A Q&A discussion with Plaxo’s Joseph Smarr and John McCrea

There’s a big dustup today as Robert Scoble was removed from Facebook for running a Plaxo Script that was scraping the profile data (names and emails) of his opt-in friends. Robert was now let back into Facebook under an hour ago.

All of the above is just a taste of the real issue, as this leads to the bigger issue of privacy, ownership of data, and the future of openness on social networks.

A discussion with Plaxo at 2:30PM PST, I was typing very quickly, the bold are my questions and their answers, some of it is slightly paraphrased, however if I said something wrong, they can email me and I’ll immediately correct it.

Tell me about the event today, is this a planned feature?
This Facebook input feature has been in the works for some time, this was planned to be released today, but was still going to be tested. They spent today trying to explain to others, and also to find out what was happening.

Why didn’t you use use the FaceBook API?
FB doesn’t allow email addresses to be exported, which is critical to build a social graph. The script would grab the email addresses (which were an image), and profile data.

But the email is an image for a reason, so it doesn’t get scraped.
There’s explicity permission between members (as they are friends) so why prevent email addresses to be shared.

How does the script work?

Was planning to work with Facebook, as they did from LinkedIn a year ago (who were open to the export, and has been popular for Plaxo). Plaxo did not yet reach out to Facebook, and are now in damage control mode. There may be a conversation now.

Is Robert employed by Plaxo?
No, he’s an early adopter and eager user.

Where are you headed next?

We’re going to have a conversation with Facebook (that is starting now) and will role this feature out.

Who owns the profile data in Facebook?
The users the data that entered, and they should have access to all the data they’ve shared with their friends. The exchange between the members should be shared between and explicitly permission model.

What else should we know?
in 2008 Data portability thrust is where we want to head, we want to turn the model upsdie down, so instead of widgets going to the social graph, we would like to make the social graph very portable. This is an area where Plaxo as more depth than anyone else.

What other misconceptions need to be cleared up?
The big story is, this is going to be an open social web, this is going to provide clarity to users controlling portability of their data. This is not a battle between Facebook and Plaxo, we don’t want to steal their user base, we really believe we want to be able to let people connect to each other. We don’t want Robert to get shut down or for him to stop using Facebook, we want to co-exist.

Is this product a direct activity to increase the market value of Plaxo to be acquired?
This wasn’t a strategy that we would have chosen, it’s unexpected, and is something that users have been asking for a while. Explicetly, no, this is not a visiblity raising trick to any kind of M&A capability. We did not control the timing on this.

Update: Someone suggested that I should add my own opinion here. I was hesitating to do so as it’s all been said by hundreds or thousands of others. Anyways, here’s my opinion: Robert nor Plaxo don’t have the right to scrape these addresses without the explicit consent of the friends of Robert. I’m one of them, and I’d like to have an opt-in before Robert scrapes my data and exports them anywhere.

There’s a unsaid social contract that if you become my friend, I expect you to use my information that I share with you justly, and most of all, be considerate. On the other hand, what’s happening is just the taste of what’s to come, this is the year where the social graph will become portable, whether containers like Facebook or Plaxo allow it, or other tools come around to scrape it.

63 Replies to “A Q&A discussion with Plaxo’s Joseph Smarr and John McCrea”

  1. Jeremiah – this issue (social graph) and who owns your contact data is getting bigger by the day. During Scoble’s live video about an hour ago, he said that a council has been created but FB wouldn’t participate. How do we (and you as an influential in the space) go about getting this council between Plaxo, OpenSocial, Facebook, LinkedIn and other important public social networks to take place? And then how do we keep them meeting regularly?

  2. Anyone who publishes an email address in Facebook should assume it will get grabbed.

    Also, did Plaxo tell Facebook in advance what they were doing? If not, why not?

    It seems to me, though, that Plaxo will benefit financially from being able to scrape large numbers of email addresses from other sources. If they do, shouldn’t they be willing to share the financial rewards with the people whose email addresses they scraped?

  3. Jeremiah, that’s the softest Q&A I’ve seen. Actually that’s a press release gone completely and utterly unchallenged.

    How about fielding REAL questions about this from people?

  4. Plaxo has been around for years. The first irritating thing it did IMO was not be supported on Macs – back when it was an interesting idea to have all your contacts web-based instead of in a local application.

    Lately it is insinuating itself in multiple locations – we’re all getting those requests from Plaxo users right? But it has historically been a closed system- not an open one. I could not update my friends’ Plaxo data without creating an account myself. FWIW, this is not helping them convert me to a customer if they are now changing their biz strategy.

  5. My data has been stolen by Robert Scoble at the behest of Plaxo. That’s a data breach and I really do hope that Facebook report it to the relevant people. Plaxo do not care about endusers, they’re breaking and entering just to get more data on people so they can sell themselves on. How dare they take disparate information about me, aggregate it and combine it. Were they in Ireland both Scoble and Plaxo would be charged by the Government for what they did, shame about the more libeal data laws there. This is mass identity theft.

  6. Damien, leave you questions here, I’ll get them asked. As a result of your comments here and on Twitter I updated and added my opinion. At first, I wasn’t going to say anything as it’s all been said by hundreds if not thousands of other voices. I’m not really adding anything that hasn’t already been said.

  7. Out of curiosity – since you believe that Scoble & Plaxo should have your permission before scraping that data – do you likewise believe that Facebook should have had your permission prior to say, importing that data from someone’s GMail contacts when they sign up?

    I’m just trying to find the line here…

    Honestly, I agree with you on the ‘shouldn’t be exportable without my permission’ but I also refused to allow FB access to my contacts when I first signed up there prior to ‘suspending’ that profile.

  8. I don’t understand why you say Robert doesn’t have the right to scrape those addresses. These are the people Robert added as friends. Doesn’t that make this HIS address book?

    I should be allowed to export my contacts list from whatever application (Facebook, Gmail, Yahoo! mail) and import that into any other application.

    As I understand the situation, Robert wasn’t scraping _Facebook_. Robert was scraping _his account on Facebook_. There’s a difference. If I “friend” someone and give them my email address to contact me, that person should be allowed to take that address and put it into any contact list s/he maintains, anywhere.

    No one else has that right. But the person I give the address to now “owns” my address _w.r.t. his personal contact list and his use_.

    At least, that’s the way I see it.

  9. It’s so odd how all of this came about – Plaxo seems like they are now taking the high road of (gasp) actually talking to Facebook… But they let an “eager” adopter with no formal/contractual ties to their company, that also happens to be one of the most high profile Facebook commentators, not only use it but get his account disabled.

    I’m gonna go on a limb here and say that if an actual Plaxo employee had been so publicly caught, Plaxo wouldn’t have much of a leg to stand on. At least, not if their privacy promise is to be believed: http://www.plaxo.com/privacy

    So while I’m glad that the incident has stirred up so many discussions of privacy, I’ve been a little confused by some of the immediate indignant reactions toward Facebook, as if Facebook did anything wrong in this situation. They enforced their own rules, and not even in a particularly fierce way (heck, by end of day he was reinstated). It was like watching rich kids on a WB drama get away with breaking the rules/law to make their point.

    Moreover, it was interesting to see the same B and C level Facebook evangelizers who fretted over Beacon waving the flag in favor of information scraping as long as a friend did it. When it was revealed it was for Plaxo, the flags lowered a bit, but still some waved.

    Possibly the most telling moment came from Robert Scoble himself. When asked if companies should trust Scoble with NDA’s if he’s willing to break TOS’: “they shouldn™t trust me.”

    NDA’s honored, TOS’ broken. Punishments lifted. I wonder if a lowly D or Q-level Facebook evangelizer like myself would get such a pass.

  10. Damien,

    How is this a “data breach” – you & Robert connected on Facebook and via Facebook you shared your email address with Robert.

    He could have then taken that shared email address and contacted you, or as in this case, searched another site to see if you were registered on that site via that email address.

    How is that a data breach? You shared that information with Robert via a third party you were both using (Facebook).

    This is the bit I don’t get about Facebook’s policy, or about people’s anger – I share my data with people via tools like Facebook in the hope that THEY WILL USE THAT INFORMATION (to for example contact me). However Facebook currently makes it hard for the people with whom I have shared information to use that information – and likewise I can’t take the information people have shared with me (such as a friend who recently updated her email address to reflect the fact that she left her previous job) and in an automated manner sync it – I would have to edit my contact info for her in every place it exists (my email clients, my cell phone, many different web services etc).


  11. Jeremiah,

    I also am a “facebook friend” of Scoble.

    I didn’t believe that I’d given him permission to scrape my personal data and upload it to a company I’ve not chosen to do business with.

    I believed I’d given him permission to use my data within Facebook’s terms and conditions (which were available to me AND him at the time I chose to give him that data.)

  12. So questions:

    1. Since when is disparate information on my profile Robert Scoble’s data, his to use your tool to take it and yours to transport it?

    2. Who has access to my data now, besides Robert Scoble?

    3. How is that data secured, what are the guarantees more than Robert Scoble will not access this information?

    4. Where can I access this data, amend or delete it?

    5. Will you be deriving more details/data from this data that you have stolen from me?

    6. Are you willing to come to Ireland and answer your actions in front of our data protection commssion?

  13. Vicki

    There’s a social contract that if I give Robert my email or home address, or bank card number that he’ll respect my data and the usage of.

    Although apparently he was only scraping name and email, there’s a tremendous amount of PERSONAL information one may share on Facebook, it’s put there by me to share with my friends, and it would be considerate if he were to share it elsewhere.

    You bring up a good point as these email addresses are public anyways, you can buy email addressees or just do a search for them using Google and find many of them. But the real issue isn’t about email addresses, it’s about the social contract between friends.

    He needs my consent to use my data that I wasn’t expecting him to.

  14. Damien

    I see these 6 questions, and will make sure the Plaxo team sees them.

    Thank you for your honest commentary, always do that going forward. Your opinion is important to me (and I see that you want mine too)

  15. I agree with Damien. This is Lame! Plaxo is lame. I left them 2-3 months ago. I still get unsolicited email. Plaxo have had a bit of a negative reputation before. Looks to me like they are building on that. If there was a good alternative to Facebook which was open I would move. I have *no* faith in Plaxo. So for the moment I am staing put. Dave Winers post is way of the mark. Paul Walsh of Segala hass IMHO a better take on it Cancel your Plaxo account if you care about privacy

  16. I participated in a twitter discussion on this topic. My argument is same as what Plaxo guys told you

    There™s explicity permission between members (as they are friends) so why prevent email addresses to be shared.

    When I give my email address to someone to store in their addressbook, I trust them and I don’t care if they had my email in Outlook or thunderbird or gmail or hotmail or any other mail. I gave my email address to X because I trust X. Same is the case in this blog. I give my email address to this blog to comment because I trust you, the blogger not WordPress, the blogging system. Say, you are moving to Movable Type or Blogger tomorrow, I cannot demand that you keep my comment with email address inside of WordPress and not movable type or blogger. The case with FB and Plaxo is similar. If I shared my email with Scoble, I gave it because I trusted him. When I gave my email to him, I didn’t demand that it should be kept inside facebook. I offered it just on the basis of the human being called Robert Scoble not the facebook platform. When Robert Scoble used Plaxo, he gave his password and got the email address. It is just similar to digging up my hotmail addressbook from gmail addressbook or thunderbird addressbook. It is TOTALLY different from spambots scraping through illegal means. I seriously don’t understand why Michael Arrington and others like him cannot understand this fact. Also, facebook attempt to keep your data only inside facebook is similar to music industry’s attempts to stop you from playing the legally bought music in any player you want. Music Industry and Facebook may be legally right but they are short sighted and stupid.

  17. Jeremiah – I see your point. I understand your point.

    But I _agree_ with Krish and Shannon. Once I give you my contact info, it’s not “mine” any more. If I feel the need to control that data, I don’t give it to nyone else. I can make up a zillion hotmail addresses, one per contact. I can lie about my info. I can stay off the net.

    But if I choose to play, the way _I_ interpret the rules, anything I let loose is out of my control.

  18. Krish

    Emails are pretty much public, As stated above, this is more than email addresses, there’s a ton of other information available on your FB profile.

    This isn’t specifically about the type of info (email, bdate, sexual preference) but the fact that I need to know what my friends are going to do with my information.

    It’s the same as in real life, if I let you borrow or give something of mine as a friend, I expect you to take care of it.

  19. Jeremiah,
    I agree with Krish above. My email address is currently visible on my Facebook profile to anyone in my friends network as I opted in to allow them to see it when setting up my account.

    I get so much spam on all my emails, I’ve already gotten used to the fact that email addresses aren’t really private information anymore.

    What’s the difference had Scoble gone through all 5,000+ of his friends’ profiles and wrote down the email addresses on them. Sounds like the script just saves a ton of time in doing so.

    I guess I’m also a bit biased. Didn’t realize that Facebook disables ability to email my China business group members once they exceed 1,000+ I used to send out email updates to them that way. I actually receive emails from Facebook friends asking why they no longer get their China biz updates…to which I have to reply that Facebook won’t let me anymore.

    To be honest, I wish I had a script that could scrape the emails from my network of friends I’ve built on Facebook as many follow my coverage of China biz the way people follow you and Scoble when it comes to new media. If I used the Plaxo script to harvest emails so I could continue to send people China biz newsletters, I really don’t think people would be reporting me or accusing me of violating their privacy. On the other hand, if I scraped emails to sell to a spammer, that’s a different story.

    So it does come down to trust and an acceptance that email addresses really aren’t that private anymore anyways so what’s the big deal?

  20. Jowyang thanks for including your opinion. It doesn’t look like my trackback worked so I hope you don’t mind the long comment with the link to my original post.

    I wrote a blog post earlier today about Facebook disabling Robert Scoble™s account for attempting to extract his contacts™ information using a script.

    Since writing my post and conversing with what felt like the universe on Twitter about the matter, I™ve learned something which has turned my independent opinion piece into a rant.
    What™s changed my mind?

    Plaxo asked a number of journalists and bloggers to extract their contacts™ information using their new script. This is called ˜harvesting™. Harvesting is conducted by unscrupulous companies who wish to SPAM.

    According to Michael Arrington

    Plaxo was certainly aware of the risk. In an email from the company asking me to try the service last week, they said We don™t know whether Facebook will try to shut us down (despite their increasing verbal support for the concepts of open-ness), so we want to let a few key folks have access to the functionality before we make it available to everyone.

    Plaxo does not care about helping industry by encouraging Facebook to knock down its walled garden. Plaxo obviously feels so threatened by Facebook that its only option is to play dirty tricks using poor unsuspecting media puppets to take the fall when everything goes pear shaped.

    Let™s forget about Robert in this post. I think Facebook should take Plaxo to the cleaners.

    If a so-called professional organization can do this to another company in the open, what on earth is Plaxo doing, or going to do with our personal information. I certainly don™t trust that company as far as I could throw them any more.

    Original Post – happy to address comments here or on my blog. I don’t mind as long as I’m having the conversation.


  21. Jeremiah,

    I think all the information above applies in the same way as email. The moment I decide to share some information about me to someone else, I trust him inherently. As you said, I expect him to use it responsibly but I don’t tell him what software he should use to know my information. Other information I share with him is same as email in this respect. The underlying point is that I share something with him because I trust him as a human being not because I trust the software he is using. It is immaterial to me. He can even use Microsoft Excel to see my information as long as I handed it over to him on trust.

    If Robert misuses the information I gave (like handing it over to a marketer or a spammer or govt.), then he is wrong and I will take legal action on Robert. Here trust is violated not the underlying software. If Robert has to misuse my data, he can as well do it within facebook. It is immaterial if Robert accesses my data inside facebook or inside Plaxo or even inside Excel.

  22. Christine & Krish,

    And what about birthdate? What about your status update that reveals that you are out of town and your home unoccupied?

    Your arguments about the privacy of emails are certainly apt (even if some people do still guard their “primary” or home address) but we’re actually talking about all the information your friends can see, not just emails.

    By some of the arguments we’ve seen it seems Facebook should have said, “Bad Scoble! You shouldn’t be scraping data or using scripts against our TOS, but since it’s just email and your moderately famous, it’s okay.”

    His intentions, or the intentions of Plaxo, may have been as nobel as a saint’s– but the idea of wagging the finger at Facebook for doing exactly what they said they’d do is making the air a bit thick I feel.

  23. My argument also brings into focus a very important point. It is us, the users, who should be responsible in sharing the data. If I don’t trust someone who requests my friendship within facebook, I will show him/her a limited profile. Similarly, if I want to put some personal information which I want to share it only with a select few, I will do it only if I get granular control over my privacy. Else, I will stay away. Once I trust someone and share my info, the underlying software is immaterial as long as I keep trusting him. No software can protect these trust. A spammer can become my friend and manually write down all my information from within facebook. Here software doesn’t help me. It is my ability to trust a person that will help me. I seriously don’t understand the fuss about a software whereas we all should only be worrying about the trust we keep on our friend’s in social networks.

  24. Dean, as I pointed out in the previous comment, it is our ability to trust that matters than software. Robert can as well see our status update inside facebook and hand it over to underworld forums, if he had any such intentions. Software is immaterial in the controversy here.

  25. Krish, you said, “If Robert misuses the information I gave (like handing it over to a marketer or a spammer or govt.), then he is wrong and I will take legal action on Robert.”

    How would you know? In fact, according to other posts here, other bloggers were asked to scrape info as well. Only Robert publicly pouted when he was caught. How does Facebook keep a walled garden walled if it fails to enforce rules discouraging people from misusing data?

    Let’s keep in mind, it’s not like Robert was simply doing this because he had a hard time remembering someone’s phone number. He was asked by a company to see if people in his friend’s list were also in a Plaxo database.

  26. Krish, I do agree with you on the trust between friends. I think that for some, this whole incident today may lead to some Friend “pruning.” Oddly enough you suggest a social contract that the giver has to bear the responsibility of– but Facebook certainly has the right to enforce it’s TOS if someone agreed to it.

    Knowing that bloggers are being asked by companies to do things like this without revealing it (honoring one company’s NDA’s while breaking another’s TOS’) – or more to the point, that bloggers are taking them up on the offer – certainly makes one reconsider the value of “friending” online personalities.

    But I really do appreciate your point of view. Like I said before, I’m glad this has us talking.

  27. Dean,

    My interest in this topic is also about the philosophical aspect of the issue than about a person called Robert Scoble.

    As far Faceboo’s TOS is concerned, it is shortsighted and from old world when data used to reside inside the computers. In this new era of everything online, we need a complete makeover of what companies offer as TOS. As I told before, Facebook forcing you to use the data only inside Facebook is similar to Music industry stopping you from using the legally purchased music in any player you want. Legally correct but shortsighted to match with new era and new technology.

  28. Generally I agree with Vicky, Krish and Shannon.
    I think it is OK for someone I have added as my friend on Facebook to access my contact data from other platforms.
    My email address is not a secret, and if it was, I certainly wouldn’t have shared it on Facebook.
    I think people just need to understand that, end_of_story.
    The term privacy in this context does not mean keep-it-a-secret.

    I would however like to have an opt-in or at least being told that ‘adding this person as your friend means that he can access your contact data from anywhere he’d like’.

    Doing it without anyone knowing about it and against the TOS that we all have agreed upon, is where Plaxo got it wrong.

  29. There is a very subtle distinction I am going to attempt to make. I can understand Robert (or anyone) wanting to port his/her address book to the application of choice.

    The question is, what does said application do with the data? Does it claim now an exponentially larger user base? Good for it, let the investors beware.

    But if the application itself then starts contacting those people or seriously considering them as users, that is a problem IMO.

    Does Plaxo have a firewall around Robert’s imported friends data? FB does not and I doubt Plaxo does either. Read any biz magazine and you understand how companies are wanting to mine this data in various ways; some useful, some not, and opinion varies on that too.

  30. Krish,

    I too am interested in the philosophical underpinnings here, but unfortunately this topic is hardly a good example. Because this person is Robert Scoble, he was asked by Plaxo to do such things. And as Robert, he was able to get reinstated in Facebook. I’m probably safe in assuming if you or I did this we wouldn’t be reinstated in less than 24 hours.

    That said.. I think you’re applying a harsh philosophical light to the reasons people decide to use Facebook. Facebook isn’t “forcing” you to use Facebook. In fact, the very idea that we’re discussing pieces of information used to communicate in ways that Facebook doesn’t really employ (phone numbers, emails) means that as a storage device or a universal organizer it’s already a poor choice– there must be another reason people engage on Facebook. So the comparison that Facebook is just a vehicle for locked information much like DRM is for music is a bit incomplete. From what i have seen, no one is rushing to Facebook to use it as an address book; that seems to me as more of a side-effect. In fact, Facebook’s original attractiveness comes from the walls around the garden, not despite it. It is a vehicle for engagement. So maybe the music industry analogy would be better served in saying Facebook is like the iPod— it works naturally with no program other than the one it’s creators created (iTunes), which also allows people to import music of varying types, but does not go out of its way to help you export or share it wholly. And while to some that might appear old world and shortsighted, it has proven to be very attractive to the population that chooses to use it. That population chooses to place that trust in that closed system for whatever reasons.

    If the new era of data means all data given anytime can be accessible anywhere by anyone you choose, than we are likely to be headed toward some very open AND very closed systems- open for those more free with trust; and closed for those who want their privacy kept closer to the vest. We are in an interesting moment in our subtle distinctions of personal and company contracts. Many left Facebook because MySpace was the place where you had 1,000 friends and things were impersonal, inauthentic. But authenticity comes at a price. And often our choices are writing checks our trust can’t cash.

  31. Sorry, correction in one of those last lines: “Many JOINED Facebook because MySpace was the place where you had 1,000 friends and things were impersonal, inauthentic. But authenticity comes at a price. ”

    Okay, I’m taking a break from writing now. 🙂


  32. Sharing is not giving. It’s caring. If I share contact details on the community table, it does not mean someone can take them and move them elsewhere along with other details. They need to ask permission. Our shared data remains on Facebook, neither of us should move it elsewhere.

  33. Dean,

    All I can say is that you are applying old school thinking to new school. The TOS of Facebook is similar to what a software company would have had as terms when your data resides on your computer. In that era, you completely owned the data and you had full control of what was happening with your data. In the new era, where the data resides online with a provider, you cannot have similar sounding terms of service. TOS needs to evolve with time and technology. You cannot apply 19th century laws to 21st century society.

  34. Damien, you have completely misunderstood the concept. Sharing data with a ‘friend’ in facebook is not same as sharing data in a forum/group. You share it with an individual and only the individual has access to it. When you share it with a community, anyone who enters the community has access to it. Thatz where the trust of the individual comes into picture and not the software or community.

  35. You’re right, Jeremiah. When I put my email address (or mobile phone number) in Facebook, I expect that only my friends will have access to it.

    I have wondered, like Jeff Jarvis, why Plaxo would hang onto such a tarnished brand as it moves into social networking. Arthur Andersen became Accenture. Philip Morris became Altria. With a spammy reputation, does Plaxo really have appreciable brand equity?

    Now I think I understand. They’re going to keep up the same privacy invading tactics, so why bother rebranding?

  36. Why is it a “social contract” and not a “legal contract” or a “unwritten contract”?

    I agree that people need to guard my data as much as I would with my own data, but just because I give you access to x or y, does not mean I give you access to do a or b with it.

    In fact, this could be the way identity theft will reach new levels this year. Because even if someone is “good” today, it doesn’t mean that later on they would sell out for a price.

    And Jeremiah – to clarify your post, Scoble was scraping (stealing perhaps?) emails, names AND birthdates – the last part is the real concern to me.

  37. Krish,

    I’m not sure why you think I’m in love with Facebook’s TOS. I wasn’t arguing that it was a visionary document, just that it exists. And I actually haven’t mentioned it in a few comments. 🙂

  38. thanks for stepping out with your opinions on this one. bottom line is they DO make my email address an image for a reason. if robert himself wanted to email me, then he’d have to at least go a little out of his way to do so.

    if spammers start using this technology (which they clearly are…that’s why facebook has these steps in place), then everyone will leave. just like they left myspace. i don’t feel like waiting around for another social network. lets just fix this one.

  39. allen,

    Letz forget about facebook or social network for a moment. Let us say you give your name, address, phone number, birth date, wedding anniversary, etc. to a friend. Suppose if this friend turns into your bitter enemy in due course, who would you blame? You will only blame the trust you have placed on the person. Your friend might have noted down the information about you in his memory or a sheet of paper or an electronic organizer or in his PIM on his computer. If your friend turns into your foe, you wouldn’t blame the medium where he stored your information. You would only blame yourself for trusting him and giving your information to him. Same is the case with social networking too. The software or web service is just a tool to record the information. It neither saves you or screws you. The only thing that can save or screw you is the trust you keep on your social networking friend. Everything else is immaterial. Social networking tools are just an extrapolation of your real world. The software/web service has absolutely no effect on data integrity. If a spammer wants to rip off your data, he/she can befriend you in facebook and just write down everything with pen and then abuse it. Facebook offers absolutely no protection from abuse. The only thing that protects you is your ability to decide on whom you trust.

  40. When I say software not having any effect on data integrity, I am not taking into consideration the protection the software/ web services company has to offer against hackers. Thatz an altogether different issue.

  41. A quick point which may have been addressed already, but I don’t have the time to read all comments right now.

    Most social networks have relied on these feature to enable people to find and invite friends. Facebook itself does it with it’s friend finder.

    I was recently at a conference where this was discussed and someone uttered that it should be considered as spam.

    I think the responsibility lies with the user. If someone invites their friends its their judgement call.

    Limiting people from being able to upload/import their contacts will seriously hinder the viral growth of these type of sites.

  42. #46 – yes, the issue gets quite sticky – if i give you my biz card, can you do whatever you want with that data including selling it? it’s raised some interesting questions.

    it’s unfortunate that the issue revolves around scoble and his being compared to ghandi.

  43. Krish you said: “Suppose if this friend turns into your bitter enemy in due course, who would you blame? You will only blame the trust you have placed on the person. ”

    But just earlier you said: “If Robert misuses the information I gave (like handing it over to a marketer or a spammer or govt.), then he is wrong and I will take legal action on Robert.”

    Which is it? According to the former philosophy on trust, the courts should throw out your case because you were the one who trusted him.

  44. I think the argument that friends would need to opt-in to Robert exporting the email addresses to be incredibly wrong. I have seen this argument on other sites as well. We are really taking personal ownership of data to a far extreme.
    If one “befriends” another in a way that gives that person access to personal information, then that person may take that information to whatever tools they use. It is just like if I gave you a business card with my cell and email address. You can input that information in Outlook, gmail, a CRM tool, etc.
    What you can not do is improperly use that information for something beyond the implied permission (in facebook’s case I argue it is to connect). So, you could contact me using some communication platform, but you could not spam me.
    Users must consider the consequences of “befriending” others. What data are you letting them access? If you do not want them to get that information, take it off or use facebook’s great “Limitation” feature.

  45. Of course he scrapes all your data right now without Plaxo via the API. There are plugins right now that allow you to do this. Only the e-mail data is scraped.

    Ask yourself: Why only e-mail?

  46. Jeremiah, that's the softest Q&A I've seen. Actually that's a press release gone completely and utterly unchallenged.

    How about fielding REAL questions about this from people?

Comments are closed.