wrong idea. This brings us back to the words we choose, because I think we interact online not to keep stuff private, but to share it selectively. Setting up a privacy framework works as a force in opposition to the goal of sharing something. If instead we think about streaming shared actions (or gestures, if you like) and content to the right people and less about exception frameworks, things should work more smoothly and, I think, bring us closer to models that can cross networks without exploding.
Things fell into place a bit more in conversation with Ryan King at OpenWeb. I mentioned the polarity of keeping secrets and sharing selectively, and Ryan suggested that lining up relationships with facets of life might help organize things in terms that are addressable by non-experts and achievable in code. Thinking of the parts of an individual life, we can easily see relationships cross contexts without violating any rules, because the interaction is appropriate to the context. Just because your buddy from work can see the photos of you at a weekend kegger doesn’t mean that he should see them when you’re both at work. This is the kind of path we want to make natural with portable identities and networks.
I suspect that facets can act as non-exclusive groupings of contacts, and that those groupings are a good level of control for using as sharing channels and moving between services with those facets intact. And that’s how far I’ve made it with this line of thinking. The next step is to track down and mock-up some interfaces that work from a sharing orientation and through the network along lines that are organized like our actual social lives.
Any links to interfaces that sound like that, or feedback in comments or mail would be appreciated.