I’ve been following this kerfuffle over the security and privacy “mishap” over Google Reader’s shared items feed and their second attempt at rolling out some truly “passively social” features and functions and allowing you to see the items shared by other folks who are in your Gmail contacts. I find it hard to argue that using your Gmail and Gtalk contacts as a way to bootstrap a network doesn’t make sense. I also find it hard to argue that using it as the only signal makes a lot of sense. Just a few thoughts – if you want to know more about my thoughts on “passively social” applications, I’d suggest you read this post and this post.
1. For most people, this is a non-issue. I know a lot of people who actively publish the URL and location of their shared items feed. I even keep mine on my blog, including the most recent items I’ve starred. For most people, having others see the items they’ve shared is not a big deal. If you really want to keep track of stuff and not share it with the world, just create your own tag – I use the tag “followup” for interesting stuff I find but don’t want to share with the world.
Also, it’s not as if the GR team really “exposed” any private data. Your shared items feed was always publicly available – it was merely obfuscated with a long and gnarly URL.
2. “Passively social” products are going to encounter this problem time and time again. The advantage of passively social products is that they don’t actually require you to “friend up” your network to get started. In an ideal world, a passively social product will be able to infer or distill the appropriate social network with which to share your information. We’re clearly not there yet, so the only thing we’re going to get from these first generation products is a very coarse set of relationship data. Knowing that I’ve communicated with someone on Gmail is a very coarse signal – it’s better than nothing, but not enough information on which to make a high-quality decision.
As excited as I am about passively social products, it’s going to take awhile to be able to match the user experience associated with actively social products like Facebook and MySpace. Without explicitly declared (and verified) relationships, passively social products are going to need multiple signals to make good decisions about the circle of people with whom I’d like to share data. For example, if a passively social product had access to my IM, phone, email, and calendar logs, I bet it could make some really good decisions about the folks with whom I communicate and the strength of those connections. There isn’t anyone who has that information today across all those platforms. As a user, I don’t have it myself and couldn’t even turn it over to a trusted 3rd party to analyze it even if I wanted to do so. And I can’t think of a single company I trust enough to provide all of that information. I would maybe trust Google, but I’m not sure – that’s a lot of information and power to turn over to a single organization.