Expert Texture
The blogged wandering of Robert W. Anderson
November 30, 2007 at 7:40 am · Filed under Attention
Unless you live under a rock (or don’t follow the social space) you know that there has been a big uproar of Facebook’s Beacon. This is the feature that enables 3rd party web sites to transmit your actions (or “stories” in Facebook lingo) to Facebook.
If you want to know more about how it works, Jay Goldman wrote the excellent post: Deconstructing Facebook Beacon JavaScript. The title belies the fact that the article gives a good overview too (it isn’t just for developers).
An innovative idea — one that reminds me much of the GestureBank work conceived by Steve Gillmor and myself. Given that, it should be no surprise that I don’t think Facebook did anything “evil” here.
Now, they could have done a better job with it. From the get-go, I would have preferred if they had
- been more public about how it works; and
- required that users “opt-in” to the whole program.
Not surprisingly, there was a backlash and Facebook made some changes (Official- Facebook Flips On Beacon). Great. I don’t think what they did violated their user contract, but the changes are more user-friendly. I would prefer my User Aware contract, though this is a User Beware contract (User Contracts - Part II- User Beware).
But, the problem isn’t with Facebook or their user contract. If you don’t like the service (in total), don’t use it.
What I don’t understand is all the focus on Facebook here. Like all silos they are capturing data, data, data. That is what Facebook is all about.
Why isn’t the focus on the 3rd parties who submit your stories? They are the ones pouring user stories into Facebook. There have been reports of users not having approved their stories. This is a bad thing, and maybe a technical flaw in Beacon, but ultimately it is the responsibility of the 3rd party to protect your data.
They should give the users control over their Beacon settings:
- Never send stories to Facebook
- Approve each story before it is sent to Facebook.
- Always send stories to Facebook.
If anything, Facebook should require this of its Beacon partners.
So, why aren’t people up in arms over the eBays, TripAdvisors, Yelps, Fandangos, Epicureans, etc.?
But, hey, if you don’t like the way these sites are spraying your data over the Internet, then stop using them.
Tags: Attention, AttentionTrust, Beacon, Facebook, GestureBank, Gillmor, User Contracts
June 10, 2007 at 6:14 am · Filed under Attention, Web 2.0
I recently wrote about some problems I had with the user contracts for Cluztr, an attention service. At the time I promised to write about a user contract I could stomach. Some of these ideas are being rolled into what Steve Gillmor has called Click Insurance to be supported by the GestureBank. More on that soon.
My problem with the Cluztr contract is their version of user opt-in. Cluztr is unremarkable in this way — many companies use the same approach. Their form of opt-in goes like this:
- Read our user contract before you use our service (good);
- Using our service implies acceptance of our contract (good);
- We may change our user contract (not good or bad);
- We may not post any notification that our contract has changed (bad); and,
- Continued use of our service implies acceptance of our new user contract (what?).
I call this the User-Beware Contract. This is any contract expressly allowing the service provider to change it without user notification. The onus is on the user to be wary of the service provider.
Instead, I’d like to see the User-Aware Contract. It goes something like this:
- Read our user contract before you use our service;
- Using our service implies acceptance of our contract;
- We may (and probably will) change our user contract;
- We will notify you of any change;
- Any change will require you to opt-in again formally (through a click-through or other process);
- If you do not formally agree to the new contract, you will be removed form the service and all user data associated with your account will be purged.
This type of contract puts the onus on the service provider. After all, the service provider changed the user contract — shouldn’t they take the responsibility of notifying them and getting their continued opt-in?
A variant of the latter approach is not uncommon (e.g., on banking sites). Your data may not be purged if you don’t accept the new contract; however, you will not gain access to the site unless you do.
That said, the User-Beware Contract is, by far, the dominant contract on the Web. The big players all use it, most of the smaller players use it.
I would like to see an attention service throw out their User-Beware Contract in place of a User-Aware Contract. Of course, they’ll have to notify their users of the change 
Tags: AttentionTrust, ATX, Cluztr, GBX2, GestureBank, Gillmor
May 18, 2007 at 6:18 am · Filed under Attention, Web 2.0
User contracts are the proof behind user in charge business models. I took Steve Gillmor’s challenge to go and take a look at attention startups in search of a user contract I could stomach. First up, Cluztr. I suppose this is pronounced cluster. Apologies to my distributed computing readership — this is not a clustering company.
The interesting part of their user contract is in their privacy policy. I call out some parts of it (out of order).
Adherence to the principle of Property
Most importantly in this context, the principle of property:
Property - You own your attention and can store it wherever you wish. You have CONTROL.
A critical corollary to this is that you can delete your attention data too. They have this covered in the following:
Cluztr collects clickstream data by means of a browser add-on that tags your use of the Internet. We do not track Internet usage on a secure website, or capture username or password information at any time. You have full control over your clickstream data and can delete or purge our database at anytime.
Note to legal: tighten up that language. This really should say “purge your attention data from our database” instead of offering users the right to completely delete the entire Cluztr database.
So far, so good.
Changing the policy without notice
And then we have some sticky language about changing this policy. Granted, this is common in its user unfriendliness:
By submitting your information you consent to the use of that information as set out in this Policy. If we change our Privacy Policy we will post the changes on this page, and may place notices on other pages of the web site, so that you may be aware of the information we collect and how we use it. Continued use of the service will signify that you agree to any such changes.
In other words (my words):
You own and control your clickstream data unless we decide that you don’t. This privacy agreement is the only place we are obligated to tell you this.
Not good.
Change of ownership
And finally, their sale caveat:
Unless otherwise stated in this Privacy Policy data relating to you will not be disclosed to any third party unless you have specifically given your consent. We will not rent or sell your personal information without your permission (other than as part of a sale of the whole or a substantial part of the assets of Cluztr).
This language makes me nervous because it appears to mean:
You own your data unless we need it as an asset to sell the company in which case we own your data. For all intents and purposes, we own your data.
To be kind, they may mean here that your contact info (like email address) is owned by them, but your clickstream is not. If they are purchased, that contact info would be passed to a new owner. OK, but the ownership of the clickstream should not change and, if that is their intention, they should state it.
Conclusion
Cluztr has made a good start at a user-friendly contract but then mucked it up by over reaching on rewriting the policy and on the company sale.
I wouldn’t sign up with an Attention service with such a policy.
Next up on this topic:
- the GBX2 broadcasting user licenses
- a better user contract (what I currently call triggered-opt-in)
- other Attention companies and their user contracts
Tags: Attention, AttentionTrust, ATX, Cluztr, GBX2, GestureBank, Gillmor
December 21, 2006 at 9:35 am · Filed under Miscellaneous
The GestureBank beta 2 went live yesterday. This beta is open. Go to http://attentiontrust.org/gesturebank for more info. Special thanks to Cori Shlegel for his work to get this done.
The GestureBank will be rolling out new Affinity Service capabilities next. This is where it will start to really resonate.
By the way: IE is not supported in this beta (as it was previously); it will take a bit of effort to get a new IE port. This is because managed extensions are kind of a dead-end for IE. So the existing managed port will be discarded in favor of an (eventual) unmanaged one written from scratch. See this (techie) thread for more information: Create a Shell Extension Handler thumbnail extractor with .net?. In this thread you can think of the words Explorer, Shell, IE, IE6, IE7, and Excel as synonyms.
Tags: AT, AttentionTrust, BHO, Firefox, GestureBank, IE7
November 7, 2006 at 11:04 am · Filed under Attention
New site design at the Attention Trust.
http://www.attentiontrust.org/
Good job guys. A little too much Latin, but that will get sorted out.
Looks good.
Tags: Attention, attention-trust, AttentionTrust
Main feed
Email subscriptions
