February, 2009

Internet and Social MediaComments Off
27
Feb 09

Data Sans Frontiers : Data on the cloud : Facebook and its new statements

A little over a week ago after the Consumerist published its commentary on Facebook’s modified terms of service, I had deleted my data from my Facebook account and had written at length about what I perceived were the issues with the modified TOS : Why I deleted my Facebook data. Commentary on Internet data privacy rules. A couple of days after that Facebook under pressure from all the adverse feedback, reverted to its old TOS and assured to work with the community to work out a new TOS over the coming few weeks. Earlier today, it released a proposed Facebook Principles and a proposed Statement of Rights and Responsibilities for community review as a part of that process. This was covered by TechCrunch, Silicon Alley Insider, Mashable and Inside Facebook.

Unlike my earlier post, this does not critique Facebook’s actions but instead attempts to analyse the statements in the context of a newer dimension of data thats mobile on the cloud. This brings in both a set of challenges and opportunites and I shall try carefully to not fall into the FUD zone as I discuss these challenges. Finally it also discusses these statments and its implications on user’s and their awareness education challenges. In this exercise I treat Facebook as one of the early providers who is facing and attempting to address these challenges of “mobile data on the cloud” in terms of its privacy and security implications. But in the mashup world, it is likely to be a challenge that both the users and a number of other service providers have to eventually start dealing with.

Allow me to add my annotations on these statements.

Proposed Facebook Principles

A very nice and clear enunciation.

  • Point 1 : Note the specific mention of “service”. Thats what in my opinion is leading to many of these challenges.
  • Point 2 : Perfect in principle. However one technical issue needs to be resolved. How does one define “received information“. If my status update is seen by another user and it has appeared on his wall, has he received information ? Probably not since it is quickly clarified that this is particularly outside the Facebook Service. So we are probably talking about an external application to which facebook feeds the data, another user who might have downloaded some data on his desktop, potential third party services such as search engines (which usually aren’t allowed to scour this data) or other analytics services. I think its a fair statement. The only suggestion I would have is that there probably needs to be some amount of user (re)education to understand its implications.
  • Point 3 : Clearly refers to the fact that information will be shared with other users and services including through tools (desktop apps / mobile apps ?). Sets up the ground for API usage.
  • Point 4 : A great point. Establishes a level of symmetry amongst the parties which was one of my sore points in the earlier modified TOS
  • Point 6 : Clearly documents API usage to access data
  • Point 10 : Notes that the data is not just mobile across organisations (ie Facebook and its applications) but also across geographic boundaries.

OK, lets quickly review the next statement.

Proposed Statement of Rights and Responsibilities :

Point 2 is an important one to note, especially 2.2 and 2.3. Point 2.2 is wonderful to the extent that it clearly defines that facebook eventually will delete data that a user deletes or in case the user deletes the account. It also specifies that content shared with others may remain until they delete it. Now this content is in all likelihood going to be third party applications and services. Here’s an interesting tripartite arrangement – theres now going to be (for practical purposes) a mini-TOS between the user and Facebook which this statement covers, between Facebook and the third party provider, which I think is likely to be covered within this document as well (well, at least parts of it) and probably one between the user and the third party service. Its the last one which could be worrisome, since the user may now need to worry about each TOS with each third party provider. Most users are unlikely to review each of those terms with the level of detail, yet find their data moving to the third party provider. However, how and when that could get deleted is also addressed later in this statement. Point 2.3 also clearly documents the fact that subject to the user privacy and application settings Facebook assumes a whole bunch of capabilities around such intellectual property. Unlike in the modified TOS, this gives the control to the user to decide how the intellectual property will be treated. Since the control is with the user, I think it is a fair clause to ensure that Facebook itself is not at the receiving end of any intellectual property rights dispute.

In point 3 Facebook attempts to secure the fact that its users do not harvest information or otherwise maliciously gather access to store information that they shouldn’t get access to store. Why the focus on store ? The clauses around using the API are likely to have strict conditions around what data can be stored by the third party application and for what duration (which is true today as well). So its the social or screen scraping or other non-API ways of collecting data that Facebook is trying to secure against.

Point 5 sets up the environment for users to respect property rights of each other. Point 5.7 especially ensures that services clearly document their privacy policies when collecting data and inform the user that the data is being shared with the service and not with Facebook. Point 5.8 ensures that users don’t post other user’s sensitive information and then let it stream over the cloud potentially into other applications and services. Quite reasonable in my opinion.

Point 9 is probably one of the most interesting sections. The important point here is that Facebook has clearly communicated with the user, the undertakings of the applications, websites and services. Coupled with 5.7 and 5.8 above, it essentially creates an environment where the user is clearly aware of the boundaries between Facebook and other services, and that once the data crosses that boundary, that data for all practical purposes is governed by the agreement between the user and the other service. 9.16 was one which did arouse my curiosity a bit. We now start seeing the outlines of why the TOS needed to be modified in the first place.

Finally point 12 also goes to a great distance in assuaging the concerns raised about unilateral and quiet change of TOS earlier. It allows for upfront communication with the users, a reasonable notice period and curiously a vote based user veto (not sure why this really was required, but then I would be surprised if 30% of the user base actually voted).

So what about data sans frontiers ?

In the earlier modified TOS, Facebook had attempted to secure a very large number of rights in order that it would stand protected (if and) when large parts of user’s data start getting shared with other applications, websites and services. Thanks to the user reactions, it has now crafted a very different statement. In this statement while Facebook now assumes far fewer rights, and those it assumes to me seem like part of a fair and symmetric relationship. The way I read and interpret this is that under this statement, Facebook clearly defines a set of boundaries or frontiers (ie. the Facebook Service), and undertakes and provides a mechanism to properly share and control the sharing of such data within such frontiers. However it also makes it abundantly clear, that the user is now adequately aware that it has far lesser control the moment the data crosses such frontiers, and at such a stage this data will now get controlled by the third party services, that the undertakings by the third party service are clearly specified and the user is fully in the loop on this issue. Again seems fair from a corporate perspective and in terms of securing itself from misbehaviour or other inappropriate activities or accidents on the part of the third party services.

The catch is now that the onus is on the user. He has to clearly understand the implications of (perhaps even more detailed) privacy controls, and agree to the fact that once the data crosses the facebook frontiers, facebook has taken adequate precautions in terms of ensuring that the appropriate undertakings having been provided by the users and the services, and that any issues that crop up further could perhaps be bilateral issues between the users and the third party service.

I don’t know that all users are actually in a shape to understand all these implications, and suggest that some mechanisms be put in place to provide users some tutorials or presentations which explain these in as easy and lucid manner as feasible. Users will need to exercise the Caveat Emptor clause before subscribing to / using other services which integrate with Facebook. Users will need to be aware that based on their privacy settings and application requirements, their data is now moving from host to host, company to company, and country to country. On the whole while this does place a far bigger burden of exercising caution on the user, it also puts the user in control and is a far more symmetric statement than the earlier modified TOS.

Finally in an increasingly mashup and service integration driven world, I fully anticipate many more companies and users having to deal with these very issues in other non Facebook contexts as well. This statement is likely to also play a role in the ongoing discussion about the capabilities and the risks of having data in the cloud. If these statements can be agreed upon in a format that is acceptable to all, there’s a good likelihood it will provide the precedent for many more service arrangements being drafted in the future in a relatively similar and consistent fashion.

A programmer is unlikely to be a good lawyer : I am a programmer and have very lay understanding of legal matters. This opinion is based on my understanding but such an understanding could be wrong or inaccurate when looked at by a more skilled person. It is most certainly not a legal opinion and could contain discrepancies, inaccuracies or improper assessments on my part. If you note or find any, please add your comments so that others can benefit from your views as well.

programming / web10 Comments
16
Feb 09

Why I deleted my Facebook data. Commentary on Internet data privacy rules.

Update: Facebook has since reverted the change in terms of service. Cool. On Feb 18th, a message on the home page said :

Terms of Use Update

A couple of weeks ago, we posted an update to our Terms of Use that we hoped would clarify some parts of it for our users. Over the past couple of days, we have received a lot of questions and comments about these updated terms and what they mean for people and their information. Because of the feedback we received, we have decided to return to our previous Terms of Use while we resolve the issues that people have raised. For more information, visit the Facebook Blog.

Mark Zuckerberg also blogged about the same issue in Update on Terms.

Original post begins here.

Facebook published a new Terms of Service on February 4th 2009 which has a strong implication for how internet / cloud based data privacy is likely to be viewed. This was very well publicised here – Facebook’s New Terms Of Service: “We Can Do Anything We Want With Your Content. Forever.”. There was some consternation on the net especially on twitter about this change in facebook rules. While I did not use facebook much, I was sufficiently appalled at the change in rules to go and delete pretty much most of my data one line at a time. It is unclear to me if the old data is still available to facebook for sublicensing from a legal perspective (I know all the data will be there in their archives), but I decided it probably wouldn’t hurt to nevertheless to go delete most of it. I didn’t actually delete the account since Facebook still helps me keep in touch with my friends. But it is quite safe to assume that any interactions with them with an assumption or requirement of any data privacy will no longer be done on facebook.

Whats wrong with the new terms of service ?
Some people in forums argued that most of the data on internet is likely to be there forever. So one just needs to be careful and not worry about it. I don’t quite agree with that line of thinking. When I blog, tweet, post to usenet or forums, I am upfront aware of the fact that that data is going to be cached by google and other search engines and that once I press the publish button, there’s often no way to revoke it. However in case of Facebook, there is a general expectation that the data will be shared only within a network of friends, a network that I have control over. There is an expectation that that data will not get cached by search engines and short of an accidental data breach or some intentional malafide activities that data will not become public. What is unnerving with the new terms of service is that Facebook changed these rules at will without even sending me an email about the same.

Asymmetry of Privacy Expectations :

It is interesting to note how asymmetric some of the terms are. For example in the section User Content, the following is to be found.

By using or accessing the Facebook Service, you represent, warrant and agree that you will not Post:

* User Content that violates the law or anyone’s rights, including intellectual property (“IP”) rights or other proprietary rights (such as rights of publicity and privacy);
* any Contact Information or private information of any third party;

Further down in the section Licensing, it states,

You hereby grant Facebook an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to (a) use, copy, publish, stream, store, retain, publicly perform or display, transmit, scan, reformat, modify, edit, frame, translate, excerpt, adapt, create derivative works and distribute (through multiple tiers), any User Content you (i) Post on or in connection with the Facebook Service or the promotion thereof subject only to your privacy settings or (ii) enable a user to Post, including by offering a Share Link on your website and (b) to use your name, likeness and image for any purpose, including commercial or advertising, each of (a) and (b) on or in connection with the Facebook Service or the promotion thereof.

As you can see, you undertake to not violate anyone else’s IP or other proprietary rights, but information about you will not be treated with the same level of respect by Facebook, though its done quite legally by documenting the same in the Terms of Service.

Moreover anything you post or any information on your stream is now sub-licensable by Facebook. Now why would I exactly want to sign away all rights on status updates, photographs etc. on content which I posted assuming that it was secure and private ?

But the earlier terms were also quite onerous. So how come you did not complain ?

Apparently under the earlier terms, facebook also had the rights on the content, so whats the big deal ? Two main issues.

  1. The earlier TOS did not grant Facebook the right to sublicense the content : The possibility of sublicensing means you have no control or idea on who the eventual user of that data could be. I still get angry at so many commercial parties at having leaked my email and phone number data. The likelihood of a similar scenario where facebook sells that data for commercial purposes now cannot be ruled out, purposes on which I will have no control on that data.
  2. The earlier TOS had an escape clause of deleting the account Basically Facebook did not have the right on the data once you deleted the account. This is important as can be seen by another case on Twitter Privacy Disaster At Twitter: Direct Messages Exposed (Update: GroupTweet Is Likely Culprit). In this case private messages were apparently accidentally made public due to confusing software usability. The person immediately responded by deleting the account. This is a useful kill switch to have in case one makes a terrible terrible mistake of putting out something accidentally. This kill switch is also no longer available.

Bait and Switch : By not informing users of the change in terms of service especially since these were so important, I think this creates an impression that the user is a victim of bait and switch (even though the real underlying causes of the change which I am unaware of could be different). Facebook should’ve informed the users about the change in rules, offered a button to delete all prior data / photographs / content or at least made clear that the earlier content will continue to be governed by the earlier TOS – something thats a little unclear in this situation.

Implications for Internet Web sites and users : I think sites should very clearly document how they will control and use the data that they gather. Many of them do by explicitly document the same. Moreover any substantial changes to the same should be communicated to the users. Finally users need to be now aware of potentially changes of Terms of Services on a number of web sites that they interact with. Data that they assume to be private may no longer stay so and the user may not be any wiser about the same if the Terms of Services are changed without him being explicitly informed.


Updates :

Why did I delete the data ? Seems some readers are thinking I deleted the data believing that that will get rid of it. Thats not why I deleted the data. I am fully aware the data is likely to live perpetually in facebook archives and be accessible to facebook. I deleted it because that data had been submitted and generated under the old Terms of Service. Letting it be around to me seemed like an implicit acceptance of the new Terms of Service around old data, which I was uncomfortable with. So I deleted the data at the first available opportunity on realising that the Terms of Service around that data had changed. Any new interactions I do with facebook will be under an awareness of and therefore an acceptance of new Terms of Service.

Response from Facebook : Mark zuckerberg attempts to address the issue on facebook blog : On Facebook, People Own and Control Their Information. I could not find any rationale to why Facebook needs the privilege to sublicense the content. I also thought the way the blog post was written and the way the Terms of Service are structured are very very different. In my opinion its the Terms of Service that count.

This topic has been also getting a lot of traction on other blogs. Am quoting some other interesting opinions on the topic on the internet along with link backs to the posts below

  • cnet News.com : The Open Road : Facebook changes terms of service to control more user data :

    Google has had its own problems with user privacy, but this Facebook move calls into question the wisdom of clouds or, rather, storing one’s data in others’ Web services like Facebook. We need to come up with new licenses or new mandates for open data in the cloud. Facebook shouldn’t own our data.

  • Mashable : Facebook: All Your Stuff is Ours, Even if You Quit :

    The possible implications of this TOS change go beyond these concerns. Sure, you can choose not to use Facebook at all, but that doesn’t mean a thing. Someone can still take your photo, slap it on Facebook, and now neither you nor the author of the photo can stop Facebook from using the photo in whichever way they please. Looking at it globally, millions of people are uploading bits of information on everyone and everything, to a huge online database, and by doing so they’re automatically giving away the rights to use or modify this information to a private corporation. And not only that; they now also waiver the right to ever take it back from it.

    Facebook should take a long, deep look into how it treats its users. Until now, users had options with regards to how the data they generated on Facebook was used. Now, they have no options whatsoever, rather than quit the service altogether. It’s a major difference; I’m not going to take it lightly, and neither should you.

  • Wet Asphalt : The Facebook Freakout :

    You are only granting those rights “on or in connection with the Facebook Service or in the promotion thereof.” What does that mean? Well, it means that you are licensing the use on Facebook branded websites or any other media and the Facebook Platform, which is the legal name for the APIs that allow third parties to create Facebook applications. So if there was a Facebook TV show, they could use your stuff on that. Or if they launched a Facebook concert series or a Facebook magazine, they could use your stuff in that. Presumably, if there were a Facebook dogfood, they could use your content on that. Or if they wanted to make an advertisement FOR any of those things, they could use your stuff in that. Precisely WHY Facebook would want to do any of those things, I leave to the reader to speculate on. What they most emphatically CAN’T do is what Walters claims, that “We can do anything we want with your content forever.” They can do anything they want with your content ON Facebook or to Promote Facebook forever. But if they said that it probably wouldn’t cause the internet panic and generate hits for the consumerist and readers to stroke Walter’s ego with diggs and trackbacks and twitterposts either.

programming / softwareComments Off
15
Feb 09

So were Jeff / Joel / Uncle Bob discussing happiness and fitness ?

For those who are still unaware of the Quality and Testing discussion, I would refer you to the first half of Do you wanna be the Picasso of programming? First learn the rules, and only after break them to first come upto speed on the events.

Subsequently Jeff Atwood wrote Real Ultimate Programming Power and I posted a comment on it which compared the issue to that related to fitness (search for fitness to reach my comment). Thats what also made me realise that if one really looked at the entire discussion as one between Happiness and Fitness, it just seemed so much easier to understand and comprehend.

So if one goes back to the first podcast #38 where Joel appears to take on software quality, and if one takes up an analogy where software usability and customer satisfaction are treated as happiness (of the software) and the quality is considered as fitness (again of the software) then what Jeff and Joel seem to be primarily saying is that (words are entirely mine)

In the overall scheme of things happiness is more important than fitness.


That would make a lot of sense that most would readily agree to. However one more statement in there says

Fitness doesn't matter so much



And thats what probably triggered off a whole bunch of reactions. It also seemed to offer an explanation of why there was such a storm raised.

The way I perceive it, Jeff and Joel were making an argument for happiness which probably would’ve gone unnoticed but for the fact that the portrayal of fitness was (if I may say so) a bit incendiary. It wasn’t so wrong as that it simply seemed to be sending out a completely wrong message. And if this was an opinion on some small blog it would still have gone unnoticed. But Jeff and Joel being the influential voices that they are were less than likely to be ignored especially when the message they were sending out was considered “dangerous” by the fitness community. Dangerous in the sense that it could lead to a whole bunch of people treat fitness with even lesser importance (especially in the context where general fitness levels were quite suspect). As I revisited the podcasts and the blog posts, the happiness / fitness analogy seemed to generally hold up.

This paragraph is a little speculative in the sense I don’t know that this is what actually happened and am speculating at my end. So Joe n Jeff got a little flustered about the fact that they couldn’t understand why they had kicked up a storm in the first place since they believed in what they had said about happiness. So they got together with Uncle Bob to sort things out in a subsequent podcast. To me it seemed like a rather uneasy and tepid podcast where they didn’t disagree with each other’s points of view but still continued to be uncomfortable with them. The multiple axes that were being referred to could’ve been happiness and fitness. Jeff still continued to defend their stance in a manner which perhaps only made matters worse. The Ferengi Programmer seemed to suggest that fitness regimens were bureaucratic steps (which cast them in a negative light) which were rather expensive to deal with and hence negotiable. The Real Ultimate Programming Power seemed to suggest that since most people wouldn’t worry about reading up on or attempting for better fitness, probably a much simpler set of rules along with a continuous thought to be more fit was what was really important.

I am convinced when I look at things in this perspective Jeff and Joel’s arguments make sense as do Uncle Bob’s. In my mind many of the differences can also be explained reasonably well by this analogy. It also explains why some of the statements seemed to invite so much ire. The issue probably lay in packaging of the arguments. If the statements are re-presented in a manner which does not seem to reduce the importance or desirability of fitness per se while continuing to emphasise the primary goal of happiness, it could be possible to close the discussion and move beyond the debate back into the real issues related to happiness and fitness, oops customer satisfaction and code quality.

programming / software9 Comments
12
Feb 09

An experienced programmer doesn’t use SOLID as a checklist – he internalises it.

Reading The Ferengi Programmer by Jeff Atwood really made me quite concerned. Here’s clearly an opinion which to me seems not grounded in sustained experience in applying the principles and is likely poor message going out to junior programmers.

In the post the author treats SOLID principles by Bob Martin as a ruleset that programmers apply from time to time. Once you get yourself into that frame of mind it is difficult to then contest the rest of the post. I would want to re-present the same topic with a different frame of mind.

SOLID principles are principles that you learn in your early days as a designer. These are formative stages when you are honing your skills and attempting to review your designs in terms of specific checklists of items to go through as a mechanism of validating your design. But each time you apply them, you internalise a part of them, and soon in 3 or more years of regular application, their application becomes internalised and ingrained. At this stage you might even well forget that they exist, since you apply them subconsciously, day after day, time after time, and sometimes referring back to them only when debating or reviewing your designs with other designers.

The analogy to the painter is in the post referred to : Are You Following the Instructions on the Paint Can? is also quite instructive. The instructions on the paint can are for one time painters, hobbyists, amateurs etc. No experienced painter is likely to be reading them since he’s probably internalised them. But each seasoned painter would want every junior painter to learn the instructions and the costs of not following them before stepping up to deciding whether and when not to follow them. He is unlikely to teach a new painter in the making – follow the instructions that make sense.

Sure you do make tradeoffs at times in design. Most people tradeoff guidelines in all spheres. However the keyword is to understand that you are breaking a guideline and then do so explicitly knowing its costs fully well.

My big difficulty with the post is that it is an advice which may do more harm to junior programmers than good. It might encourage them to make tradeoffs before they learn the cost and implications of making the tradeoffs. And it might set themselves away from a path that requires careful and judicious application (which requires a lot of effort in the early days) and helps them internalise the principles.

I would not recommend the post I refer to to any junior and upcoming programmer. My advice is as follows. If you have grown to a stage where you are applying these rules implcitly – don’t worry, you have the experience on your side to generally make the right judgement calls and you are likely to anyway apply them under most of the cases. In such a situation, this post and the one it refers to are probably inconsequential to you. If you are at a stage where you still need to review your design with respect to the SOLID principles (or other appropriate design principles) – please take your time to apply the principles, learn if you are breaking them, understand the costs of doing so (I would recommend that involve a senior programmer / designer in the process) and then by all means make the best judgement. Principles distilled over time and experience should be adjusted preferably by those who understand the cost and implications of doing so, the rest should strive to reach that state first.

To clarify, the reason why I upfront made the statement “seems not grounded in sustained experience in applying the principles”, is that those who have internalised them hardly every feel the burden (if at all) of applying them, and are unlikely to ever ever treat it as an explicit checklist, and they seem like checklists to those who haven’t internalised them. Precisely the audience to whom you want to craft a more careful and nuanced message.