Should Facebook preemptively protect users against rogue apps?

8 February 2008

Jonathan Zittrain, Professor of Internet Governance and Regulation at the Oxford Internet Institute, has an interesting blog post about Adrienne Felt’s work on Facebook platform privacy: Should Facebook preemptively protect users against rogue apps?.

It is worth reading the whole article, but here are a few excerpts:

Enterprising UVa senior Adrienne Felt has developed an intriguing argument about privacy for Web 2.0 apps like those on the Facebook development platform. It will get lots of news coverage, much of it boiling down to reports that don’t capture the richness of the problem.

But there is another difference at work: partly because of technology and partly because of historical inertia, Facebook can more obviously be asked to play a gatekeeper role with its apps than an OS maker can with its desktop apps. Felt’s solution to the problem she identifies is to have Facebook run interference — serve as a proxy — between most apps and the data they presumably don’t really need. The app can say to Facebook, “Display the user’s birthday in the upper right corner of the screen,” without having to know the user’s birthday. Only in a few instances, they say, must an app really access the data in order to work.

Social networks are rightly recognized as powerful, even transformative. The ability for unaccredited third parties to write apps that users can run to access their data and do cool things with it further leverages their power. The wild card of the platform makers’ power over those apps creates a range of options simply not available to the OS makers that preceded Web 2.0, and being put out of business by it.