Lecture 2: Social Web Privacy & User Profiles (2012)

Social WebLecture 1I

What People DO on the Social Web?

Lora AroyoThe Network Institute

VU University Amsterdam

Monday, February 27, 12

Cognitive surplus is the best thing since sliced bread.


Social Relationships


Social in Physical World

• People have relationships within and across different social contexts: family, sports, work, friends

• In ‘real world’ this is okay, it works the way it does, due to a relatively small set of social contexts and interaction opportunities

http://www.w3.org/2005/Incubator/socialweb/wiki/SocialWebFrameworks2#Social_Graph_Management_Today




Social in Digital World

• Digital social dynamics match those in the physical world: friends are friends in both worlds

• However, there are also significant differences:

• # of people to interact with not limited by distance or time

• a person can ‘block’ or ‘manage’ relationships

• personae subject to different social norms

• personae can evolve over time

• personae are less (not) limited in scopeMonday, February 27, 12

Why Public Connections ...serve as important identity signals

help people navigate the networked social worldserve to validate identity information about people


Multiple SN Accounts• Users have many accounts on different social &

professional network services, e.g. personae for different situations/contexts

• They utilize their different accounts in different ways, depending on the digital context, e.g.:

• friendly chat on Facebook

• professional discussion on LinkedIn

• dating interactions on Hives

As a consequence there is a need to separate the systems to manage the user's profiles, identities & permissions, as well as their social graph (relationships) & their social media


Problems• Maintaining a multitude of online profiles for different

contexts is cumbersome and time consuming - not scalable

• It is difficult for new social networks to attract new & maintain active members simply because of the effort involved in creating and maintaining "yet-another-profile" and re-establishing different aspects of your profile under yet another context

• A user cannot control how their information is viewed by others in different contexts by different social applications


Architecture Neededfor managing multiple Social Web profiles

“policy-oriented web” architecture to support trusted services in the

longer term


For example ...• In one system manage your personal information:

• home address, telephone number, & best friends

• your Friends Profile gets exposed to Hives and Twitter

• In another system manage work-related information:

• office address, office telephone number, & work colleagues

• your Work Profile gets exposed to Plaxo and LinkedIn

• Another choice could be to store your entire profile locally with a trusted third party, and then

• your Health Profile can be exposed to health care providers

• your Citizen Profile can be exposed to government services


Social Web User





Distributed Profile





Social Graph





Social Groups





Frameworks





Personal Profiles


Does the Social Web affect social interaction?


Opening the Sites


Opening the Sites• Demand from application developers to make

use of the amounts of Social Web data & make their applications available to the site members

• Demand from users to reuse data and connections they have already established on other sites

• In response: Facebook provided an API & Google OpenSocial API


• an open, decentralized standard for authenticating users that can be used for access control, allowing users to log on to different services with the same digital identity where these services trust the authentication body

• making sure the users are who they say they are

• http://openid.net/


http://openid.net/

http://openid.net/

http://openidexplained.com/


OAuth

• an open protocol to allow secure API authorization in a standard method for web applications; it enables users to grant third-party access to their web resources without sharing their passwords

• largely based on: Flickr’s API Auth & Google’s AuthSub

• limitations in terms of complexity, user experience, scale

• 3 flows merged into one: web-based apps, desktop clients & mobile/limited devices; Facebook Connect - flows for web apps, mobile devices & game consoles

• http://oauth.net/


http://oauth.net/

http://oauth.net/

OAuth 2.0

• OAuth 2.0 focuses on client developer simplicity - providing specific authorization flows for web & desktop applications, mobile phones & living room devices

• not backwards compatible with previous versions

• 6 New Flows

• http://oauth.net/2/


http://oauth.net/2/

http://oauth.net/2/

Twitter employing OAuth

Figure credits: http://www.phpbuilder.com/columns/sachin_khosla062510.php3


http://www.phpbuilder.com/columns/sachin_khosla062510.php3

http://www.phpbuilder.com/columns/sachin_khosla062510.php3

Facebook Platform

• Graph API to read/write data into Facebook

• Authentication - interact with Graph API on behalf of Facebook users (single-sign on mechanism for web, mobile & desktop apps)

• Facebook Connect APIs - enable Facebook members to log onto third-party websites, applications, mobile devices & gaming systems with their Facebook identity


http://en.wikipedia.org/wiki/API

http://en.wikipedia.org/wiki/API

OpenSocial• Google initiative (set of APIs) based on open

standards JavaScript, HTML:

• People & Friends API (people and relationship information)

• Activities API (publishing & accessing user activity information)

• Persistence API (simple key-value pair data for server-free stateful applications)

• So, with Open Social embedded in a site, a site instantly becomes a social Web site

• integrated, e.g. OAuth, OAuth 2.0, Activity Streams,

• http://www.opensocial.org/Monday, February 27, 12

http://en.wikipedia.org/wiki/Activity_Streams_(format)

http://en.wikipedia.org/wiki/Activity_Streams_(format)

http://www.opensocial.org/

http://www.opensocial.org/

OpenSocial

• Half a year after Facebook Platform, Google launched Open Social

• Popular containers: MySpace, Hi5, Plaxo, LinkedIn, Orkut, Friendster, Six Apart.

• Plugged-in applications: iLike, Slide, Flixter, Rock You, etc.


Twitter APIs

• The Twitter platform offers access to the data of more than 200 million tweets a day, via different APIs

• Each API represents a facet of Twitter

• These APIs are constantly evolving, and developers have to be aware of that

• http://dev.twitter.com


http://dev.twitter.com

http://dev.twitter.com

Twitter for Websites

• TfW: a set of products that enables websites to easily integrate Twitter basic functions

• Tweet button

• Follow button

• https://dev.twitter.com/docs/twitter-for-websites


https://dev.twitter.com/twitter-for-websites

https://dev.twitter.com/twitter-for-websites

https://dev.twitter.com/docs/twitter-for-websites




Search API• Dedicated API for running searches against the real-time index

of recent Tweets; to allow a user to query for Twitter content:

• a set of tweets with specific keywords,

• tweets referencing a specific user,

• tweets from a particular user

• to access to data around Trends

• it’s limited, e.g. index of only recent tweets (6-9 days); no authentication: all queries are made anonymously; some tweets & users may be missing from search results (focus on relevance)


http://support.twitter.com/groups/32-something-s-not-working/topics/118-search-problems/articles/66018-i-m-missing-from-search

http://support.twitter.com/groups/32-something-s-not-working/topics/118-search-problems/articles/66018-i-m-missing-from-search

REST API

• the API for leveraging core Twitter objects

• enables developers to access some of the core primitives of Twitter including timelines, status updates & user information

• RESTful API calls to build a profile of a user: user name, user Twitter handle, user profile avatar & the graph of people that user is following on Twitter

• enables developers integration opportunities to interact with Twitter: create & post tweets back to Twitter, reply to tweets, favorite certain tweets, retweet other tweets, and more


Streaming API• real-time sample of the Twitter Firehose

• for developers with data intensive needs, e.g. to build a data mining product or do analytics research

• allows for large quantities of keywords to be specified and tracked, retrieving geo-tagged tweets from a certain region, or have the public statuses of a user set returned

• this requires to establish a long-lived HTTP connection and maintain that connection

• if Search API is too much rate-limited, then move to Streaming API


Streaming API Products• Streaming API: public statuses from all users, filtered in

various ways: by userid, keyword, geographic location

• User Streams: nearly all data required to update a user's display. Requires the user's OAuth token. Provides public and protected statuses from followings, direct messages, mentions, and other events taken on and by the user. The primary use case is providing updates to a Twitter client

• Site Streams: (in Beta) Once more than a handful of User Streams connections are opened from the same host or service, Site Streams must be used. The primary use case is website and other service integrations


https://dev.twitter.com/docs/streaming-api

https://dev.twitter.com/docs/streaming-api

https://dev.twitter.com/docs/streaming-api/user-streams

https://dev.twitter.com/docs/streaming-api/user-streams

https://dev.twitter.com/docs/streaming-api/site-streams

https://dev.twitter.com/docs/streaming-api/site-streams

Issues related to User Profiles & Networks


The Social Web is changing how our brains work.


Yet Carr wants us to know what we're losing in exchange for our dynamic, interconnected, Internet-fueled world.The Shallows is a rebuttal to those who unquestioningly accept a life in which information is unlimited, easily accessed but fractured and unmoored from context, and where people are constantly online and multitasking among e-mail, Facebook and websites. Extrapolating from the sagacity of Western philosophers like Plato and Marshall McLuhan and guided by recent, pertinent discoveries in neuroscience, Carr argues that the Internet physically "rewires" our brain to where we end up acting like computers — avaricious gobblers of information –- and our grip on what it means to be human slackens.

A large part of what it means to be human, he writes, is our capacity for "deep reading," an ability bestowed on us by Gutenberg's printing press, which fostered an "intellectual tradition of solitary, single-minded concentration."


Privacy Concerns• Legal still in its infancy, but courts do rule on new behavior

• fourth amendment to the U.S. Constitution & legal decisions concerning privacy are not equipped to address social network sites

• e.g., do police officers have the right to access content posted to Facebook without a warrant?

• Truthfulness of personal profiles has become a subject of debate

• Privacy hard to understand (few read Terms) and misinterpret ‘Friends’


Security

• security of people (sex offenders)

• security of computers and data

• With enormous numbers of users and enormous amounts of data, sites are natural targets of spammers, and phishing and malware attacks (‘new friend malware’, ‘twitter spam’ etc.)


Bill of Rights• Fundamental aspects to consider for users of Social Web:

• Ownership of their own personal information, including:

• their own profile data

• the list of people they are connected to

• the activity stream of content they create

• Control of whether & how personal information is shared with others

• Freedom to grant persistent access to their personal information to trusted external sites

http://opensocialweb.org/2007/09/05/bill-of-rights/




http://www.economist.com/blogs/babbage/2012/01/online-privacy

Issues:• burden on companies: it is next to

impossible to rid the web completely of a piece of information: some digital ripples will inevitably remain

• where one man’s data end and another’s begin

• crooks may try to invoke it to have their name struck from unfavorable online coverage

• it is not always clear what counts as reporting on the internet

“Having figured out how to remember nearly everything,

it is about time people relearned how to forget”

27-01-2012

“Personal data is the new oil of the internet and the new

currency of the digital world.”

Meglena Kuneva, European Consumer Commissioner, 2009




Privacy: Awareness not Paranoia

"privacy paradox" = lack of awareness of the public nature of Internet

flexibility to handle friends with different conceptions of privacy

ability to control data flow inside and outside network

realize that sensitive information can be reconstructed


Current Public InitiativesSOPA, PIPA, ACTA

• By media industry:• AHRA 1992 - soft• DMCA 1998 - surgical• SOPA/PIPA 2011 - nuclear

• By non representatives• ACTA - 39 countries


http://thenextweb.com/twitter/2012/01/27/twitter-isnt-censoring-you-your-government-is/




Would SOPA/ACTA change your behaviour on the Social Web?


image source: http://www.flickr.com/photos/bionicteaching/1375254387/

Assignment 1


Hands-on Teaser

• Installations

• Python 2.6 or 2.7

• Python packages: json, facebook, uurllib2

• JavaScript Info Vis Toolkit (jit.zip)

• Facebook Developers app

• Experience OAuth

• Query the Facebook Open Graph

• Visualize your Facebook social network in various ways

image source: http://www.flickr.com/photos/bionicteaching/1375254387/


http://www.flickr.com/photos/bionicteaching/1375254387/

http://www.flickr.com/photos/bionicteaching/1375254387/

Lecture 2: Social Web Privacy & User Profiles (2012)

Technology

Transcript of Lecture 2: Social Web Privacy & User Profiles (2012)