From the consumer perspective: They need to become functional at a faster rate than people get bored with them.

From the business perspective: They need to become boring at a faster rate than they become functional.

(The above is reprinted from a comment I left on Read/Write Web.)

I know, Facebook hasn’t become boring yet: average time spent on the site is up, although it’s flattening, at least in the UK.

Nonetheless, Web offerings follow a predictable pattern. At first, they are fun and cool and new and interesting, but nothing can be new forever. Ipso facto, for a site to have longevity, the attraction must morph to something other than pure novelty.

Take email. Remember when getting an email was cause for boasting? It was a while ago, to be sure. The reason we’re all still using email is that its utility increased at least as quickly as our fascination with it waned. Same with Google.

Neat for neat’s sake doesn’t last—but that doesn’t mean it can’t be supplanted by useful.

When I first signed up to Facebook, it was interesting just to find old friends and watch the connections grow. Now I use it mostly to play Scrabulous. What about you? How has your Facebook usage evolved?

One of the questions on the VortexDNA survey is about the percentage of time you feel you’re able to be yourself at work.

It’s a great question. The first time I took the survey, I was in a job that I didn’t enjoy. My natural state is one of irrepressible exuberance, and yet I spent my days sullenly biting my tongue and tamping down my spirit. As I responded to the question, I knew how much I was letting myself down.

Things have gotten a lot better since then. I work for myself. I share an office with two friends, people with whom I genuinely enjoy spending time. I choose how I spend my days and with whom I choose to do business.

Yesterday my officemates and I went out to lunch together. As we placed our orders, I spied Raf, from VortexDNA, coming in.

Now, you may have figured out from the title of this blog that I do a bit of work for VortexDNA. And I certainly would never want to jeopardize my business relationship in any way. But here’s the beauty of it: he came in, and he joined me and my friends for lunch, and the dynamic didn’t change. It didn’t grow stilted. I didn’t feel fearful that he might see the non-work side of me.

We all adjust our behavior to be appropriate for a given situation. I might swear with my friends, for example; I wouldn’t on this blog or with my mother-in-law. I choose carefully when and with whom I’m willing to engage in a conversation about politics or religion. But there’s a big difference between deciding to be appropriate and suppressing your inner nature.

I’ve been thinking about this a lot lately because of the privacy issues surrounding Facebook. A lot of the complaining is from people who have carefully compartmentalized their lives and would be livid if their various personas were ever to overlap. Professional career women having their lesbianism dissected at the office water cooler. Authoritarian parents letting their kids see them as real people.

Take this quote from a New York Times article dissecting Facebook’s privacy problems:

Mr. Das, who joined Facebook on a whim after receiving invitations from friends, tried to leave after realizing that most of his co-workers were also on the site. “I work in a small office,” he said. “The last thing I want is people going on there and checking out my private life.”

“I did not want to be on it after junior associates at work whom I have to manage saw my stuff,” he added.

There’s nothing wrong with Mr. Das’ desire for privacy, and I’m not suggesting that our every weekend fling should be shared indiscriminately with our business colleagues. I do wonder, though, if they are two separate issues: the Facebook one, and the one in which our many lives are kept completely dis-integrated. Is there something wrong with the fact that so many of us don’t want people to see who we really are?

What do you think about it?

Yesterday, Michael Barrett, Chief Revenue Officer for Fox Interactive Media, gave what was probably the most delicious announcement of his life. FIM, of course, owns MySpace, and the announcement in question was the early results of their ‘hypertargeting’ ad program: a 50% to 300% gain in click-through rates for participating advertisers and a 50% gain in CPM rates.

Almost more importantly, the company managed to pull the stunt off without incurring any of the “How dare you betray me?” response generated by Facebook’s Beacon.

Mark Walsh at Online Media Daily covered the story today. The privacy issue came up right from the beginning of the article:

“We’ve heard loud and clear there’s a growing desire for regulation for the Internet in general, and now targeting specifically,” Barrett said. “We are going about [targeting] in a very up-front, opt-out way.”

Of course, Facebook performed an about face last Friday, changing from opt-out to opt-in, which requires users to proactively request to participate in the program. It’s unlikely, however, that the move will completely repair the damage that’s been done by the backlash to the ad service, especially when the apology is immediately followed by yet another Facebook Beacon scandal.

You can never underestimate the fragile nature of your customers’ trust, and you can never stop working to continually earn it.

The reason that MySpace’s program is working, while Facebook’s generates resentment, has little to do with opt-out vs opt-in. It’s that people don’t like the program—they don’t like their purchasing info being broadcast indiscriminately.

Users ask for opt-in when they don’t want what they’re getting. When was the last time a Google ad was opt-in? When was the last time you had to opt-in to see ads on any website, for that matter? We’ve been getting targeted ads for years, whether they’re targeted to us personally or targeted to our search queries. A more targeted ad doesn’t shock the system; it makes it better.

The bottom line is that if companies are giving customers what they want and respecting that they are free individuals with independent decision-making capabilities, which way they opt becomes much less of an issue. Facebook got focused on the power of word-of-mouth, and forgot that it doesn’t work if the mouths go away.

The current fluidity with which people can define and destroy a movement, a business, or an entire economy is unprecedented. The days when a company could afford to be contemptuous of its client base are going or gone.

We have seen the future, and it is us. We are the searchers. We are the social-networking platforms. We are the advertisers, the publishers, and the consumers.

And if it is us, it is you. Put yourself in MySpace’s shoes. What would be your single overriding objective for an ad platform? What would define success and what would define failure? And how would your customers benefit?

Summary: This post is a continuation of yesterday’s discussion. My personal opinion about Facebook Beacon is that they got it wrong, principally because it violates two of the cardinal rules of privacy: relationship and control.

Yesterday, I covered some of the negative reactions Facebook got to the launch of its Beacon ad platform. Today I’ll give you my take on the matter, but first an update on the worsening backlash to FB’s perceived privacy invasion.

Yesterday, MoveOn condemned Beacon and launched, in a stunning twist of irony, a Facebook group to protest it. At of 7AM PST, the group had 2,000 members. Right now it’s 8:00PM in Cali, and the group has swelled to 8,787 members. Their movement is being covered by the New York Times, the LA Times, and CNN, among many others.

A rival group has sprung up to complain about the complainers. As of this writing, MoveOn.org and their Facebook group against Beacon need to leave Facebook has eight members. Eight.

The original protest group has a couple of dissenters as well, including a discussion board titled, ‘MoveOn is distorting the issue.’ Most of the comment thread, though, comes from people clarifying the privacy problem rather than fighting to save Facebook’s reputation. This excerpt, posted by one Simon C (and reproduced here with his permission), comes to the crux of the matter:

People share a positively astounding amount of data on Facebook, stuff I cringe to see: real names, relationships, email addresses; even postal addresses and phone numbers, for fuck’s sake. And in initiating a wide-ranging tracking program, silently and non-optionally, Facebook has taken a huge step towards building a (to me) far more comprehensive log of my personal activity than I deem acceptable, and one which is strongly linked to a lot of real-life data. Moreover, it has done so without offering me any new functionality that I value.

In creating a Facebook profile, I enter a certain amount of data on the understanding that it will be used by Facebook to target me with advertising. In exchange, I get a pretty clean, functional site that allows me to connect with old friends, and share photographs swiftly (the zombie/pirate shit can fuck right off). Beacon offers no such quid pro quo. Facebook have unilaterally decided to take ownership of my web activity, *without telling me*, and in exchange have offered me the distinctly dubious privilege of sharing my shopping habits with my “friends”. I fail to see the benefit to me here, and I strongly resent the presumption that my internet activity is free to be monitored without my consent.

Now here’s my opinion (I know you’ve been hanging out for it, and I certainly don’t want to disappoint):

Facebook’s Beacon violates two of the cardinal rules of privacy: relationship and control.

One of those rules is that privacy is a relationship. It is the relationship that governs what happens after we share any information of any kind with anyone, anywhere.

The privacy relationship is what prevents my doctor from telling you what drugs I may or may not be on.

The privacy relationship is why my lawyer won’t tell you what we discuss in the confines of his office.

The privacy relationship is why my friends won’t tell strangers my deepest darkest secrets.

The privacy relationship is why I don’t mind it when companies that receive my information use it to market back to me. This is a two-way privacy street. They’re not telling me anything I didn’t already know. If I search for ‘new cars’, and Google shows me ads of new cars, that makes sense. I shared my private info with them, they use it to enhance our interaction. This is the same thing my doctor does and the same thing my lawyer does. I share my information with them on the understanding they will use it only to benefit me.

This relationship is also why most people don’t get worked up about behavioral targeting: see David Berkowitz’ excellent piece 1984 Fan, Do You Find Facebook’s Ad Targeting Creepy? He took out an ad targeting Facebook users that had self-identified as fans of George Orwell’s book 1984 and asked them, in the ad, what they thought about being targeted by the ad. The responses are telling: most people had no objection whatsoever.

The problem with Beacon, though, is that it violates that relationship by sharing your information with other people, people you may or may not want your information shared with, in a way that doesn’t necessarily benefit you.

I share with Google: I get free search and relevant results. Facebook shares with my friends: I get questions I don’t want and a boyfriend who knows what he’s getting for Hanukkah.

The second cardinal rule that Beacon violates is control. When I share information with my doctor, I have to sign a waiver before she’s allowed to share it with anyone else. With Beacon, I have to find every person my doctor might consider sharing my info with, and tell them that I don’t want them to have it. It’s an undue burden, and it takes the data from the dominion of the users and puts it in control of organizations who don’t respect the privacy relationship (see Cardinal Rule 1).

So, yeah, I think Facebook got it wrong on this one. They can and should recover, and I hope they do, but I also hope the lessons permeate. We as users—myself included—have been inordinately permissive with the way our data gets bandied about, but we’re making it clear that some boundaries shouldn’t be crossed.

As always, I’d love to know your response, whether or not you agree with me. Privacy is about all of us, and the collective decides the norm.

Summary: Facebook’s Beacon program, which announces your purchases on your FB profile feed, has generated some vociferous responses from privacy advocates. There are some profound issues here that I’d like to explore in more depth. This post covers responses to the program so far, starting with Om Malik and running the gamut from Search Insider to the Wall Street Journal. Tomorrow, I’ll provide my thoughts on the matter.

I was all ready to leave this topic alone, really! But the issues that have been raised since the launch of Facebook’s Beacon advertising platform have become too central to the topic of privacy for me to ignore.

The social-graph-leveraging ad service was pegged as a potential privacy nightmare the day it was launched (November 6) by Om Malik, who raised some pointed questions to the good folks at FB and received responses that were vague at best, leaving him to conclude:

…in reality, this is a privacy disaster waiting to happen. The javascript on the Fandango site pops up a little screen which asks if you want to publish the information on Facebook. If you say no, your friends won’t see the information, but apparently Facebook still receives it. This means that if you are a Facebook member, Facebook will know what you are doing on each of their partner sites. And there is no way for you to opt out of that. Or is there? I asked Facebook to clarify and I am still waiting for them to write back.

We could say that this is a knee-jerk reaction—after all, it came out the very day the program launched—so it’s worth checking into subsequent opinions and experiences from the past two weeks. (Yes, yes, I know that it’s only been two weeks and we’re still dealing with knee-jerk reactions. I’m just summing up the situation to date.)

The day after the GigaOm stake-in-the-ground, MediaPost’s Just An Online Minute backed him up:

Another part of Faceboook’s plan, the Beacon program, is far more troubling from a privacy point of view. That initiative involves informing people’s friends of purchases they’ve made online. In other words, if one Facebook member buys a DVD of, say, season two of “The Office,” and allows that information to be shared with others, the member’s Facebook friends will be notified that one of their contacts has purchased that DVD.

Users will be able to opt out of the service, but privacy concerns remain. Simply explaining this type of offering to people who aren’t familiar with Web advertising might prove difficult, let alone explaining the opt-out procedure. What’s more, even tech-savvy users mistakenly check the wrong boxes online, inadvertently opting in instead of out and vice versa.

Headlines of stories about Beacon continued to touch on the potential negatives; a piece from my university paper, the Cornell Daily Sun, came out with The Last Straw for Facebook?, while Mark Simon’s Search Insider column the following Monday was titled Social Ads or Social Networking Nightmare?

Privacy advocates and legal eagles picked up the thread, with the Wall Street Journal last Friday reporting on the real-world implementation of the program (thanks to PogoWasRight for the tip):

…Last Sunday the Law Blog purchased three tickets to “Bee Movie” on Fandango, the movie site. After we did this, Facebook automatically updated our profile to say, “Peter bought ‘Bee Movie’ on Fandango.”

Huh? Did we want everyone on Facebook to know our movie-buying habits? Not really. But it seems we agreed to this. According to Fandango’s privacy policy, which we agreed to by using the site, “If you are a member of a social network service (such as Facebook, MySpace, etc.) or you use other Internet sites where you have authorized them to gather information about your online behavior on Fandango . . . Fandango may share information regarding your activities . . . with those third parties pursuant to your authorization.”

Then we checked out our privacy settings on Facebook. Under “Privacy Settings for External Websites,” there’s a Fandango icon, indicating that we’ve agreed to have our actions on Fandango sent to our Facebook profile. We changed our profile, mandating that they never — never! — do this again.

And now today. CNet’s Caroline McCarthy reported that MoveOn, which historically has focused its energy on domestic regime change, has decided that Facebook Beacon poses a significant privacy problem, one that has to be stopped:

Online activist group MoveOn.org is poised to announce a campaign targeting Facebook’s “Beacon” advertisements, which post information about users’ activity on partner sites (movie rentals, purchases from online retailers) onto their friends’ News Feeds. According to MoveOn representatives, the organization considers this to be a “glaring violation of (Facebook’s) users’ privacy,” and has launched a paid ad campaign on Facebook, a “protest group” on the social-networking site, and an online petition to encourage the company to allow users to opt into the program at their own volition.

“The bottom line,” MoveOn spokesman Adam Green said in an interview with CNET News.com, “is that no Facebook user should have their private purchases online posted for the entire world to see without their explicit opted-in permission.”

It’s true that Beacon advertisements are limited to the news feeds of the people on a user’s friends list, but Green said that doesn’t make a difference. He cited Facebook user testimonials that ranged from members who said their entire Christmas lists had been published on their News Feeds (spoiling many a surprise in the process) to student activists who were concerned that sensitive purchases might show up and result in serious consequences–”If a college kid rents Brokeback Mountain and some homophobic person on his campus sees that, that could be a real problem,” he explained.

This was too much heat for Facebook to ignore, so, a couple of hours after the MoveOn announcement, they responded with one of their own:

“We encourage feedback from our users on new products,” the Facebook statement read, “but in this case, the MoveOn.org-led group misrepresents how Facebook Beacon works. Beacon gives users an easy way to share relevant information from other sites with their friends on Facebook.”

…Facebook’s statement stressed that because this information is not public, it isn’t an invasion of privacy. “Information is shared with a small selection of a user’s trusted network of friends, not publicly on the Web or with all Facebook users,” the statement explained. “Users also are given multiple ways to choose not to share information from a participating site, both on that site and on Facebook.”

MoveOn.org spokesman Adam Green was quick to provide an additional response. “If Facebook’s argument is that sharing private information with hundreds or thousands of someone’s closest ‘friends’ is not the same as making that information ‘public,’ that shows how weak Facebook’s argument is,” Green said in an e-mail. “Facebook users across the nation are outraged that the books, movies, and gifts they buy privately on other sites are being displayed publicly without permission–and it’s time for Facebook to reverse this massive privacy breach.”

I’ll pick this story up tomorrow and give you my view on the implications and issues, but I’d also really like to hear your reactions, both to this post and to the Facebook Beacon program as a whole. What do you think of it? Have you seen it in action?

There’s been a lot of virtual hand-waving going on following Facebook’s announcement that they’ll allow search engines to spider member public profiles, but I have to yoink a phrase Charles Knight used on me recently: the emperor isn’t wearing any clothes.

Let’s take a look at the stakeholders in this particular fairy tale:

Search engines: obviously happy. Even the alternative people-search engines Charles interviewed, as this comment from Wink demonstrates:

“This is a great move for Facebook, because their users become more reachable and the community becomes more valuable. And it’s a great move for People Search Engines, because another great source of profiles is available. We just hope that they will let people include more data in the Public Search Listing, such as location, school, work, etc. We also want to be sure that people have complete control over their own information and can choose to maintain their privacy.”

Bloggers? Delighted, judging by the sheer volume of words, including my own, being devoted to the topic.

Users? David Berkowitz has pointed out more than once that Facebook goes to greater lengths than most to give users control over what information can be viewed.

Facebook isn’t exposing entire profiles to search engines. Instead, Facebook creates “public search listings” based on the profiles. Facebook tells members, “Your public search listing consists of your name and the thumbnail version of your profile picture. This listing will be shown to people who search for your name when they are not logged in to Facebook.” The listing also includes links for Facebook users to send you messages, view your friends, poke you, or add you to their friend lists. Facebook notes that while search preferences within Facebook are updated automatically, the engines will be slower to act on any changes.

…Facebook members can control who can find their profiles within the site - friends, people in shared networks, or everyone. Only if “everyone” is selected will Facebook provide members with the option of allowing others to see their public search listings. If that option is checked, members can then allow public listings to be indexed by search engines.

But here’s where I’m really confused, and I’ll be truly grateful if someone can explain it to me. The announcement is that Facebook is opening its public profiles to be spidered by search engines, whereas up until now they were only available to the 39 million people who are already a member of Facebook. It just doesn’t seem like a privacy issue. Okay, so now you can be found by Google in addition to the 39 million people who are on Facebook—and, let’s face it, having to create a Facebook profile is hardly a barrier to entry. It’s not as if profiles were limited to an elite few before this announcement.

If people are concerned about what information is available, they have more to worry about than their public profiles being made available; the totality of the information that can be pulled together into a complete picture of you should raise a lot more flags. This article from Stefanie Olsen at ZDNet paints a scary picture of what online marketing dataminers Rapleaf know about you. I tried it—it said my reputation was 2! I don’t know if that’s good or bad; 2 seems like a pretty low number to me, and then couple that with the fact that my email domain is evidently ‘less legitimate’, and it’s clear that you shouldn’t trust me to house sit.

And finally, Facebook themselves, who don’t seem too worried about their recent developments. On the contrary; the rumor from All Things Digital is that they’re looking to raise more funding at a multi-billion dollar valuation.

What about you? Are you happy, sad, indifferent? Is there a problem here, or is the emperor indeed naked?