Scoblegate: Plaxo incursion into Facebook-land

I read one of Scoble’s tweet’s yesterday about how he was kicked off Facebook for running a script on Facebook.  My thought was how silly this was given Scoble’s influence and that if there was some sort of misunderstanding Facebook should have contacted him to resolve it.  It now turns out there was a little more to that story.  It seems Plaxo has been testing a new feature that goes into Facebook and runs a screen scraping script that harvests details of users’ contacts and adds them to that person’s Pulse account.  The thing with Facebook is that email addresses displayed in profiles are images and not actual text so part of this new feature is an optical character recognition process that reads those email addresses for import into Pulse.

Once Facebook got wind of what he was doing it cancelled his account and then got to work removing his account from the service.  I ran a search and it seems there are at least two accounts in his name still active although odds are those are not his accounts.

The feature he was using was being tested by a couple alpha testers who seem to have been subject to a non disclosure agreement and couldn’t disclose what they were using.  Scoble was released from his NDA and gave some information about the feature on his blog.  He said the new (and possibly never to see the light of day) feature works a little like the address book importers Facebook and other services use:

What does it collect?

Names and email address and birthday.

Why those? Because it’s trying to connect Facebook names with names in its database.

For instance, it learned that of the 5,000 people in my Facebook account about 1,800 were already on Plaxo.

It did NOT look at anything else. Just this stuff, no social graph data. No personal information.

There are a couple problems with this though.  Facebook advised Scoble that running the script was a violation of its terms of service and possibly illegal in terms of US federal and state law.  Another issue is that Plaxo knew this would not go down well with Facebook and apparently told its alpha testers and Mike Arrington that there was a chance Facebook would close off access to the service.  If they knew this would be a problem and could compromise its users then why do it?  I can understand the desire to facilitate portability between Facebook and Pulse but I think that should come from Facebookand not be forced by Plaxo.  If Facebook wishes to remain relatively closed then let it.  I use Plaxo Pulse, Jaiku and similar services because they are open, not because I am hoping that I can one day export my Facebook contacts to Plaxo. 

This is one of those times where if what you are about to do doesn’t quite sit right with you then perhaps you shouldn’t do it.  I am a little disappointed that Plaxo adopted this approach and would have preferred that they either work something out with Facebook in advance or not at all.  That being said, I don’t share Paul Walsh’s sentiment and will continue using Plaxo’s core service and Pulse.  The team there have been fantastic to me and I dig the services.  While this feature may well facilitate a violation of Facebook users’ privacy (John McCrea and Joseph Smarr from Plaxo told Jeremiah Owyang that Facebook users explicitly consent to share their email addresses but I think there is more to it than that), Facebook is not quite as pure as the driven snow.  I do agree with Jeremiah thoughts about exporting data and the social contract between friends on these services:

Anyways, here’s my opinion: Robert nor Plaxo don’t have the right to scrape these addresses without the explicit consent of the friends of Robert. I’m one of them, and I’d like to have an opt-in before Robert scrapes my data and exports them anywhere.

There’s a unsaid social contract that if you become my friend, I expect you to use my information that I share with you justly, and most of all, be considerate. On the other hand, what’s happening is just the taste of what’s to come, this is the year where the social graph will become portable, whether containers like Facebook or Plaxo allow it, or other tools come around to scrape it.

Plaxo and Dave Winer have commented that this issue is about portability of your data from one service to another and how Facebook’s reluctance to facilitate this more fully pretty much means that if others have the means to force this, then why not?  My take on this is that if Facebook won’t allow me to export my friends list to something like Pulse or Orkut then I am less inclined to spend as much time on Facebook.  That being said the way I reached out to my friends on Facebook is the same way I reached out to my friends on Pulse, Orkut and LinkedIn – my address book.  In a way I actually don’t need Facebook to facilitate this sort of sharing but that is more because of the way I connect to my friends.  My address book tends to mirror my friends lists.  Perhaps Facebook could give users the option of publishing a vcard?  That would feed into my address book and, at the same time, would suit Plaxo just fine given that I am a Plaxo user.

There is another little thing I haven’t seen anyone mention yet.  Remember this piece?  Perhaps Scoble and Smarr should eat a little of their own dogfood.

A Bill of Rights for Users of the Social Web
Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington
September 4, 2007

We publicly assert that all users of the social web are entitled to certain fundamental rights, specifically:

  • Ownership of their own personal information, including:

    • their own profile data
    • the list of people they are connected to
    • the activity stream of content they create;
  • Control of whether and how such personal information is shared with others; and
  • Freedom to grant persistent access to their personal information to trusted external sites.

Sites supporting these rights shall:

  • Allow their users to syndicate their own profile data, their friends list, and the data that’s shared with them via the service, using a persistent URL or API token and open data formats;
  • Allow their users to syndicate their own stream of activity outside the site;
  • Allow their users to link from their profile pages to external identifiers in a public way; and
  • Allow their users to discover who else they know is also on their site, using the same external identifiers made available for lookup within the service.

As far as Plaxo goes, I hope that this is the last time they try something like this.  For one thing it does leave a bad taste in my mouth and it is also negative publicity they probably don’t need.  Rather let Scoble become an evangelist for their service and attract users to Plaxo from services like Facebook than drag them across and hope they stick around.  Just a thought.

Tags: , , , , , , , , ,

Paul
Enthusiast, marketing strategist, writer, and photographer. Passionate about my wife, Gina and #proudDad. Allergic to stupid

  1. “Facebook users’ privacy (John McCrea and Joseph Smarr from Plaxo told Jeremiah Owyang that Facebook users explicitly consent to share their email addresses but I think there is more to it than that), Facebook is not quite as pure as the driven snow.”

    That's the biggest crock of horse stuff I've ever heard. Users (i.e. me and lots of other disgruntled users) did not give anyone permission to give away my details. I gave my details to Facebook, through which I 'connected' to friends. That is *not* the same as giving consent to share my email address Paul. I can only assume that like me when I wrote my first post, you haven't thought about this for long enough to realise just how bad this situation really is.

    Plaxo is harvesting details that don't belong to them or the people through which they are getting them from.

    You should look around a little more to see how many high profile people are really pissed about Scoble and Plaxo.

  2. Is Plaxo now selling the personal contacts Scoble harvested?…

    Now I can see why Plaxo were busy harvesting personal contact details belonging to users on Facebook, without anyone’s permission. They were looking to bump their numbers to increase their valuation. Robert, I’d love your take on this now.

  3. “Facebook users’ privacy (John McCrea and Joseph Smarr from Plaxo told Jeremiah Owyang that Facebook users explicitly consent to share their email addresses but I think there is more to it than that), Facebook is not quite as pure as the driven snow.”

    That’s the biggest crock of horse stuff I’ve ever heard. Users (i.e. me and lots of other disgruntled users) did not give anyone permission to give away my details. I gave my details to Facebook, through which I ‘connected’ to friends. That is *not* the same as giving consent to share my email address Paul. I can only assume that like me when I wrote my first post, you haven’t thought about this for long enough to realise just how bad this situation really is.

    Plaxo is harvesting details that don’t belong to them or the people through which they are getting them from.

    You should look around a little more to see how many high profile people are really pissed about Scoble and Plaxo.

  4. “Facebook users’ privacy (John McCrea and Joseph Smarr from Plaxo told Jeremiah Owyang that Facebook users explicitly consent to share their email addresses but I think there is more to it than that), Facebook is not quite as pure as the driven snow.”

    That’s the biggest crock of horse stuff I’ve ever heard. Users (i.e. me and lots of other disgruntled users) did not give anyone permission to give away my details. I gave my details to Facebook, through which I ‘connected’ to friends. That is *not* the same as giving consent to share my email address Paul. I can only assume that like me when I wrote my first post, you haven’t thought about this for long enough to realise just how bad this situation really is.

    Plaxo is harvesting details that don’t belong to them or the people through which they are getting them from.

    You should look around a little more to see how many high profile people are really pissed about Scoble and Plaxo.

  5. “Facebook users’ privacy (John McCrea and Joseph Smarr from Plaxo told Jeremiah Owyang that Facebook users explicitly consent to share their email addresses but I think there is more to it than that), Facebook is not quite as pure as the driven snow.”

    That’s the biggest crock of horse stuff I’ve ever heard. Users (i.e. me and lots of other disgruntled users) did not give anyone permission to give away my details. I gave my details to Facebook, through which I ‘connected’ to friends. That is *not* the same as giving consent to share my email address Paul. I can only assume that like me when I wrote my first post, you haven’t thought about this for long enough to realise just how bad this situation really is.

    Plaxo is harvesting details that don’t belong to them or the people through which they are getting them from.

    You should look around a little more to see how many high profile people are really pissed about Scoble and Plaxo.

  6. Hey Paul

    I am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that. There are likely privacy issues here as many people contend there. This is why I mentioned Jeremiah's comments and referred to the Bill of Rights. If anything Plaxo's script runs contrary to people's rights in the Bill of Rights to own their activity stream and the list of people they connect to. This goes both ways and applies to the person who has a list of friends and the friends on that list. If I was Plaxo's lawyer I would be having a very sobering chat with them about this.

    That being said there is an argument that some people have implicitly agreed to share this information and to be linked to social networks elsewhere. If they didn't want to be involved in other people's social networks then they should perhaps have withheld their email addresses. Of course the prudent thing is not to take advantage of those people's contact details without their permission and there is an argument that this should be the case with those services that search your address book for people you would like to join a given service.

  7. “am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that.”

    I wasn't quoting you Paul, I was quoting Plaxo, who you quoted in your post.

    I disagree – I don't see the argument that some people have implicitly agreed to share this information. I have not read one comment in support of this from a user who had their details harvested. BTW, some people didn't share their profile with anyone but their friends – shouldn't their request not be respected.

    My home phone number isn't listed in the book. I give it to friends. It's pretty damn obvious that I don't want them to give my phone number to companies who wish to sell me something – whether or not, I have told them it's unlisted or not.

  8. I can see an argument being made that if people choose to disclose their contact details they have less of an expectation of privacy than if they didn't publicly disclose the information in the first place (like your home number). This is just the first part of the process though. We also need to consider where the information that is published, is used and how it is used.

  9. Hey Paul

    I am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that. There are likely privacy issues here as many people contend there. This is why I mentioned Jeremiah’s comments and referred to the Bill of Rights. If anything Plaxo’s script runs contrary to people’s rights in the Bill of Rights to own their activity stream and the list of people they connect to. This goes both ways and applies to the person who has a list of friends and the friends on that list. If I was Plaxo’s lawyer I would be having a very sobering chat with them about this.

    That being said there is an argument that some people have implicitly agreed to share this information and to be linked to social networks elsewhere. If they didn’t want to be involved in other people’s social networks then they should perhaps have withheld their email addresses. Of course the prudent thing is not to take advantage of those people’s contact details without their permission and there is an argument that this should be the case with those services that search your address book for people you would like to join a given service.

  10. Hey Paul

    I am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that. There are likely privacy issues here as many people contend there. This is why I mentioned Jeremiah’s comments and referred to the Bill of Rights. If anything Plaxo’s script runs contrary to people’s rights in the Bill of Rights to own their activity stream and the list of people they connect to. This goes both ways and applies to the person who has a list of friends and the friends on that list. If I was Plaxo’s lawyer I would be having a very sobering chat with them about this.

    That being said there is an argument that some people have implicitly agreed to share this information and to be linked to social networks elsewhere. If they didn’t want to be involved in other people’s social networks then they should perhaps have withheld their email addresses. Of course the prudent thing is not to take advantage of those people’s contact details without their permission and there is an argument that this should be the case with those services that search your address book for people you would like to join a given service.

  11. Hey Paul

    I am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that. There are likely privacy issues here as many people contend there. This is why I mentioned Jeremiah’s comments and referred to the Bill of Rights. If anything Plaxo’s script runs contrary to people’s rights in the Bill of Rights to own their activity stream and the list of people they connect to. This goes both ways and applies to the person who has a list of friends and the friends on that list. If I was Plaxo’s lawyer I would be having a very sobering chat with them about this.

    That being said there is an argument that some people have implicitly agreed to share this information and to be linked to social networks elsewhere. If they didn’t want to be involved in other people’s social networks then they should perhaps have withheld their email addresses. Of course the prudent thing is not to take advantage of those people’s contact details without their permission and there is an argument that this should be the case with those services that search your address book for people you would like to join a given service.

  12. “am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that.”

    I wasn’t quoting you Paul, I was quoting Plaxo, who you quoted in your post.

    I disagree – I don’t see the argument that some people have implicitly agreed to share this information. I have not read one comment in support of this from a user who had their details harvested. BTW, some people didn’t share their profile with anyone but their friends – shouldn’t their request not be respected.

    My home phone number isn’t listed in the book. I give it to friends. It’s pretty damn obvious that I don’t want them to give my phone number to companies who wish to sell me something – whether or not, I have told them it’s unlisted or not.

  13. “am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that.”

    I wasn’t quoting you Paul, I was quoting Plaxo, who you quoted in your post.

    I disagree – I don’t see the argument that some people have implicitly agreed to share this information. I have not read one comment in support of this from a user who had their details harvested. BTW, some people didn’t share their profile with anyone but their friends – shouldn’t their request not be respected.

    My home phone number isn’t listed in the book. I give it to friends. It’s pretty damn obvious that I don’t want them to give my phone number to companies who wish to sell me something – whether or not, I have told them it’s unlisted or not.

  14. “am not saying I agree that Facebook users explicitly agreed to their details being harvested and moved around (barring something in the terms of use or Facebook privacy policy which I doubt). This is what I meant when I said there is more to that.”

    I wasn’t quoting you Paul, I was quoting Plaxo, who you quoted in your post.

    I disagree – I don’t see the argument that some people have implicitly agreed to share this information. I have not read one comment in support of this from a user who had their details harvested. BTW, some people didn’t share their profile with anyone but their friends – shouldn’t their request not be respected.

    My home phone number isn’t listed in the book. I give it to friends. It’s pretty damn obvious that I don’t want them to give my phone number to companies who wish to sell me something – whether or not, I have told them it’s unlisted or not.

  15. I can see an argument being made that if people choose to disclose their contact details they have less of an expectation of privacy than if they didn’t publicly disclose the information in the first place (like your home number). This is just the first part of the process though. We also need to consider where the information that is published, is used and how it is used.

  16. I can see an argument being made that if people choose to disclose their contact details they have less of an expectation of privacy than if they didn’t publicly disclose the information in the first place (like your home number). This is just the first part of the process though. We also need to consider where the information that is published, is used and how it is used.

  17. I can see an argument being made that if people choose to disclose their contact details they have less of an expectation of privacy than if they didn’t publicly disclose the information in the first place (like your home number). This is just the first part of the process though. We also need to consider where the information that is published, is used and how it is used.

What do you think?

%d bloggers like this: