How to attack the social media incentive and privacy problems

A huge opportunity awaits a young social media company that is poised to take advantage of the fall of Facebook (and Twitter). Is somebody out there ready to carry the ball and make it happen. It probably has to be somebody already with most of this done, or even operating.

The great problem with social networks is the natural monopoly. It doesn't matter how good a tool is if your friends aren't on it. So "there can be only one," at least within each culture. There are different winners in different countries, and LinkedIn seems to have segmented business networking from personal networking enough to get past this.

One answer to the monopoly question would be the creation of a protocol that would allow networks to link together in a meaningful way. Ie. if my "home" is on Facebook and yours is on Google Plus, that it is possible to create a friendship link between the two, without requiring either of us to create a profile on the other site.

This is not that hard to do at a basic level, but of course a basic level might not be very satisfying. Even an advanced level would only support the intersection of features of the two networks, or even less than that. The networks have been incentivized not to do this, especially Facebook which at #1 would never do it. Since joining all networks is currently free, they just figure people will join more than one. They want it to be hard to leave so it's always hard to move your profile from one to another, and dangerous to privacy to do so in any event.

The network of networks could be the ideal situation, allowing users to choose companies by their own tastes and the policies of the company. It would be worth the effort.

One way I proposed for doing this was my Data Deposit Box concept. A similar concept is also out there under the name "Personal Cloud." In this system, you own and operate (or pay somebody else to operate) a small piece of cloud storage where your data lives, and to which your friends share their feeds of updates. This box then downloads code from the applications you enable, and those apps run on your data (and your friends') on your server, displaying results to your browser. The code comes to the data rather than your data going to the code.

Making it less engaging

One of the most difficult challenges for any new system will be the requirement to make it less engaging, which is to say less addictive. Almost everybody I know says they spend too much time on Facebook. Even Facebook knows this and has declared internally they want to make the system more valuable rather than more engaging.

This means a system that is still highly useful even if you only come to it twice a day. Or which understands what matters need timely attention and which don't.

They also need to get rid of spam, including spam friend requests. One network tried a rule that you were kicked off if too few of your friend requests were accepted. Sadly, that did not succeed on its own because I think it's a good rule.

This goes against the instinct of most companies to make people crave their product and use it all the time. Of course, one way to help is to go off advertising.

Paying for it

Advertising corrupts the motives of any social network. If you're not paying, you aren't the customer, you're the product, as is often said.

Since social networks need to be universal, they are afraid of not being free. To grow, a social network needs to put as few barriers to entry as possible on a friend of a member joining.

One option would be to allow people the choice of paying or getting it free, and getting more than just the removal of ads in the paid product. It should be clear that the paid product is only motivated by keeping the customer happy, never the company or advertisers.

Another option is an all-paid product which allows paying members to effectively give free accounts to the friends they invite. The accounts might be limited (ie. they can only interact fully with full members) or perhaps each member could give out some number of full accounts and the rest would be limited. (If you have 2 friends who are full members, you would only count as half an allocation, however. so in theory this could scale out.)

There would be the temptation to give invited people limited time full memberships, then demand payment after a year. Whatsapp (now part of FB) did that but stayed 100% free after being bought. I suspect people might find this annoying, and ignore invitations for a temporarily free "trial" membership. Whatsapp is subsidized. Facebook paid $19B for it and runs it as a loss just so it can control the way it pulls uses from FB itself.

Having an interconnect protocol is a form of allowing outsiders to participate for free, of course.

Even if you paid for Facebook it would still be motivated to addict you unless everybody gets a bit enlightened about that.

More on interoperability

I noted above that there are privacy issues for a world of interoperable social networks. In spite of all the appealing aspects of this, a real problem is presented.

Today you trust Facebook with all your data. If they screw up, as they did with Cambridge Analytica, your data can leak. In an interoperable world, you need to trust all the different social networks, not just one. It seriously increases the chance of a breach.

There is also a problem with simple data portability. Again, the surface this sounds great, making it easy to quickly switch to a competing social network with a button that says, "export my data." The problem is, if you make something easy to do, it becomes easier to ask for, and will be done more often. An "Export my data" button would result in thousands of sites saying, "Want to make good use of our site? Just transfer your data to us. It's just a couple of clicks! In fact, our cool site doesn't really work unless you do that. Why not? It's just a couple of clicks."

Paradoxically, it can be better if these sites have to instead become Facebook apps, subject to at least some amount of oversight from Facebook on how they use and remember the data. Facebook's contract with the apps makes demands on them to not store your data long term, and allows limitations on what they see. This would not be true with data portability.

This problem also exists with the truly distributed social network architecture I have proposed. In that architecture, you trust all your friends with your data, and some of your other friends data. If any of your friends fall prey to a malicious app, like the quiz app that Cambridge Analytica exploited, they get it.

It is hard to design solutions for this. Can you really exercise control over what apps your friends can run on the data you share with them? How could that be built with a tolerable UI and actual enforcement?

Encryption is not a likely answer. In the end, your friend's system needs to be able to display your data to your friend, or do calculations on it and display those results to your friend. If that code misbehaves, it is difficult for encryption to protect the data. If all that needs to be done is display it, encryption might help (though this is very complex) but just displaying is kind of boring.

Challenges of decentralized networks

Because decentralized networks must compete with Facebook (which probably will retain the ad supported centralized model) there is a high bar for them to be competitive.

  • They must provide the same or better functionality, in the eyes of their users, as Facebook. Of course, if "less addicting" is a feature, they don't have to be quite as "engaging."
  • They must either be as free as Facebook, or offer value that justifies paying for them when FB is free
  • They must quickly be able to gain a user base that, at least for their target demographic, competes with Facebook in penetration. No matter how good a network is, it won't survive if your friends are all on another one.

A few trusted central parties?

One architecture might involve having a small number of central data hosts. These hosts would hold everybody's data. Social networking apps would be forced to run only on the clusters of these organizations. There, they could fetch, process and display the data you have access to and send it to your browser or phone. The apps would be forbidden from ever remembering this data, they would fetch it every time they worked on it.

This small number of data hosts would need to be responsible and accountable to the users if we are to have hope. That means the users would have to force the social networks to only run on those hosts. Ideally the users would pay for the hosting somehow, but in reality it is very likely the money would have to flow through the social networks (some of which would be advertising based.) So making this happen is not easy.


So, there is: and Both suffer from lack of network effect, but I'm hopeful.
Mastodon is too twitter-like for my needs frankly. Diaspora didn't do it for me.
Both also suffer from too little centralization: not enough critical mass of engineering or marketing. Face it, FarmVille and friends contributed greatly to getting enough people on facebook when it was "young" to pass critical mass.
The Data Deposit Box / Personal Cloud is likely the best direction to go: it would work best in a universal deployment of IPv6 situation, where every home had a NAS anyway.
The privacy issue is not as bad as you think in my opinion. The problem with revealing data by facebook is not what they revealed, but rather that it's so hard for individuals to actually understand what data is out there about them. So storing the data locally, and understanding what is public, what is group-pseudo-private would help a lot of people. While Internet erasure is never gonna work against determined adversaries, being able to edit your own archive is somewhat useful I think.
As for the few trusted parties idea: it has merit. It essentially represents the full regulation and divestiture of facebook, I think. It would be much like what many wanted done to Microsoft a decade ago.

There is another aspect which I think you are missing, and which also affects the ability of a Mastodon or Diaspora to succeed. Facebook (and Google) are very good OAUTH providers. There has been some advice for parents against using such systems for logins, but I completely disagree. Use login/sign-up with facebook/Google/Linkin/Github at every opportunity you can. Here is the catch: you can't login to Google with Facebook, or Facebook with Google. Each wants to be at the root of an OAUTH tree. It's exactly this part that it would be nice to regulate and centralize to another party.... But, it's subtler and stupider than that: You can't login to Facebook with Facebook. that means that parents can not login to their children's accounts with knowing the password. This is where they are missing an opportunity to contribute greatly to family trust and increase security by eliminating weak passwords (or eliminate many useless passwords completely).

Obviously I find virtues in the models I propose, but I also name their problems, both to be honest and to inspire others to come up with solutions. Yes, if I own my data store, it has great value. But I need to be feeding my status updates to you and your data store, if it is to display them for you in a dependable way. (Thus the partial centralized approach. If you and I keep our data store in our own private regions of a large provider, like an AWS, then I don't need to feed you my data, you can fetch it when you need it over local links, and then promise to forget it. Though there is also the privacy problem that comes from me knowing when you were online and accessing the data. We don't like systems that let other people know if I have read their email.)

I think login is a bad idea, and identity is a bad idea, as I have detailed elsewhere. So I am not a fan of federated login.

I think something like "self sovereign identity" will be part of the solution:

"Under the status quo, where we don't own and control our own identifiers, we are subject to the the terms of another party, whether this is a corporation (Google, Facebook, LinkedIn, Twitter etc) or a government. These actors have a role to play in the identity ecosystem, but the new self-sovereign identity tools will shift the power balance.

The large organizations will be in service to, and in a relationship with, the individual rather than the individual being subject to them.

Figuring out how individuals can collect, store, manage and present their own identity information and personal data via their own devices, and with services they control, is a challenge I have been working on my entire professional career. Below I explain the key technical breakthroughs that, when combined, make self-sovereign identity possible today in a way that was not possible five years ago."

I think Hubzilla's "nomadic identity" is also a key feature for preventing a social network from trying to lock-in its members:

"For our example we’ll start with email since it’s a concept many people sort of understand.

You’ve got a friend named Bob. Bob has two email accounts. He has a home account at bob@home.server, and he has a work account at bob@work.server . Now most people instinctively know that if they get an email from either address, that they’ve received an email from Bob. They usually don’t even think about what server he is using.

Nomadic identity just means that when we send an email, we will send to both of Bob’s addresses any time we send an email to Bob. This way he’ll get the message no matter if he’s at home or if he’s at work.

Simple enough? Good, let’s continue.

Now let’s take this into the decentralised social networking space such as provided by Hubzilla. What’s different? The only thing is that if Bob posts a picture while he’s at work, his work server send a copy to his home server so he’ll have the same picture in his photo albums in both places. If he makes a new friend, the friend will be added on both servers so he has the same friends no matter where he goes.

Now if Bob loses his job and his account gets removed from work.server, Bob’s onlife life still goes on and he still knows the same people and still can post the same things. He’ll just use home.server; and then when he gets a new job, he can send you stuff from bob@newjob.server. Your software will instantly notice – « hey, this is my friend Bob! » even if it has never heard of newjob.server before and update some stuff internally to indicate that Bob can now be reached at newjob.server.

None of this matters to you, because as far as your software is concerned, it’s just ‘Bob’. You don’t care what server he uses or what job he has this week.

That’s what nomadic identity is all about.."

You should use different examples than home/work. Those are kept apart for a reason. You don't want to share things between them. Your employer owns everything on their work server, and has rules against you making much personal use of it. You want to own and control what's on your personal server and not let your employer access it.

Add new comment