Better Social Networking

When was still cool I signed up to it. It was an interesting research project in skill metrics (determining the rating of people’s coding skills by the votes of others and weighting the votes by the rating of each person), and it was nice to be rated Master soon after I joined. I still use it on occasion for the blog syndication feature (when I find a good blog on Advogato I add it to my Planet installation).

When was really cool (when every time I had dinner with a group of people someone would ask if they could be an “orkut friend”) I signed up to it. It was interesting for a while but then most people got bored with it.

Now there is Facebook and MySpace for social networking for social purposes and for business related social networking. I periodically get invited to join those services but have not been interested in any other than LinkedIn. I can’t join LinkedIn because their mail server is regarded as a SPAM source by my mail server but their web server refuses to provide any information on why this is (the rejection was apparently long enough ago that it’s rolled off my logs).

The problem with all these services is that I am expected to sign up with each of them and go to a moderate amount of effort in writing up all the data in the various web pages. Writing it is a pain, keeping it up to date is more pain, and dealing with spam in “scrap-book” entries in Orkut is still an annoyance which I don’t want to multiply by four!

So far the only step I’ve seen towards addressing this issue is the XFN – XHTML Friends Network [1] project. But that seems to be of fairly limited scope (just referring to the friendship status of people in a <a href link).

I believe that the requirements for social networking are:

  1. Personal data about each person, some of which may only be available to friends or friends of friends.
  2. The user owns their own data, has full control over where it’s sent and the ability to request people who receive it to keep some parts of it secret.
  3. Ability to send email to friends of friends (determined by the wishes of each friend and FOAF).
  4. Ability to get a list of friends of friends.
  5. Incorporation of a standard format for CVs (for business social networking).

I think that the only way to go is to have a standard XML format for storing all personal data (including financial, career, and CV data) that can be used on any web site. Then someone who wants to be involved in social networking could create an XML file for a static web server (or multiple files with different content and password protected access), or they could have a server-side script generate an XML file on the fly with a set of data that is appropriate for the reader. The resulting social network would be entirely distributed and anyone could write software to join in. This covers item 1 and part of item 2.

For sending email to friends of friends it would be good to avoid spam as much as possible. One way of doing would be requesting that friends publish a forwarding address on their own mail server in a manner similar to SRS [2]. SRS include the ability for such addresses to expire after a certain period of time (which would be convenient for this). In fact publishing SRS versions of friends email addresses would be a good option if you already use SPF [3] and SRS in your mail server. This covers item 3.

The XML format could include information on how far the recipient could transfer it. For example if my server sent an XML file to a recruiting agency with my CV it could state that they could distribute it without restriction (so that they can give it to hiring managers) with the possibility of some fields being restricted (EG not tell the hiring manager what I used to get paid). For my mobile phone number I could send it to my friends with a request that they not send it on. This covers part of item 2.

The URL for the friends file would of course be in the main XML file, and therefore you could have different friends lists published from different versions of your profile (EG the profile you send to recruiting agencies wouldn’t include drinking buddies etc). This completes the coverage of item 2.

Then to have a friends list you have a single XML file on a web server that has the public parts of the XML files from all your friends. This means that getting a list of friends of friends would involve getting a single XML file for each friend (if you have 100 friends and each friend has 50 unique friends on average then you do 100 HTTP operations instead of 5,000). Minimising the number of web transfer operations is essential for performance and for reliability in the face of unreliable web servers (there is no chance of having 5,000 random web servers for individuals all up and accessible at the same time). This covers item 4.

Item 5 is merely a nice thing to have which allows more easily replacing some of the recruiting infrastructure. As any such XML format will have several sections for arbitrary plain text (or maybe HTML) for describing various things the CV could of course be in HTML, but it would be good to have the data in XML.

I posted this in the “blog” category because blogs are the only commonly used systems where end users do anything related to XML files (the RSS and ATOM feeds are XML). A blog server could easily be extended to do these social networking systems.

As with a blog users could run their own social networking server (publishing their XML files) or they could use a service that is similar in concept to blogger which does it all for them (for the less technical users). Then an analogy to Planet, Technorati, etc in the blog space would be public aggregation services that compare people based on the number of friends they have etc, and attempts to map paths between people based on friends.

This could also include GPG [4] data such that signing someone’s GPG key would cause your server to automatically list them in some friend category. The XML format should also have a field for a GPG signature (one option would be to use a GPG sub-key to sign the files and have the sub-key owned by the server).

I don’t have any serious time to spend on implementing this at the moment. But if someone else starts coding such a project then I would certainly help test it, debug it, and contribute towards the XML design.

11 comments to Better Social Networking

  • stratus

    Hi Russell,

    Talking about orkut, they’re adding new privacy related features all the time. I understand that maybe your friends aren’t there, but take a look: You can restrict your album and videos view & scrapbook write access to: friends, friends of friends or everyone. It will take a while until people go back there and give it a second try to check lower latency, new features and more. :}

    — stratus

  • Ben

    Now this is a very interesting idea. In some respects it’s a little like the Open ID system for distributed and consistent identity in the blogosphere (which it would be really cool if you implemented on your site).

    The social networking bandwagon I jumped onto when it was popular was the, now defunct, site around eight or nine years ago. After that I really didn’t see the value in the whole Orkut thing, I’d already done it.

    For most of my friends, the main network and blogging tool used is LiveJournal. A project which has spawned a great many interesting little things, including Open ID (sort of, same principal creator, Brad Fitzpatrick).

    While there’s been a lot of adoption of both MySpace and Facebook, especially amongst the less technically enclined, these are both fairly closed systems, with MySpace being more closed off from the rest of the blogosphere than Facebook. At least Facebook has an API to help integrate its features with other systems, where MySpace doesn’t. My concern with both of those networks, however, stems more from their terms and conditions, there are some nasty little clauses tucked away in each of them. Facebook, for example, has been selling its user data to various corporations and marketing firms, which then target specific advertising campaigns to the relevant sector of the market place.

    LJ isn’t anywhere near as harsh, their terms are basically the usual limitation of liability. The advertising they do have are just ordinary Google Ads, which paid users never see anyway.

    I could see your plan integrating very easily with the LJ system, as well as any number of private domains running their own CMS and/or blogging software. Facebook might come to the party eventually, depending on how it impacted their existing business model. The Murdoch-land that is MySpace, however, is highly unlikely to play well with any others for any reason. Mind you, with a big enough adoption that may not really matter.

    If someone does decide to take up this idea, I’d be very interested to see how it progresses.

  • I’ve been meaning to ask for some time, but why do you have footnotes on links that are already .. clickable links?

    It seems like needless duplication which isn’t required by anybody viewing your site, unless they want to make a printout. If they did that surely their browser should/would handle that for them?

  • […] Others have said it better — wake me up when there is the option to own my own data. Until then, well, I’m not hard to find on email, IRC or MSN should anyone really want to. […]

  • I was wondering, is there a way to store more data into the GPG key? I know that you can store a picture, but what if you can store arbitrary XML data?

    You would have the social networking just ready. I mean, in many cases you already do…

  • […] Better Social Networking has the potential to expand the scope of the blog space. […]

  • etbe

    stratus: No matter how many privacy features they add, it will still be under their control. Also the idea of having different profiles for different readers (including different “friends” lists) is AFAIK not something that has been implemented by anyone.
    Ben: I’ve considered OpenID but the issues mentioned in the Criticism section of the Wikipedia page are a concern. If I was to implement this I would want to allow other users of my site to use it as well and until I get crypto-tokens or something going I’m not confident that it would be secure enough for them.

    It’s interesting to hear that Facebook was selling it’s data, I assumed that someone was doing it (or someone would if they hadn’t already) but hadn’t heard of any examples. With my idea everyone has their own data, data on their friends, and some data on friends of friends. There’s no central repository that can be sold. The worst that could happen is that someone could crack the PC used by someone who has lots of FOAF’s – but that attack can also be used against all other social networks.

    Steve: Printouts are one case where it’s needed, the other is reading blogs by email.

    Daniel: Interesting idea about GPG. How hard would it be to change/manage such data though?

  • Components for open distributed social networking are already available…

    Open is everything – the rest is details. That is why we must take the best use cases of the closed social networking world and port them in the open. This is a lofty goal in all meaning of the adjective, but a surprisingly large number of potenti…

  • I really like the idea of exploiting GPG as much as possible for the purpose of social networking. I’m glad to see others think the same way, after all this is about getting everyone to use the same open protocol.

  • mind

    “password protected”. fully trusted servers. heh. heh. plus, you’re completely missing the “networking” part.

  • etbe

    Social networking doesn’t require giving all data out to everyone. Giving it to trusted people and then allowing them to export a sub-set is adequate.

    Note that Orkut tries to do similar things (EG allowing certain fields to be only visible to friends). So it’s not as if restricting access to some data is an entirely new idea of mine.