Google, Yahoo!, MySpace, and Facebook are in competition to be the single archive for user data. As Caroline Dangson of IDC puts it, these initiatives "are really just competitive moves between MySpace, Facebook, Yahoo!, and Google to own user data over the long run." This reminds me of Microsoft’s Passport—an attempt at single sign-on for the internet that seemed too intrusive because it had access to the browser history and cookies. Similarly, if one website is the central repository, it would know if a user has been recently looking at airline tickets or stock tips, and it could target advertising to that user. More worrisome would be knowledge of personal data such as bankruptcy information or registration at a medical condition support site. While the services promise to keep data private and safe, they may well use it for marketing purposes.
The newly announced Google Friend Connect (www.google.com/friendconnect) is a tool for including social networking within websites, with simplified login using existing online identities (Google Accounts, AOL/AIM, Yahoo!, and OpenID, with others coming soon). In addition to logging in, users can choose to associate each site with any or all of their friends lists from Facebook, orkut, or Google Talk (Gmail), with hi5, LinkedIn, and Plaxo coming soon. So the login and the friends are not necessarily connected except through the user (who presumably has a familiar name). Once users register with a connected site, they can use social networking applications such as commenting, reviewing, sharing pictures, connecting to new people, and notifying their friends (from their existing accounts) about interesting webpages, much like the del.icio.us "links for you" feature.
The Friend Connect package is designed to be easy to add to a site because most of it is running from Google servers within an IFrame, like the first versions of the Google Custom Search Engines. Because it’s connecting via Google’s servers and uses the OAuth specification (http://code.google.com/p/oauth), the site can assure privacy and security. Google uses its own connecters and OpenID specification (www.openid.net) to check the ID and password with the original networking system, removing the necessity for many different logins. It’s likely to encourage users to come back to a site and bring their existing friends because the barriers are so low—it brings many more sites into one big social network.
Adding the Friend Connect also allows websites to include applications created using the OpenSocial specification (www.opensocial.org). The OpenSocial APIs (application programming interfaces) provide a framework for tools such as mapping travel, showing where one’s friends are, or playing music, which can be embedded into other websites. This is much like the Facebook Application API but more open, with friends and activity information being shared by multiple sites. However, with the Google Friend Connect package, the social activity information stays on Google’s servers, which is good for privacy and security from everyone—except Google.
Example sites using Google Friend Connect include Guacamole (www.ossamples.com/recipes), Ingrid Michaelson (www.ingridmichaelson.com/ilike), My Latest Piece (www.mylatestpiece.com), and BibleApps.com (www.bibleapps.com).
At press time, Google did not explain whether user-created content, such as comments displayed in an IFrame, would be considered part of the website for search indexing purposes; nor did it have any information about how to ban disruptive users or spammers.
Yahoo!’s Open Strategy is designed to integrate user-generated content, such as Mail, Messenger, and Address Book, allowing users to keep the same identity through all Yahoo! sites and make new connections, track their own activities, and take advantage of new applications which are available using OAuth and OpenSocial. Yahoo! has been a leader in APIs and web services, so it is moving quickly. In addition to the community functions, Yahoo! is giving access to the search engine via the SearchMonkey platform. This lets websites share structured data with Yahoo!, allows third-party developers to call the search engine interactively for Enhanced Results and Infobars, and provides a way for end users to control their search experiences. On May 15, Yahoo! opened this to all developers and announced a SearchMonkey Developer Challenge (http://developer.yahoo.com/searchmonkey/challenge), with prizes up to $10,000
MySpace’s Data Availability, also recently announced, provides tools for other sites to include MySpace public profiles and personal data on other sites, but again, it lives on the MySpace servers and cannot be copied to another system. If MySpace users change their minds, they can opt out of the sharing within their profile pages on MySpace. Like Google Friend Connect, the passwords and authentication will go through the OAuth system, and MySpace has explicit support for OpenSocial to run applications in MySpace profiles, but it does not support OpenID at this time. First implementers include Yahoo!, eBay, Twitter, and Photobucket, which should be available some time in May.
Facebook Connect (announced but not yet released) is a new version of its API for external websites, providing the same features as Facebook Applications. It includes secure authentication and includes profile information such as pictures, events, and groups; shows which Facebook friends have accounts on a site; and keeps track of privacy settings. This should allow people to add new friends on new sites and have that status carry over, for example, from Digg to Facebook. However, the content is mainly stored on the Facebook servers, and in a speech in March at the SXSW software conference, Facebook founder Mark Zuckerberg was dubious about whether the company would add OpenSocial support.
Alternatives to these options from the big four include social networking software and hosting systems such as Elgg (open source, www.elgg.org), LiveJournal (open source, www.livejournal.org), and Marc Andreessen’s Ning (www.ning.com). Given the resource requirements for operating such a system, including heavy database demand at peak times, user support, and site spammers, it would be smart for many smaller sites to simply become a client of one of the big social networking systems. But sites like libraries with strict privacy policies may choose to run a local system, which can encrypt or erase identifying content.