This post is the third segment in my series on an architecture for the social web. Previously: How social networks can replace email, which is a non-technical approach to the issues, and my follow-up describing how to build a social web architecture using available technology today.

So what about direct messaging?

In my previous post, I described content notifications in the social web as being Activity Streams updates in response to requests signed with an OAuth key. Each individual contact would have his or her own OAuth key, and the system would adjust delivered content depending on access permissions I had assigned to them.

A private message in this architecture could just be represented as an item of content restricted to a small set of recipients (in the email use case, this is typically just one), with replies delivered using Salmon. The advantage of this approach is that the message doesn’t have to be text; it can be audio, video, a link to live software, or something else entirely.

However, while this is technically feasible, it may not always be desirable. We know from Google Wave, which also pushes the boundaries of person-to-person messaging, that an open definition of what a message contains can get very messy very quickly. Although I was one of the first people to have one, I no longer check my Wave account regularly. I believe this is mostly a user interface issue: Wave is an awesome collaborative document editor (what I’ve heard described as “a massively multiplayer whiteboard”), but not in any way the evolution of email that its development team claimed.

Therefore, I think it’s useful to think about the difference between a document and a message:

• A message is the body of a communication.
• A document is a bounded representation of some kind of information.

While in many ways they’re the same, I think it makes sense to make a separation on the UI level. As we’re discussing a decentralized architecture here, some kind of semantic marker in our activity stream feed to mark something as a message would be a useful feature.

Messaging “out of the blue”

You know where you are with an email address. Mine is ben@benwerd.com. Anyone who encounters that string of characters, whether on a website like this one, a business card or a scribbled note on a piece of paper, is able to send me a message from anywhere in the world. In the 17 years I’ve had an email address, the list of friendships and business connections I’ve made, and opportunities I’ve received and developed, through this simple mechanism has been uncountable. It’s also likely to continue far into the future.

Compared to this, visiting someone’s social web profile and sending them a message from their web presence is a hassle. Compare these steps:

1. Receive the address of someone’s profile
2. Click the “follow” button either on the profile itself or on the toolbar of your social web compatible browser
3. Wait for the contact to follow you back
4. Send your message

To:

1. Receive someone’s email address
2. Send a message to that address

It’s simple, ubiquitous, decentralized and universally compatible. In fact, it seems hard to improve on, doesn’t it?

However, as this is a thought experiment about how social networking can replace email, let’s see if we can simplify this process somewhat. In my previous post, I discussed how a connection could be established with OpenID and OAuth through a web-based interface on a social web profile. How can we make this as simple as emailing someone, and cut out most of the steps I’ve listed above?

Connecting programmatically

I propose two additions to my previously discussed mechanism. The first is to expand the connection protocol to include a message. If someone connects to me on LinkedIn or Facebook, I receive some explanatory text from them, so it makes sense to include this feature in our decentralized social web architecture. It is likely that this would be an added parameter to the OAuth request token procedure.

The second is to allow connections to be made programmatically through a custom application. Just as we use email clients now, a social web client could automatically send a connection request. In keeping with our principle of using existing technology where possible, this is a simple OAuth connection request from the application, which includes a user message as described above. The application knows our details because we’ve set our preferences, so we’re never visibly redirected to a web browser to complete authentication. (In fact, this could take place using xAuth, a version of the OAuth protocol being developed for just these sorts of browser-free use cases.)

Whether we can send a follow-up message now depends on the receiving party. We have our OAuth token, and while it remains valid, the receiving social web node may choose to ignore any follow-up requests.

Our procedure has become:

1. Obtain address of someone’s social web node (you could even infer it using WebFinger)
2. Send a message to that node, bundled with a connection request

This is significantly better, and is comparable to the simplicity of email.

You may be wondering about the wisdom of adding everyone you contact as a connection. In fact, there’s some precedent for this already in applications like GMail. It’s important to note that not every connection need be a friend: in some ways, you can think of your total list of connections as your contact book. Some are important, some can be safely squirreled away until you need to contact them again. In this context (or any context where people you have a relationship with and people you’ve contacted are merged into one set), an adequate person management interface – or CRM to you and me – becomes important.

Next, and finally: let’s make our distributed social web architecture reliable enough to use in enterprise environments, using message queue protocols like ZeroMQ and AMQP.

My previous post was a response to Gartner’s prediction last month that social networking would replace email as the “primary vehicle for interpersonal communications for 20 percent of business users.” In it, I named some properties that would need to be held by any social networking system that would successfully replace email.

• Ease of use
• Ubiquity across devices
• Platform, service and infrastructure independence

My argument boiled down to the following statement:

Email has succeeded because it’s open, standard and decentralized; for social networks to replace it, they must also be open, standard and decentralized.

Email is useful because just about everybody has an email address. I can get in touch with my clients in London, my friends here in Oxford or my grandfather in Austin, Texas, with equal ease, even though all of them are using different infrastructure and software provided by different companies. I use Gmail, but there doesn’t need to be any kind of formal agreement between Google and whoever’s providing my grandfather’s email, say. It just works; nobody owns email as a communications method, and anyone can set up an email server. The same is true with websites: anyone can set one up, and nobody owns the web.

For social communications to be as popular and ubiquitous as email, there must be one social web, and it must be owned by nobody. That means that each socially-aware site or application must implement the same social communication standards.

The best standards aren’t dictated: they evolve through common usage. If you look at HTTP (the protocol that the web relies on), SMTP (one of the protocols behind email) and file formats like RSS and HTML, the common thread behind them is that they’re simple. It turns out that through excellent work at companies like Google, Plaxo, SixApart, Twitter, JanRain and – perhaps incredibly – JPMorgan Chase & co, we already have a number of technologies that collectively embody the properties I listed above.

Notes and server architecture for one possible social web

These are my ideas about how these standards might be used. These aren’t intended as replacements for existing social networking platforms or services; rather, they could easily be added as additional features both to those and to many other types of application. The ability to share isn’t a uniquely required feature of social networking software – think about its usefulness in applications like Word or Google Docs, for example.

With email, you use a software client (Outlook, say, or the Gmail web interface) that speaks to an email server which does the hard business of sending and receiving messages to and from the wider Internet. Here, I will be describing a system where everyone has their own node on the social web, which effectively acts as a client and server. Mine might be here at benwerd.com, for example. It’s my website – my profile on the social web – and it’s where I send social communications. That’s the server side. However, it also acts as the client when I’m accessing resources stored on other peoples’ servers.

Establishing connections and granting permissions

Let’s say I want to make a resource available to my clients. With email, I’d send them each a separate copy. This is both insecure and inefficient: I have no control over what happens to that copy, and each time I send it I create a new version. With some back-and-forth, there could easily be ten or twenty individual copies of a document floating around. (I often bounce software specifications – typically Word documents – around with my clients, and this is something that happens to me regularly. Google Docs is probably a better solution, but not everybody has a Google account.)

With the social web, only one version needs to exist, which I own. If my clients have established a connection with me, I can restrict that resource so that only they may see it. The tricky bit is that in order to know if it’s really them, they must be authenticated in some way.

In monolithic systems like Facebook, where everyone uses the same website, that’s easy: my client must be logged in, and we must have established a friend connection. In a decentralized system, that’s a much harder problem, but not insurmountable. Two technologies will help us:

• OpenID: the open, decentralized authentication standard, which currently uses a website address as a kind of universal username
• OAuth: an open protocol that “allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their username and password.” OAuth provides a secret token to applications that they can use to access authenticated services and resources behind the scenes

Specifically, we’ll need OpenID Connect (or, until that’s up and running, the OpenID / OAuth hybrid protocol), because we’ll be using OpenID to authenticate, OAuth to power our decentralized access permissions, and a number of other protocols and endpoints along the way. It’s much neater if these are all established at once.

Making friends and getting updates

The process would work in the following way. Let’s say I want to make a connection with my friend Marcus Povey.

1. I visit his site, and see that he is displaying a “connect to me” icon, indicating that it is a node on the social web. Later on, perhaps my browser would detect that this was a social web node in the same way that most browsers detect RSS feeds today, and light up an icon. Chris Messina has started a five part series on the browser as a social agent, which is worth a read.
2. Either way, I click on “connect to me”. Marcus’s site prompts me for the address of my profile, which I enter. (Later on, my browser does this bit for me.)
3. My profile address is an OpenID, and through the authentication process my social web node receives an OAuth token from him. No further authentication is required.
4. On his social web node dashboard, Marcus sees that I’ve established a connection with him. He can ignore it, in which case nothing happens, or he can mark me as a friend (or any other arbitrary designation, which could be unique to the software he’s using).
5. My social web node periodically checks for activity updates from Marcus’s, signing each request with that OAuth token so it knows who I am. This may be at my direct request; through repeated polling, RSS-style; or the update may be pushed to me through a PubSubHubbub ping.
6. Depending on the assignation he’s given me, Marcus’s node either responds with just a feed of public activity (if he’s ignored the request), or with additional activity he’s allowed me to see, in Activity Streams format.
7. Marcus can change my assignation or withdraw my OAuth token at any time from his dashboard. (Of course, throughout all this, the OAuth token mechanism is invisible to both users: it’s simply presented as a social connection.)

Embedded content and interacting directly on other social web nodes

Activity Streams is based on Atom, so content for items like blog posts (and resources like photos, using Atom Media) can be embedded directly in the activity feed. (Rob Dolin from Windows Live has some great examples.)

However, not all content is standard enough to be embeddable. In those cases, I can simply click through from Marcus’s activity update to his site, possibly log in again using OpenID, and interact with the content there. Additionally, by allowing users to log directly into his site via OpenID, Marcus can show selected people restricted content even if they don’t have the full range of social web software.

Friends lists and commenting

Further standards help us add extra functionality. If Marcus gives me permission, I might be able to download his contacts via Portable Contacts. Salmon is a protocol for commenting on distributed resources and allowing those comments to find their way upstream to the original, which is compatible with Activity Streams. Using this, I might be able to comment on Marcus’s activity items from within my dashboard and have them show up in his. Through this mechanism, all his friends could have a conversation on his activity stream items.

Reliability

So far, so good: we have a simple technological basis for permissive social communications. But if the social web is really going to replace email, we have to address one of the most important features for enterprise users: reliability. Businesses will not accept their critical communications being subject to fail whales.

In my next posts in the series, then, I’ll discuss person-to-person messaging and the thorny issue of guaranteed delivery.

The analysis firm Gartner just released five key predictions for social software:

1. By 2014, social networking services will replace e-mail as the primary vehicle for interpersonal communications for 20 percent of business users.
2. By 2012, over 50 percent of enterprises will use activity streams that include microblogging, but stand-alone enterprise microblogging will have less than 5 percent penetration.
3. Through 2012, over 70 percent of IT-dominated social media initiatives will fail.
4. Within five years, 70 percent of collaboration and communications applications designed on PCs will be modeled after user experience lessons from smartphone collaboration applications.
5. Through 2015, only 25 percent of enterprises will routinely utilize social network analysis to improve performance and productivity.

Social networks replacing email. Really?

I broadly agree with all of these, but that first prediction needs a little more analysis. Let’s think about why email has succeeded:

• Ease of use
• Ubiquity across devices
• Platform, service and infrastructure independence

I access email from my Dell PC, my iPhone, and have in the past used Blackberry phones, Macs, Linux boxes, etc, all the way down to Windows 3.1, using a combination of software that’s included Eudora, Thunderbird, Phoenix, Turnpike, and many more. Right now I use a combination of GMail, Google Apps and self-hosted email addresses; in the past I’ve used Microsoft Exchange in various guises, Yahoo Mail, and so on. No matter which provider or hardware I used, I could email anyone else with an email address, no matter which provider or hardware they used. Email is a completely open, interoperable standard.

Social networking is anything but an open, interoperable standard. If you use Facebook, you can communicate with other people on Facebook, full stop. Even networks based on open source solutions like Elgg are essentially social islands.

What needs to be done?

I strongly believe that social messaging can be significantly more useful to both enterprises and individuals than standard email. Proof-of-concept applications like Google Wave are beginning to show the way: you can make resources available to whoever needs to see them, rather than the current, inherently insecure practice of making copies and sending them out. Whereas email takes inspiration from letters and faxes, the social messaging paradigm is based more closely around conference calls and conversations.

Nonetheless, in a business situation, you need to be reasonably certain your message is going to reach the recipient, and the current platform constraints – only being able to message someone using the same site as you – are untenable. Let’s look again at those email success factors:

• Ease of use
• Ubiquity across devices
• Platform, service and infrastructure independence

Social networks do currently have ease of use. They may approach near-ubiquity across devices only if they create a developer ecosystem around their proprietary APIs, as Twitter has done, but this requires a lot of faith in a single third-party service.

No, I think it comes down to one principle:

Email has succeeded because it’s open, standard and decentralized; for social networks to replace it, they must also be open, standard and decentralized.

Next: real world, technical approaches to this that can be implemented today.

The British equivalent to Obama’s data.gov opened today. Over at ReadWriteWeb, Marshall Kirkpatrick points out the scale of the ambition involved:

At launch, Data.gov.uk has nearly 3,000 data sets available for developers to build mashups with. The U.S. site, Data.gov, has less than 1,000 data sets today.

[…][Unlike the US equivalent, the site] includes 22 military data sets at launch, including one called Suicide and Open Verdict Deaths in the U.K. Regular Armed Forces.

However, these are raw datasets. As Paul Clarke points out, the site only pays lip service to openness until someone comes along and turns these sets into useful reports and applications:

The only test of real success is: use. Not usefulness. Not theoretical use. Real use. Getting beyond the novelty application, the demonstrator, and the hobby lies at the heart of really untapping the potential of data.gov.uk.

Indeed, the figures that Techcrunch Europe report suggest that turning this data into something useful may be harder than it sounds:

So far over 2,400 developers have registered to test the site and provide feedback, [while] 10 applications have been created.

I left a comment on Paul Clarke’s post pointing out some potential pitfalls that may inhibit innovation, including the government’s insistence on licensing the data under Crown Copyright and their impartiality regarding Twitter. There’s also been some criticism around the lack of a common data format for each feed (although the RDF triple proudly displayed on the front page suggests this is likely to change).

Nonetheless, I believe this represents a huge step forward. Turning raw materials into useful, compelling applications that improve the users’ quality of life requires a huge amount of creativity and talent, and providing the data feeds in the first place is a crucial first step.

You can list all the available datasets here.

The following post contains my notes for a talk I gave at the Hauser Center for Nonprofit Organizations at Harvard University on June 25, 2009.

What is a social network?

I would like to reclaim some language:

Social is an adjective that means relating to human society and its members.

A network is an interconnected system of things or people.

Therefore, I’d suggest that we can define a social network as just being an interconnected system of people.

The audience of this talk is a social network; so are your friends, colleagues, interest groups and so on. Social networking tools facilitate social networks. The universe of social tools certainly includes web applications with social functionality, but it also includes structured face to face interactions, telephone, post, SMS, email. In other words, the web is just one possible tool for this purpose – albeit a very effective one.

If you build it, they will come

You can’t install a social networking tool and instantly expect usage: Field of Dreams is not a good model for community development. The web is littered with ghost sites created using Ning, Elgg and more that have been established in the hope that a user-base will magically appear; however, if your main selling point is the social network itself, nobody’s going to join until that network of people exists and is actively using it. It’s a chicken-and-egg problem.

Therefore, you either need to have an existing network of people to facilitate interactions between (for example, when Facebook launched at Harvard) or compelling functionality that is useful without a network of existing users (for example, Delicious).

If we’re creating a tool that’s useful for the first user who signs up, without a pre-existing social network, then what we’re really talking is a software application that uses the web as an interface, and happens to have social functionality as one of its features.

The web as applications

When the web was conceived, it consisted of documents and pages linked with hypertext: linked words and phrases that, when clicked, would load another, relevant document. Each page had its own Uniform Resource Locator, which allowed you to return to that specific page at any time. Each page could be a destination in itself, and although the sites (collections of pages) could be linked together through hypertext, each one had no need to know about your activities elsewhere on the web. Why would they? Documents don’t have memory; their role is simply to impart information.

Step forward to today, and the web is not entirely made of pages: applications now represent a large amount of the web. (Princeton WordNet defines an application as “a program that gives a computer instructions that provide the user with tools to accomplish a task”; Google Docs, Remember The Milk, Flickr, Delicious etc are all applications by this definition.)

The benefits are tangible: you can access an application’s functionality from any web-compatible device, anywhere in the world. You’re no longer bound to the software you happen to have installed on a particular machine, and you no longer need to worry about whether you’ve remembered to save a particular file onto a particular drive. Because of historic resource limitations, web applications tend to be easier to use, and entirely bypass the need for IT departments, which have unfortunately earned a reputation for being obstacles to productivity in many organizations.

This change of web usage has been reflected in the ongoing development of HTML, the markup language that all web interfaces are written in. The first four versions were largely orientated towards documents; however, HTML 5, currently in development, is the first version that explicitly contains functionality to support web applications. That includes offline storage and usage, sessions, and more advanced interface features. However, aspects of the document-orientated model remain.

Silos of information

Each application is its own atomic destination with its own URL, and is by default only aware of data created within it. That means we need to register for each application we want to use, fragmenting our accounts over potentially hundreds of products and company data centers, and that the documents, files and data we create within them can’t easily be shared with other applications. On my desktop, I can write a document in Word and open it in OpenOffice, or take a Paint doodle and load it in Photoshop, but there’s no easy, generic way to take my bookmarks from Delicious into another bookmarking tool, or to take my Google Docs and open them in Acrobat.com.

Currently, each web application is like a silo: they exist on their own, and if they interoperate at all, it’s through specific links between applications that have to be individually developed. Certainly, data created in an application stays in that application; sometimes you can check your GMail address book for contacts in order to find existing friends on a service you’ve just signed up to, for example, but it’s rare that you can actually export data fully into another product. As many of these services are free, a significant portion of their business models revolve around being able to control user-contributed data, keep users coming back, and sell user-generated activity data for marketing purposes. (One has to question whether the market for personal details will continue to be profitable, or whether, like the web advertising market before it, it will saturate and crash.)

In a social networking tool, the site model means that your contacts, the information you share and any detailed access permissions all relate solely to the application they were created in. However, collaborative spaces in social web applications are like documents: they’re one of the currencies of the social web. Just as I need to be able to use my wordprocessor of choice to edit a document, I need to be able to use my social tool of choice to collaborate with others.

Turning the model upside down

Right now, we have to register with each application we want to use. What if we required each application we used to register with us, in digital identities under our own control?

What if, using these identities, anyone could connect to anyone else, and anyone could store their data anywhere as long as the storage provider followed the same broad standards?

The web itself would become a social networking tool.

This is far more flexible, and future-proof:

• Your ability to collaborate is not subject to a single company’s success: social functionality and application infrastructure are inherent in the web itself
• The possibilities for collaboration are not subject to technology beyond common open standards, which can evolve
• A wider range of application possibilities is ensured, because web applications gain the ability to interoperate in a general way
• Privacy and user control are established by allowing a person to determine which application has access to which data

By establishing a general standard for social application interactions, the services and technologies used to make connections become less relevant; the Internet is people, one big social network, and users no longer have to worry about how they connect. We can all get on with communicating and collaborating rather than worrying about where we connect.

User-centered identities

Under this model, providing the software that hosts your digital identity becomes big business. This hasn’t gone unnoticed by the main service providers, and they’re already fiercely competing to be your identity on the web:

• Facebook wants your central identity to be a Facebook account (and arguably have made the user-centric model for the web part of their strategy for a very long time)
• Google wants it to be a Google account
• Twitter wants it to be a Twitter account
• Microsoft wants it to be a Live ID
• OpenID want it to be any OpenID-capable URL

Because I use all of these services, the result is a very complicated identity space. These are a subset of my profiles:

• facebook.com/ben.werdmuller
• google.com/profiles/benwerd
• twitter.com/benwerd
• profiles.yahoo.com/u/4IZCH2K6PEV775MICYR3DXMAMQ
• benwerd@gmail.com [my Microsoft ID, ironically]
• benwerd.com [my OpenID]

For identities to be usable as a generic standard, you should be able to use any of these – or all of them. Nobody has just one facet (or persona) comprising their identity; everyone has a collection, representing the different parts of their lives. Ben Werdmuller the web strategist for hire doesn’t need to be connected to Ben Werdmuller the Doctor Who fan, who in turn doesn’t need to be connected to the Oxford resident. They can be connected if I choose to make them, but separating parts of your life is part of a user’s control over their identity.

However, that needs to be context-specific, not application-specific. Currently, for example, my Facebook account tends to be personal, while my Twitter tends to be professional. That doesn’t make sense: in order to write personally on Twitter, I either have to accept the collision of those two parts of my life, or I need to create an entirely separate, fragmented Twitter account. Wouldn’t it be better to be able to control who sees which interactions, and choose tools based on the functionality they add to a conversation? Otherwise you have the situation I present above: one identity per communication context per application. That will quickly become unmanageable, and the web will be littered with dead profiles.

Conversely, I believe the future of the web is in atomic digital identities based on permissive, open standards, linked together as an application framework.

How do we make this work?

Problem to solve: user control

First and foremost, the framework for decentralization must be established – in other words, the actual social mesh standards that will make it possible.

Technical mechanisms need to be established for controlling access to a resource or collaborative space, which should be easy to use without removing any of the flexibility of the platform, and should allow for the maintenance of multiple personas.

Another part of access control is allowing a resource to expire gracefully. It’s important to know when to lose data: sometimes documents, resources, spaces, personas or entire identities may be transient and only required for a certain length of time. There’s no need for everything on the web to exist indefinitely; currently, rigorous indexes like Google ensure that much of it does.

Finally, the tools and standards we create must be permissive of goals, content and structure that we might not have thought of. There certainly doesn’t need to be an overarching structure or taxonomy between individual identity spaces, and constraining the technology to a rigid set of activities and data types would limit the scope of the platform.

Problem to solve: ownership

Existing web applications tend to have a single-ownership model for resources. However, Silona Bonewald rightly pointed out to me that this isn’t always the case, and in a free-flowing social mesh, multiple ownership needs to be represented. For example, all collaborators on a resource should have ownership access, unless they explicitly choose to rescind that right.

In a company environment, a user’s employer may have shared ownership (or full ownership, with author access available to the employee). The same may be true with students in a university environment. On sites like Facebook, the service owner may in reality have some ownership rights over the content.

How can we maintain this granularity, but also retain user control?

Problem to solve: privacy & transparency

There is a very public attitude of "when you put something online, it’s published" in some parts of the software development community, which is a useful concept that gives developers carte blanche to share data freely. In a fully user-controlled environment, this public-or-completely-private binary situation can no longer be the case; a resource may have been published to a few select people. Ignoring this trait disallows the platform’s use in important environments like enterprises or public bodies.

When you sign up to a service, you agree to that service’s terms and conditions and privacy policy. However, your data may be farmed out to a collection of other, secondary services via APIs, without your knowledge or consent.

An important aspect of user control is knowing how your data is used and where it is transmitted by the applications you use, so I propose a simple, human-identifiable and machine-readable mark that:

1. Applies permissions to how my data can be used by applications (like Creative Commons does for shared content)
2. Tells you in a visual way what happens to your data when you visit a site
3. Incorporates multi-ownership

It may be that these issues are addressed within the terms and conditions of a service. However, it’s very unlikely that a user will actually read the full contract. Therefore, a simple graphic icon with a link to a plain-English description, with an underlying microformat for machine-readable use, would be a welcome addition to the user experience. As the web becomes more mesh-like and data moves around more freely, conveying what happens to data owned by less-technical end users will become more and more important.

Problem to solve: platform

Finally, while it’s great having a conversation about this, these ideas aren’t useful to anyone unless someone goes ahead and builds it.

There are some existing projects and thinkers who are on these tracks:

• The Diso Project is turning the WordPress open source blogging tool into a decentralized digital identity through an array of open standards, and the project’s Chris Messina has a lot of wise things to say about its development.
• Laconi.ca is a decentralized microblogging platform, whose Open Microblogging standard may be adaptable into a more widely-scoped technology.
• The Open Stack is a set of developing technologies that address some of the issues.
• Marc Canter’s Open Mesh treatise goes into detail on many of the issues.

All of these are important contributions that strongly address some of the issues; however, we’re still a long way away from the vision of an open, social web.

Conclusion

I believe strongly, for the reasons stated above, that a decentralized, user-centered model for the web is the best way to advance it as an application platform.

Needless to say, I have my own ideas about how to actually build the platform, based on my Making the most of the web principles. However, it has to be a collaborative process: there’s no sense in building an open collaborative standard by yourself. My main concern is that the platform is created and works in an open, lightweight, flexible, easy-to-develop-for way while remaining secure and yielding control to the main user. The result will be an entirely new kind of platform, and presents a unique opportunity for anyone who wants to jump on board.

Images:

• WOW! My 1000 Friends by Cavin was released under a CC Attribution Generic 2.0 License
• Lonely Tree by Jule Berlin was released under a CC Attribution Generic 2.0 License
• Logo 2.0 part II by Stabilo Boss was released under a CC Attribution-Noncommercial-Share Alike 2.0 Generic License
• Upside Down by Johnny Jet was released under a CC Attribution Generic 2.0 License
• Pro Control 24 by Aud1073cH was released under a CC Attribution-Share Alike Generic 2.0 License

1. The rise of social networking
2. Monetization vs. collaboration
3. The open web
4. Fluid collaboration

The rise of social networking

Social forces have been the driving force behind application innovation on the web. Whereas previously we might have looked to advances in computer science for new directions, now some of the most dramatically impactful applications are lightweight, simple, and technologically unimpressive. The best new web applications have centered around collaboration, sharing and discovery with other people.

Correspondingly, enterprises have been relatively quick to pick up on this trend, and software vendors have been quick to grab the market. In an Intranet Journal article earlier this year, Kara Pernice, managing director at the Nielsen Normal Group, had this to say about the rise of social technology on the intranet:

"In the 9 years [the Intranet Design Annual, which highlights the ten best-designed intranets of the year] has been coming out (since 2001), I’ve never seen a change quite as great as this one."

On the Internet at large, social network use is growing at ten times the rate of other activities and now accounts for 10% of all online time, according to Nielsen Online in this March 2009 report (PDF), and is now more popular than email. Jerimiah Owyang has a list of more relevant statistics over on this digest blog post. Executive summary: social networks are big, transformative in terms of how we communicate and share information, and growing at an enormous rate.

Monetization vs. collaboration

Wikipedia defines a “walled garden”, in software terms, as being:

[..] A closed set or exclusive set of information services provided for users (a method of creating a monopoly or securing an information system).

In other words, a walled garden is a system where the data can not easily be imported or exported. These are often also called data silos, after the solid buildings used for secure storage.

Facebook, the #1 social networking site in most western countries, has over 200 million users, including over 30 million who update their profiles at least once a day. The network is free to use, yet their revenue for 2008 has been estimated at around $265 million, despite a decidedly “in progress” revenue strategy.

This has traditionally required a walled garden strategy: the content that users put into Facebook has not been easily removed for export or viewing in other interfaces, in order to preserve revenue from advertising (and – although this is a hunch – revenue from statistical analysis of users’ data). It’s only been in the light of some extremely negative publicity (for example this February 2008 New York Times article) that they have begun to relax this policy and embrace the open direction that much of the rest of the web is heading in.

Speaking personally, I get more enquiries from people wanting to build something “Facebook-like” than anything else, presumably because of its phenomenal popularity. However, this kind of walled garden approach is not conducive to true collaboration; generally people who ask for this are lacking a full understanding of the processes involved in social networking.

According to Nielsen, there are almost 1.6 billion people online. While Facebook’s 200 million sounds like a lot, it’s actually a drop in the digital ocean – so what happens if I want to share a Facebook conversation with someone who hasn’t signed up? The only way is currently to email them a link and force them to register for the service. Facebook would love me to do this, of course, because they get more eyeballs to view their ads and more people to fill in profiles. But what’s the point of even being on the web if you can’t make use of the decentralized communication features that form its backbone?

If I want to collaborate effectively online centering around a resource (which could be a file, a discussion or a pointer to something external), I need to be able to:

• Share that resource with the people who need to see it
• Grant access for them to edit it if required
• Notify them that it’s been shared with them
• Restrict access from everyone else

Furthermore, I need to do this with the lowest possible barrier to entry. My aim is to collaborate, not to get people to use a particular piece of software. By restricting this process, the Facebook model hinders collaboration.

The open web

The web was designed to be an open system, and adheres to principles (notably “every object addressable”, ensuring that every resource on the web has a unique reference address) set out by Doug Engelbart for open hypertext systems generally. Because web pages are interoperable, and all use the same basic standards, any page on the web is allowed to link to any other page on the web, no matter who wrote it or where it is hosted. In many ways that’s the key to why the platform is successful: despite being fragmented across millions of computers throughout the world, it navigates like a cohesive whole and can be viewed using a single piece of browsing software. (The downside to this is that the whole platform lives or dies depending on the capabilities of the browser you use: the sad fact is that Internet Explorer users, who often don’t have a choice because of policy decisions in their working environment, are at a disadvantage.)

While the original web was content-based, the social web is collaborative and centered around live data. However, because web applications are each developed separately using different sets of back-end infrastructure, their data does not adhere to the principle of interoperability – their user interfaces all use the same basic standards and can be viewed in a browser, but the underlying applications and data models tend to not work with each other. When social networks emerged, for example, there was no way to get Livejournal and Friendster, two of the pioneers in the space, to speak the same language; you still can’t add someone as a friend on one social network from another. More recently, this has become apparent in the walled garden approaches of Facebook and others.

Not only does this situation create a bottleneck for application design, and run contrary to the underlying principles that made the web a success, but it’s also a bottleneck to better collaboration. As Tim Berners-Lee, the web’s inventor, put it recently in this essential TED talk, data needs to be linked and interoperable in the same way pages are now. Beyond that, because walled garden services are making money out of the private information we’re loading onto them, there’s a human issue regarding the overall control of that data. Marc Canter, Joseph Smarr and others codified this into a Bill of Rights for users of the social web back in 2007. Though the issue has moved on since then, the underlying principles set out there are essential for open, collaborative, social tools on the web.

While the World Wide Web Consortium works on academically-developed standards for linked data in the form of the semantic web, developers have been getting their game on trying to solve the problems of interoperability between their applications and user control over their data. Application Programming Interfaces (APIs) – published sets of instructions for programmatically querying and extending web applications – have become popular, but in a very walled garden kind of way. Arguably the most successful has been Twitter’s API, which has led to a number of high profile third-party applications like TweetDeck and Tweetie that collectively eclipse Twitter’s own website interface in volume of usage. But these APIs are their own form of walled garden: an application written for Twitter will only work with Twitter, for example. The APIs are not generalized between applications, and as such are not truly open; in many ways they’re a way for services to get more functionality and reach for free.

One of the first attempts to publicize the benefits of truly open data was Marc Canter’s Data Sharing Summit, which I wrote about at the time for ZDNet. Chris Saad’s DataPortability.org attempted (largely successfully) to brand it, and latterly the Open Web Foundation has attracted some of the web’s leading lights in order to create a single organization to handle the creation of a set of open web application standards. Many of these comprise the Open Stack, which I’ve written about before; more generally, Chris Messina has written a very thoughtful overview on the topic.

Fluid collaboration

It used to be that to use the web, you would need to sit down at your computer and log on. Those days are over; the web is becoming more and more ubiquitous, thanks to devices like the iPhone. It’s also being integrated into software that wasn’t previously connected – it’s as easy, for example, to paste the URL of an image into the ‘Insert Image’ dialog box in most word processors as it is to pick an image from your own hard disk. The open, generalized API standards being created by groups like the Open Web Foundation bring us closer to enjoying that level of integration with collaborative social technologies.

The Internet is people, not technology: tools on the web (or anywhere else) facilitate social networks, but are not the network themselves. Currently they consist of destination sites, like Facebook, LinkedIn or Twitter – places that you explicitly have to visit in order to collaborate or share. This is the currently-fashionable model, but it’s a necessarily limited view of how collaboration can take place: all of these sites thrive on the walled garden model and are designed around keeping participation within their walls.

Not everything on the Internet works this way. Email, and increasingly Instant Messaging, are two technologies that generally do not: messages on email, Jabber and to a much lesser extent Skype are peer-to-peer and do not go through a central service:

1. You select the people you wish to collaborate (in this case, email or chat) with. Nobody but the listed recipients will be able to see the content you share with them, and it doesn’t matter if they’re using the same service as you; you don’t have to invite them to join email in the same way you have to invite people to join Facebook.
2. You write your content.
3. You send it.
4. They (hopefully) send content back.
5. The collaborative exchange lasts only as long as it’s useful, and then disappears (but is archived for reference).

Recently, Google announced Wave, a decentralized pairing of protocol and open source web application that took email and IM as its inspirations to redefine how collaborative social technologies could work. Questions have been raised about how a decentralized tool like this can work with corporate data policies present in most large enterprises and public sector organizations, but in some ways they miss the point: Google Wave is best thought of as a proof of concept for how decentralized, transient communities can work in a standard way on the web. In short, websites are a kind of walled garden in themselves: what we will return to is the idea of the web as an open patchwork of people, data and information that links together to form a whole, much stronger than the sum of its parts.

Predicting the future of social networking on the web is hard. However, I believe that as general open social technologies develop and become more commonplace, the “social networking site” will shrink in importance – instead, social network facilitators will become more and more ingrained in all the software you use. This will dramatically increase the types of content and communication that can be used, and present opportunities for much wider, more fluid and – most importantly – more productive collaboration as a whole.

OpenStreetMap is a project whose aim is to make a free map of the world. It’s extremely impressive: as well as searching the map in a normal way, the data is exportable via XML, PNG, JPEG, SVG and more, under a Creative Commons Attribution-Share Alike license.

But it shouldn’t need to exist.

In the US, federal government-created maps (and other data) are considered to be public information, and released freely. In the UK, such maps are subject to Crown Copyright, and the Ordnance Survey has been set up as a trading organisation that legally must make money from its efforts.

This was an archaic idea at its inception, but makes even less sense now. The economy is in dire straits, and what it should be doing is providing taxpayer-funded data for use by companies; this kind of data in particular could give British businesses a flying start. Instead, it chooses to make money from them instead, and web services are left to projects like OpenStreetMap, as well as US businesses like Google, in order to source information.

The Guardian’s Data Store is one British attempt to rectify the situation, but ideally all data in the public interest should be released in a format that is easily consumable by third-party applications. As well as helping entrepreneurs and small businesses, it’ll allow for a deeper understanding of, and participation in, how our country is run. Which can’t be a bad thing – can it?

The following post is a fleshed-out version of my notes for my talk at the Elgg International Conference on Monday, December 1st, wherein I discussed my attitude to social networks and how they should be built.

My slides are available in Powerpoint or OpenDocument Presentation format.

Let’s take this to first principles. Stating the obvious, what is a social network? Is it a collection of profiles, friends lists and so on, or is it something more fundamental? What does the term even mean?

Social is an adjective that means relating to human society and its members.

A network is an interconnected system of things or people.

Therefore, I’d suggest that we can define a social network as just being an interconnected system of people.

When defined like this, everyone has a social network, regardless of Internet or technology use, and they’re as old as human society. Your friendships, colleagues, professional contacts, fellow students and book group members are all social networks. They’re not necessarily communities – a “community” tends to imply a common geography or set of interests, which isn’t always true to a social network. But while a social network is not always a community, a community is always a social network.

Clearly, social networks are made of people, who are joined through something in common – perhaps something as community-like as an interest or a shared geography, or something fuzzier, like a mutual friend, a chance encounter, etc. People are complicated; they have individual personalities, quirks and foibles, which make it hard to interact with them in a cookie-cutter way.

Because people are complicated, networks of people are exponentially more complicated. To get the most out of your social networks, you need to be able to embrace everyone’s individuality. Furthermore, they’re not discrete; they may overlap in all kinds of ways. My friends may also be my coworkers, or someone at work may also be a part of my knitting circle. (If I had a knitting circle. Cough.) They have all kinds of different contexts, which may impose requirements on how the members of the network interact with each other. Work colleagues generally need to communicate within an office space, or via methods imposed by management, for example. More formal networks have more restrictions. Personalities may also impose restrictions: some people are bad at talking on the phone, for example.

Of all the tools and methods social networks can talk to each other, the Web is just one. Face to face conversations, telephone calls, SMS messages, faxes, emails, letters and telegrams are all perfectly valid types of communication.

So in short, let’s reclaim a piece of language: a social network is an interconnected system of people, as I’ve suggested above. The websites that foster social networks are simply social networking tools. A social network doesn’t live on the Web, but a website can help its members communicate and share with each other.

With this in mind, what’s the best way to foster a social network using a Web tool?

Joshua Schachter, the creator of Delicious, has this to say:

“If you need scale in order to create value, it’s hard to get scale, because there’s little incentive for the first people to use the product. [...] The system should be useful for user number one.” 

In other words, people need to be able to visit your site and see something immediately useful, even when a network has not developed around it. Flickr, first and foremost, is a site for uploading photographs. Delicious is a flexible bookmarking utility. Facebook is the exception to this rule, because it’s a utlity that helps you keep in touch with your existing friends – but because it was initially limited to Harvard students, Mark Zuckerburg et al were able to carefully grow it from a handful of people. The Harvard community was an existing social network, and Zuckerburg simply gave them a tool.

To summarise: you cannot install a social networking tool and assume that a network will grow around it. You must either have another purpose, or an existing network of people to plug into it. Either way, it’s also going to take a lot of work: you need to lead by example, and participate heavily every day.

As each tool should focus on one particular network, or at least type of network, I’d argue that the exact feature set should be dictated by the needs of that network. Educational social networks might need some coursework delivery tools; a network for bakers might need a way to share bread recipes. The one common feature in any social network is people; even profiles may not be entirely necessary. (Look at Twitter.)

What they should do, however, is amplify the network effect. The idea of a social networking tool is to make that network communicate more efficiently, so anything that the tool does should make it easier for that network to talk to each other and share information. The tool itself shouldn’t attempt to create the network – although that being said, new network connections may arise through a purpose. Most of us have made new contacts on Flickr or Twitter, for example, because we enjoyed someone’s content.

The final lesson is that, once again, people are individuals, and social networks are complicated. Therefore, the featureset in any tool needs to embrace as much of the full range of personalities and ways of communicating as possible. Tagging was a great invention, because it didn’t try and dictate the terms with which people sorted their content. As Schachter said about Delicious in the above linked article:

“If I went in there and said, Hey, you’re using that tag wrong, people would just tell me [where to go].” 

In other words, he was smart enough to leave people to sort their bookmarks however best suited them. There will be inevitable variations in the tags different people use to describe the same resource, but because the network’s personalities are catered for, they’re more likely to continue to use the tool.

This attitude is what led us to develop Elgg, initially for the educational market: a user-centred social networking tool to support educational communities rather than the top-down, rigidly specified software that was common at the time. The features we built into it – extremely granular access controls, cross-site tagging, personalisation and customisation for site admins – drew a lot of attention, and it quickly became apparent that they would be useful in scenarios well beyond education. We spent the next four years developing Elgg into a flexible tool for facilitating social networks.

The latest version – rewritten from the ground up to be even more flexible, while learning from all the feedback and Elgg usage to date – addresses all the aspects of social networks I’ve discussed above, except for one: overlapping networks. That’s what the Open Data Definition is trying to solve – and something we’re coming very close to being able to support. Marc Canter is trying to solve something similar with his Open Mesh, and he’s not alone.

The Web has become a great tool for supporting networks of people, and with the kind of innovation we’ve seen over the last eight years, can only become better. The only remaining question is: what kind of network do you want to build?