Stormy   [12.20.07 12:06 PM]

Not only does it spam all your contacts but it gives your contacts very little to go on. There's nothing in the intro email to say what Spock does and nothing on their home page. You actually have to sign up to find out what it is!

Ross Stapleton-Gray   [12.20.07 12:12 PM]

My social network is a network of networks. No way do I want to give anyone access to that, without a lot of oversight. And it's very situationally dependent... around Xmas it's distorted in certain directions, etc.

I will likely jettison my Orkut account(s), after their little scrapbook spam escapade, and I'm doubting I'll have much time to consider Spock.

Michael H   [12.20.07 12:14 PM]

I wonder why it seems as if these companies come up with ideas that are "all-or-nothing" propositions. I sort of mix and match my address books and contacts so I have a mixture of family, friends, and business acquaintances. While I don't really mind my family or friends finding out what movies I watch, that info isn't germane to work or school.

If a company wants me to use these types of "features", then they should make them something I'm comfortable using. They shouldn't automatically assume I will opt in. Maybe they should let me decide who the information can be sent to. Maybe they can come up with a system that lets me describe my relationships in multiple, different ways.

I guess an example might be someone I consider a "friend". They may be a very close friend, a long lost friend, a friend who is touchy about certain subjects, a friend who is open to pretty much anything, and so on. They should also do something similar for family, and business contacts.

Kevin Curry   [12.20.07 12:17 PM]

This is a timely, important, and difficult topic being discussed from many perspectives. In Facebook it is particularly complex when your friends, people you do trust, invite you to "Do the wave," "send a hug," "do a personality test," or "compete in an online trivia challenge." Behind each of these seemingly innocuous requests is an *application.* I have yet to come across a Facebook application that did not prompt me by default to share all of my information with the application - not with my friends who I trust, but with the application and application provider. Supposedly you can uncheck permissions, but often the app will complain that it can't work. And in any case, how are we supposed to make informed decisions with all of these new, opaque choices. This sharing of data is needed, the thinking goes, in order for the app to provide you with the wonderful service you are sure to enjoy. Sometime the "application" is just a link to a 3rd party web site. The whole thing seems like SpyWare 2.0. 10 years ago we'd have received the same type of request from a friend forwarding an email or from some other electronic free offer (remember Gator?). The only thing different in Facebook is our perception; that we are safe while we are happily granting permission to expose all of our data to every app that comes our way.

Dan Cornish   [12.20.07 12:26 PM]

The biggest problem here is that people are trying to mix social networks with professional networks. In a company, the contact list is the property of the company, not an individual. There are MANY issues in sharing this information. The biggest problem here is context. I share my contacts depending on the Context I am interacting with them.

The FaceBook context of college does not work with the contect of the Outlook contacts in Tim O'Riley's address book.

Tim Spalding   [12.20.07 01:28 PM]

I've love to believe this is happening, but I'm not so sure.

When you're "in" the club the way we are—reading O'Reilly Radar and Mashable every day, or even just living in a place like Boston or San Francisco—it can be hard to remember that social software is *social* in the most basic sense—it's a society, not a club.

Societies are big, diverse and mostly uninterested in themselves. I suspect that most users of social software have as much interest in "crafting a new social contract" as most Americans have of discussing political theory.

Shelfari is an extreme case, but illustrative. It affected readers--an educated, privacy-conscious bunch. It went on for months, and if somebody hadn't put together all the pieces and made a case out of it—that someone was me, and I'm a competitor—it would have continued. And even though they stopped the practice and got some bad press, it was certainly worth it for them.

As an industry we don't want to poison the well. But company-by-company I'll bet it makes sense to.

Maybe things will change if all of this can be boiled down to three bullets and a simple logo—"Trusting Social" or wahtever. After all, I know nothing about tuna fishing, but the "dolphin safe" logo appeals to me for the 2 seconds it takes to decide on a can, after which I stop thinking about the issue entirely.

Bart Stevens   [12.20.07 01:42 PM]

Sara,
The problem you raise (and lot's of others lately) is what we try to solve (or at least talk a lot about ;) in "the VRM school of thinking".
We envision that users will regain control of their data like ID, purchase history, preferences. Not like giving "your CV" to Amazon, before you are allowed to buy a book. People call it sometimes CRM on it's head.
Anyway, what we do is make a lot of noise in the online and off line world about the concept described first by Doc Searls.
Furthermore we are developing use cases and are looking into standardization.
Feel free to have a look at ichoosr.com/blog. I have an interesting question on what values to present to vendors in the Telco business on VRM
Enjoy Xmas !

Bart

TK   [12.20.07 03:03 PM]

The danger of all these new pushes into the "social graph" is that the utility for the user is often theoretical or abstract while the opportunities for marketers or developers of specious services are more concrete.

The icebergs Tim sees in Spock are similar to icebergs appearing all over the web. With everyone under the sun racing to turn their existing services into "platforms" I think we'll all suffer from inundation as the bottom feeders in our address books/social graphs become vectors for whole new categories of difficult to filter junk and spam.

In many cases, perhaps the problem isn't that users don't have enough "control" over their data, but that they have too much and are willing to opt that control over to less reputable parties.

Google has taken a small but revealing misstep with its poorly considered new Google Reader sharing implementation which mines your gmail contacts to auto-subscribe other users to your shared items - imposing a new social aspect (with limited opt-out functions) to a service that previously offered the same functionality on a granular, user-defined basis, pissing off a lot of legacy users. It would appear that at Google, your address book and gtalk contacts are becoming a new social network.

Andy Wong   [12.20.07 04:03 PM]

Though Web 2.0 services like social networking is about openness. However, many service providers always tried to make your privacy to be open, at least to the providers in order to explore business opportunities. I think, it should be only about platform openness, not privacy openness.

The fact is, when your private info goes to the server of the service provider, your private contact info is under the mercy of the provider. There's not yet regulations governing the service providers to adequately protect your private data. For example, how can you be sure that your private data got deleted after you close the account? no yet regulations, no independent auditor. I heard a few times that startup companies stored passwords in plain text, and hackers just pick them up. Obviously when a company has no basic skills of protecting password storage, the company will not protect their own computers well, and any commitments to users' privacy will be just null.

The industries should come up with standards/protocols of protecting user privacy, with enforceable measurements, and the law makers should also follow up.

The platforms can be more open without boundary, however, the disclosure of my private data should be well regulated and moderated. It is not realistic to expect/educate all internet users have moderate common scenes of protecting their own private data when using social networking. Industries and regulators should do take more care for public interests.

Scott Smth   [12.20.07 05:06 PM]

I agree, but I think that this is more about data ownership and not just trust. I should own data about me - just as a Hollywood star owns their image/likeness.
Right now I get all kinds of email, marketing materials and daily letters that want me to refinance (how do the know how much my mortgage is!) - people are profiting on data about me (or my social network in the example above.) I should control who has access and when they can use it. There is a big business selling data about us, and we do not profit.
In the Web 2.0 world we should try to break that - I use your hosting and services and you can use my data for specific things. If this is part of a trust network, good, you made that decision - but did those in your contact list agree?
I got an invite from Plaxo the other day from a friend - when they wanted to upload my outlook contacts and my linkedin list. I stopped. I did not really know at the time what was in store for me if I did upload my contacts, and I'm guessing my friend did not know either.

Maia Bittner   [12.20.07 06:46 PM]

Hi Sara,

This is Maia, from Spock. I know Jay, our co-founder, e-mailed you personally to explain why
there have been so many trust requests. I just thought I'd update you to the latest changes we've made to the site in order to reduce the number of emails being sent to people, especially by people they don't even know.

As a first step, we've removed any pre-checked boxes from our address book import process. We want all invitations that go through us to be very deliberate. We've also changed the process so that there are clear markers by everyone in your address book that has already signed up for Spock.

There we also two changes we made for non-users based on the feedback we've received. The first is that we are no longer sending trust requests when the requester does not know the email address of the person they are requesting trust from. Instead, these requests are stored on the site for when (if) that person signs up. We also include an unsubscribe link at the bottom of all emails sent to non-users, so that anyone can unsubscribe if they don't want to receive any more emails from Spock.

The above changes will be implemented next week.

We are working very hard to avoid excessively emailing people. We did not anticipate our users being so aggressive! As the next step, we are looking to implement throttles and digests as a way to still do what our users ask, while not annoying everyone else ;) If you have any suggestions on ways to avoid unwanted emails, please do let me know, either here, or personally.

Best,

Maia

thacker   [12.21.07 06:47 AM]

Will say two things about the social networks, aka Web 2.0, they don't think things through as much as they should. Two, this type of learning curve is necessary prior to any breakout and implementation onto the Net.

Tim O'Reilly   [12.21.07 10:22 AM]

Maia --

You've got to be kidding. You guys actually implemented a feature where you were emailing to "contacts" where the person requesting the email didn't have their email address. That's either incompetent or reckless. I keep getting mail from you guys about how various users have made mistakes, and how it's not your fault, but it sure seems like you guys have done a terrible job of designing your system to prevent abuse.

This shouldn't have to wait till next week. Just TURN OFF all your outbound email functionality until you get this fixed.

Protestations that "we didn't send out this email, our users did" just don't cut it. Logic to prevent wholesale spamming is trivial to add to an application. If you give your users the power to spam everyone whose contact information they have, some of them will use it. If you give them the power to spam people for whom they only know the name, and don't even need the contact info, all bets are off!

I love the idea of spock. I could really use a people search engine. But you guys are really losing any credibility.

Scott Converse   [12.23.07 06:23 PM]

I have to agree that 'being Spocked' has become a new negative term for having your social graph violated. How about having dictionary.com add something like:

Spocked
-verb
1. verb of unsavory website called Spock
-adjective
2. To have your email friends spammed.
3. To be tricked into revealing contact information to friends, family and colleagues.
4. To receive a vague email from a friend, family member or colleague inviting you to 'join their network' when none exists.
5. Slang. To have your personal information and social network violated by a unscrupulous web 2.0 startup.

I, too, was tricked into giving them access to my gmail that Spock then used to sent an obtuse message to a couple of hundred of my associates implying I was 'inviting' them (when I did no such thing).

I think this kind of activity on the part of anyone claiming to be any kind of social network is, in my book, business death.

I've already bogged about this and I plan on letting everyone I know, whenever the opportunity arises, that Spock (and any other system that uses inappropriate mining of MY personal data) should be avoided at all costs and in all ways.

Jeff Jarvis   [12.29.07 10:01 AM]

Tim,
Amen. I got Spockspam and had a fit and asked to be forgotten in all ways possible by the service. They've already ruined themselves with me. They're Plaxo, the Sequel.

Andrey Golub   [01.03.08 11:13 AM]

Tim,

from what do I know, after such strong comments like you've done, Spock guys have stopped all their R&D and developments and have been concentrated exactly on this feature for some time.
and they have fixed it in a very record time!

why do I think so? 'coz I actively participate in the Spock Power Users working group, the place for Brainstorming 2.0 where Spock guys present to us (early adopters and supporters) their new features (or even the ideas not yet implemented), to perform brainstorming and find the best ways to solve the strong problems like the one indicated here by yourself and the other commenters.
So the project road-map for Spock is in big part defined by its Community, so it could not be optimized, like someone here stated, against the community itself and be anti-social!

and of course I am sure that the email spam issue that occurred was not intentional. How could a very 2.0 company like Spock intentionally make some thing that won't be forgiven and forgotten by community?
of course it was a feature too quickly put to production... I am also sorry about that and I hope Spock won't repeat once anymore this mistake.

then also from what do I know following Spock as active contributor to Brainstorming forum and Facebook fan Club :), is that the guys have fixed everything real quickly (with 2 days of this blowing up). I'd not judge the whole project so strongly after one problem happened and immediately fixed...

let's follow the future developments instead!

Warm Regards,
Andrey Golub, http://www.spock.com/Andrey-Golub