Friends, Fans, Links, Associates… call it what you like, the internet is full of them. If you are using a social network/service such as MySpace, Facebook, Plaxo or Linkedin you have relationships. Some of these people may be family, real life friends (IRL), co-workers, acquaintances, online friends or even complete strangers. The fact is in some database somewhere you are connected to other people. Now it is easy to say I own my information that is stored on my hard drive, and I could probably easily say that information that I put into a service like Facebook I own (like if I wrote something it shouldn’t be able to be claimed as someone else’s work) and I am sure Facebook has some privileges to it, but the question is who owns my “relationships” and also what rights do I have on the information people have shared with me.

I am going to use Facebook as an example because I think it is the easiest to explain and the most straightforward model for the discussion. So you create a Facebook page and you put up a profile picture, a little about yourself and some basic contact info (email, phone and location). Once you start going out there and making friends/connections/relationships on Facebook, your “friends” can now see this information. These friends now have access to you and your information. Now part of the terms of service (TOS) reads that by using Facebook you agree to not “harvest or collect email addresses or other contact information of other users from the Service or the Site by electronic or other means for the purposes of sending unsolicited emails or other unsolicited communications;”. Sounds good right? Ok here is where Data Portability comes in. Now data portability conceptually I believe is the greatest thing since sliced bread… it gives you the user the power to take the data you input and move it to where you want it, back it up, etc. Cheesy as it sounds, with great power comes great responsibility.

You now have all my Facebook friends contact data and you import it into my address book. Sounds great right? You can’t spam those people, you agreed not to when you agreed to the Facebook TOS. Now lets say you find a new social network, lets call it Footbook, and you want to invite all my friends to it… using your data from Facebook you could enter it into Footbook and make connections with your Facebook friends on Footbook. Now first off, Footbook may decide to spam all your friends who weren’t already signed up with invitations to Footbook, worse off yet, Footbook never agreed to the Facebook TOS and may sell your friends email addresses to spammers.

So is Data Portability bad? Absolutely not. Is Footbook bad? Well besides the fact that selling emails to spammers is kinda sleezy, they didn’t really do anything “wrong”. Actually the only one at fault is you. You are no longer just responsible for yourself, data portability and the extraction of relationship data and moving it from place to place means you now have control over all your “friends” data. Terms of Service and Privacy agreements take on a whole new level of importance when you aren’t just dealing with yourself. Have you ever been or known someone who has sent around an email virus? If you have friends or relatives like I do, you have that high school friend or aunt that you would NEVER open an attachment from. Well now you are the guy to NEVER share your profile information with on any social network. We are talking that level of embarrassment and loss of respect both personally and professionally.

So what can be done. Well the Data Portability Workgroup is trying to work that out, and I think if this sort of thing is important to you, and it should be, you should go over there and sign up and voice not only any concerns you have but also give them a little support because they are taking on an extremely messy problem… and doing it for free.

I believe the answer is going to lie somewhere between making a standard that allows people to opt-in/opt-out of allowing your “friends” to be able to export their information as well as some sort of organization that allows service providers to become a member and get a “seal of approval” for following certain standards of information management (such as asking the user “can I send invite emails to all your friends who have not yet signed up for this service”) and clearly lay out their information ownership policies in a standard format. If we the users make that “seal” mean something then the membership advantages to the providers will force them into playing cleanly.