What does the Microsoft "partnership" with Facebook mean for users?

by Doc Searls

Here's the key fact: Facebook's users are not its customers. They're the targets to which Facebook's customers aim advertising. In old media this was no big deal. But Facebook isn't just a "medium". It's a vast walled garden where the social activity of members and visitors constantly improves the ability of advertisers to "target" both.

This is a Good Thing only if it works for everybody — including both those targeted as well as those doing the targeting. And if users are actually involved, they have some important questions:

  • What happens to my identity-related information?
  • How is it used, and by whom?
  • How much control do I have over my data (or data about myself) — including what Facebook "partners" do with that data?

Jeremiah Owyang visits these questions in his latest post, How Microsoft got their Passport after all. He begins,

A few hundred million is a steal for your identity, they've got plenty of money.

Microsoft and Facebook are in partnership, but what's at stake? Three things:

  1. Facebook knows who you are: your name, your gender, where you live, your martial and political status, sexual preference, age, where you work, the list goes on. The funny thing is, you've voluntarily given that information up.
  2. They also know who you connect to, who you talk to, and what you say to them (you don't own those private message ya know).
  3. Sure, up to one third of all profile information is bogus, but what about those unsaid gestures: What people do is more important than what they say. What apps you use, how frequent, what and who you click on.

Great, but why does it matter? Because the new partner likely will have access to this very precious data.

[We once rejected Microsoft's Passport identity campaign, but we’ve potentially and unknowingly just handed it over]

Two thoughts.

First, Microsoft had a very instructive failure with Passport, and the "Hailstorm" effort of which it was a part. One guy leading that instruction is Kim Cameron, primary author of the Seven Laws of Identity and creator of the Identity Metasystem concept (among other things), all which we made a cover story in the September 2005 issue of Linux Journal. To the best of my knowledge, that was the first time a Microsoft effort made the cover of the magazine — and it deserved to.

In brief, the Seven Laws are:

  1. User Control and Consent
  2. Minimal Disclosure for a Constrained Use
  3. Justifiable Parties
  4. Directed Identity
  5. Pluralism of operators and technologies
  6. Human integration
  7. Consistent experience across contexts

Second, many independent developers at companies and organizations large and small (including many individuals their own) have joined together (guided to a significant degree by Kim and his Laws) as in informal Identity Gang (now a working group of Identity Commons) with the shared purpose of empowering individuals to control their own identity-related information in the networked world. "User-centric identity" is still new, and we're all still in the early stages of Whatever This Will Be; but already much technical progress has been made, most of it in the form of open source development.

The Gang gathers at informal but highly productive Internet Identity Workshops (IIWs) — twice per year at the current rate. In fact, I'm one of the organizers. The next one is December 3-5 in Mountain View. Here's my open invitation for Facebook folks to come help the rest of us work on applying the Laws of Identity in the social contexts they're pioneering.

There is much work to be done. We'd love to have Facebook help us do it.