Today I spammed everyone on my AIM contact list with an invitation to join Facebook. I was searching for co-workers on the social network, trying to understand the more useful apps and plugins available to the average user, when I inadvertently clicked yes and authorized Facebook to contact everyone on my buddy list. I was distracted. I was multitasking. I was not as careful as I should have been. And, with one click, I was totally humiliated. My heart stopped for what seemed like an entire minute while I prayed for a confirmation screen that never came. I had misread a question, given my permission, and there was no going back. I just sat there and wondered how I'd explain to my colleagues, friends, peers, and, of course, the random total strangers I'd added to my list along the way, that I was a complete idiot who'd let Facebook hijack my buddy list to solicit memberships. I was one more unsuspecting pawn in the Facebook battle for world domination.

There is value in centralizing data. So many of us are out devouring and contributing to content-rich websites and social networks, connecting with long-lost friends, classmates, colleagues. We're finally in a position to leverage 'who we know'. Because, what have we always heard? It's not what you know, but who. And the who has never been more accessible. We're separated by miles and years and jobs, but we're just a click away thanks to networks like Facebook and MySpace and LinkedIn. There are new social and professional network sites trying to get in on the action every day. Today alone I had two colleagues try to get me to join Plaxo Pulse. I couldn't help but wonder if they even knew they'd asked me to join. Recently a friend's contact list had been hijacked by Spock (I refuse to link to this evil entity) to invite 2500 of his closest friends to join him there. I felt better about my 125 AIM messages when I compared it to 2500. But the sting was still there.As more and more of these networks fight for our information, who's going to prove the front runner? Clearly he (or she) who owns the most data wins. And Facebook's shift from social network to 'platform' seems to suggest they believe they can connect all of this decentralized data floating around on the web and make it accessible via their single, simple, interface. So while the data might be scattered amongst iTunes, flickr, Amazon, AIM and other lesser known entities, a series of simple web applications can integrate all of it into the Facebook platform. What's more, Facebook turns it around and provides an aggregate snapshot of your contacts' data. It's really a win-win. Or is it? Recently Facebook has taken some heat for invasive marketing tactics via it's Beacon system. Beacon takes data from external websites and makes it available to your contact list with the intention of promoting product through passive endorsements. If you bought something on Amazon, and you're my friend, the thinking is I might be interested in that product as well. Because you, my friend, are just so darn influential in my life. The problem with this theory is you might be my friend, but I might not want you to know I just bought zit cream from my favorite zit cream website. Its an invasion of privacy and Facebook is still working that one out. Beyond that though, Facebook is starting to look like the Borg. Resistance is clearly futile. If you want to be in touch with anyone in this 21st century the easiest and most practical way to do it is through the web/Facebook, and peer pressure is unavoidable. Come on, everybody's doing it. There's a suggestion of youthful trendiness that we all fall victim to. Once you make the leap, though, you've sold your soul to the internet's equivalent of the devil. Because once you create that profile, there's (allegedly) no getting that data back. You can't quit Facebook. Not really, anyway.

What does it all mean? To those of us working in technology? And those of us consuming it? These are tough questions to answer. But it seems clear that one of the most valuable assets of our time is our data. Our information. Yet, in spite of that reality, our data is clouded by a mix of fear (identity theft) and ignorance (my dog's name is my password!). What's our responsibility as creators of content, and websites and systems and as participants of networks? What is our contribution? How can we influence how all of this unfolds? I believe that how we interact with, and collect data from users, needs to reflect truth and authenticity. Sure, we publish privacy statements and terms of use policies. We won't store data or we won't sell it or give it away or use it without permission. But it's more than that. We need to help users understand what it is they're providing and how easy it is to exploit. We need to give them an opportunity to change their minds, or confirm their understanding of an interaction. In my case for instance, a simple 'confirmation' page would have saved me the embarrassment of having to apologize to 125 friends and colleagues for that unwanted IM spam. Facebook knew exactly what it was doing when it required only a single click to access my list. I think it's a cheap tactic in the race for the most data. The downside is, I'm no longer as enthusiastic about the value of Facebook as a networking tool. I see it as suspect now. The upside is I'll be more careful when I use little web apps like that. But our standards for collecting this data aren't set in stone. We've only just begun, so what more can we do to extend real value for the user, and tap into the thing that's most valuable to our clients? We can consider a user's understanding of their valuable points of data as part of our commitment to simple, usable web experiences. We should see how we collect data as part of usability. We should only collect what is absolutely critical to the experience and we should make certain the user understands the cost of sharing their data and the return on their investment of trust. Finally, we need to keep our promises. Sharing data should have some reward for the user, in terms of access to content, or connections or something of value. We should treat our user's data as sacred. If we expect to foster a long-term customer relationship, we need to respect what we know about a user and what we continue to discover. It's common sense, really.

Any of us, even presumed 'experts' can fall victim to guerilla data collection tactics. It's embarrassing. It's painful. It's avoidable. The difference, though, is we have the ability to influence change. We have the option of applying some code of conduct to how websites interact with users. We're not done. We've only just begun. Facebook doesn't get to decide. We do.

[cross-posted at the MIMA blog]