techcafeteria

Following is a guest post from Jon Loomer, offering a different perspective on Facebook’s privacy changes.

Jon Loomer’s career has evolved from overseeing Fantasy Basketball product, content, marketing and promotion for the National Basketball Association to his current position as VP of Strategic Marketing for a non-profit. His focus is on social media strategy, Facebook and mobile development. You can follow him on Twitter @JonLoomer or read his blog focused on the subject of baseball atTippingPitches.blogspot.com. The following opinions are his only and do not reflect those of his affiliations.

It took a few weeks, but internet rage over Facebook’s Like button and latest privacy ramifications is in full swing. Bloggers swinging at Facebook’s knee caps with aluminum bats seem to outnumber those who come to CEO Mark Zuckerberg’s defense 20:1. And if a blogger does post a defense, duck and cover as soon as you hit “publish” because the rage will bubble up from the comments section.

So when Peter asked me if I’d be interested in writing a guest post on his blog in defense of Facebook’s changes, I had mixed emotions. On one hand, I’m absolutely flattered that he’d ask. On the other, I’m uncomfortable taking a hugely unpopular stand. The position is so unpopular that it ventures into “controversial” territory. Can I post anonymously?

I’m not a controversial dude. And any controversial opinions I have, I tend to keep relatively private, restricted to my inner circle.

But here’s the irony: I share these “controversial” opinions on Facebook. And I only share them with a small group of friends by using lists. But to the outer circle, I’m a harmless guy without much flare for the dramatic.

You must be outraged!

I may avoid controversy, but Facebook feeds off of it. Everywhere I turn, I read another blog telling me how angry I should be with Facebook’s dangerous disregard for my privacy. And because of this, a small part of me is trying to convince the rest of me that I, too, need to be outraged. But I can’t conjure up the energy.

The Utility of Facebook
First a little background on me as a Facebook user. I’ve used Facebook since it rolled out to the non-student public in 2006. My company partnered with Facebook on an application for that initial launch. So I’ve been there from “the beginning.”

And I’ve also been there through a multitude of changes, some vertical and some lateral. No matter how major the changes were, they were controversial. And the uproars increased as the Facebook population screamed past 100, 200, 300 and 400 Million.

This undoubtedly has something to do with my lack of rage now. I’ve become numb to the anger. Whether it’s a Facebook change or any other controversial revelation, I try to remain level headed. Before I react negatively to Facebook’s changes in particular, I try them out for a while. Think about the end game and why they’d make the change. And when I read a rumor about how Facebook is going to charge a monthly fee, or that they allow pedophiles to access my profile, I research first.

While I haven’t agreed with every change Facebook has made, I still recognize that they have made gradual improvements over the course of the past four years that have resulted in a much better overall product. The navigation is vastly improved, and I have far greater control now over who sees what and when.

Sure, some things (name, profile photo, gender, current city, networks, friends, pages) are available to the public now. But these are not things that bother me. You could already pull up photos of my handsome mug (here, here, here and here) by running a Google search. I’d hope my gender is obvious. And although I did scale down my pages after they became publicly viewable, I am now comfortable sharing those interests with anyone who cares.

After that, I’ve always used my privacy settings. Status by status, link by link, photo by photo, I pick and choose my audience. There are times when I keep what I share to a small audience of “Good Friends.” There are others when I share with all of my friends, some of whom I don’t know. And still others, I’ll feel the need to share with “Everyone,” as in—shudder—everyone on the Internet.

But I also use Twitter. I maintain a blog. So there are certain things I’m used to sharing with everyone. And when I share with the world, I have a reason for doing so.

It’s because of this control that I find Facebook extremely useful. I can contact just about anyone from my 500+ connections in an instant. I can promote my blog or share my son’s lemonade stand to raise money for childhood cancer research. Or I can simply goof off casually with friends. But it’s all controlled.

I also control what it is that third party developers see and what my friends can share about me. Developers can access everything that is already available to the public (which isn’t a whole lot), and my friends can’t share much more than that about me either. So I leave enough available for most useful applications to work, but without giving away more than I am comfortable.

The New Features
So all that said, Facebook rolled out a few features recently that were said to impact my privacy. I personally found them to be brilliant. I knew there would be backlash (there always is), but I admit I didn’t expect anything at this scale.

The Like Button: This addition has essentially made millions of web pages an extension of Facebook. The collage of my friends’ faces acts as a welcome mat at the front door of sites that are new to me. My friend likes this? Let me check it out. My friend says I should go to this restaurant? Not a bad idea. These are things that I would have otherwise seen on Facebook, but now I see them at the source to provide more relevance.

Not only is the Like button good for me as a user, but it is also good for me from the business side—both on my blog (loosely defined as a business) and my organization’s web pages. I’ve quickly realized that users are much more inclined to click a Like button than go through the process of retweeting or even sharing through Facebook. It’s easy. It’s awesome.

Instant Personalization: Policies aside (we’ll get to this later), I love the idea. I can go to Pandora and immediately access music that I like or my friends like. I can go to Yelp and immediately find a restaurant that they recommend. There is so much to like here. It makes the web a warmer, more social, and more relevant place.

Updated Privacy Settings: This has caused a stir, but it really wasn’t a problem for me. As I mentioned before, I’ve always been on top of my privacy. So when the new privacy settings were rolled out, I took my time to make sure everything was set up the way I wanted. While some may claim that Facebook pulled a fast one on us, it’s not as if this was done discretely without you knowing. You were forced to go through the new settings and verify. Might it have been a bit overwhelming? Maybe. But if you care about your privacy like I do, it’s something you should understand.

Community Pages: This one has been run more on the down low because it is a beta product. Thousands of community pages have been created by Facebook and some general pages have been converted (often to the dismay of the administrator). Unlike the typical Facebook page, there is no admin control (at least for now) of the community page. It is, apparently, intended to be a wiki of some sort, with information fed by people’s content who like the page. It’s not clear yet what value, if any, these pages have, but the usage is likely to evolve.

The Confusion
Part of Facebook’s problem is that this new Facebook-centered web can be a bit startling at first. When you go to another website, you don’t expect to see a list of your Facebook friends who like something. You don’t expect a website you did not previously visit to know what you like and don’t like to make recommendations. But people need to simply look at the web as an extension of Facebook, particularly when using social plug-ins. Instead of viewing that your friend likes an ESPN article in your Facebook feed, you see it on ESPN.com. It’s not as if the world can see this information. What you see is different than what I see. And your privacy settings still apply, which may not be immediately obvious.

There is also confusion because there are very few blogs and articles being written on this subject that equally weigh the issue. Many make it seem as though all of our private content is at risk; that no matter how we adjust our privacy settings, everything is available to the world. They are biased towards negativity and rage because that’s what brings traffic. We are told to either delete our Facebook profiles or simply put them on lock-down, preventing everyone from seeing anything, disallowing instant personalization, and blocking as much information from third parties as possible.

The reality, at least as far as I can tell, is that the latest changes won’t harm you if you are already on top of your privacy settings and careful about what you share. But based on the media coverage, it would be easy for someone to overreact and go with the flock.

Show Me
This is my biggest problem with the outrage over Facebook’s changes: Almost everything I read is in abstract terms. Please, show me the danger of Facebook’s changes. You’ve probably seen this example of Facebook users who have told the world, knowingly or not, that they have cheated on a test. Well, I can do the same with Twitter users. What’s the point?

Maybe I should feel bad for people who unknowingly publish embarrassing information about themselves for the world to see, but I don’t. For many reasons.

First, let’s not fall for the claim that Facebook made this radical change from closed to open overnight. The latest change did allow search engine indexing of your public profile (if you kept the box checked to allow it) or of that information you shared with “everyone,” but keep in mind that the former definition of “everyone” was all users on Facebook. So you went from sharing embarrassing photos and information about yourself to 400 Million people to the entire world. Eh.

And again, Facebook forced us—all of us—to confirm our privacy settings. Did you ignore them? If you did, should I feel bad for you? Eh.

I understand that I don’t represent all Facebook users, and that’s a very good argument for anyone opposed to the changes. Most people do not spend the time refining their privacy. And many may simply be confused by the settings.

Still, if you’re confused, just restrict everything as much as possible. I keep seeing stats on number of settings and options, but if you just set everything to “Friends” (and your friends truly are your friends), you’ll be fine. Assuming, of course, you’re still careful about what you share.

Everyone needs their own global privacy policy, and this goes beyond Facebook. When you share, do so with the understanding that, even with the best possible settings, any friend can simply copy and paste your status; or save and repost your photo; or simply post a photo or story about something you did. No privacy settings can prevent stupid activity from being seen. It will eventually get out.

That said, I am leaving the door open slightly for the possibility that Facebook has given others far more access to my private life than I know. If this is the case, show me. Show me the application that could potentially harm me.

The Policies
While I enjoy using Facebook and am not in the “delete my profile” community, I admit that I’m not all that comfortable with the entire path that Facebook has taken. I enjoy the new features and am fine with the current privacy settings. However, I do think that they need to be better at communicating changes. They need to be better at communicating, from page to page, what is viewable and what isn’t. Go above and beyond to explain the user’s privacy. Smack them in the face with what audience they are sharing. While I do think Facebook has done a better job at communicating changes than they are given credit, they need to do more.

And I also agree that opt-ins instead of opt-outs are the best policy, particularly with a potentially controversial change. If you are so sure someone is going to want something, first make the compelling argument. Encourage them to check it. Show them what they’re missing if they don’t.

Even so, I firmly believe that putting too much focus on Facebook takes away the important focus on the user’s responsibility to do everything they can to protect themselves. As mentioned before, users needed to agree to each change. We need to be vigilant and understand the ramifications. And if you are too lazy to do the research to understand it, at the very least you need to be more careful about what you post.

How Facebook Can Get Out of this Mess
Just as I am not completely in Facebook’s corner on some of their policies, I also see ways for them to get out of this PR firestorm. While I don’t have much sympathy for the ignorant user, Facebook is still responsible for communicating that these are positive changes.

If I were Facebook, I’d do the following:

• Put a My Privacy: Who Sees This? link on Community Page by “Related Posts by Friends”


• Put a My Privacy: Who Sees This? link within social plug-ins, where feasible


• Put a My Privacy: Who Sees This? link on “trusted third party” sites that implement instant personalization


• Provide video and commentary explaining some of the changes, answering the criticisms, showing the user why the changes are good for them, and acknowledging that those changes are not for everyone, providing an easy explanation of how to protect themselves


• Provide regular webinars or tours on features and use of lists to everyone, not just those with the proper page connections


• Make Instant Personalization opt-in

The last item may be the trickiest since users have already technically opted in to instant personalization when they went through their new privacy settings for the first time. But considering this project is technically a pilot, there’s no need to automatically opt everyone in. Do what they did before. Bring up a box explaining what instant personalization is. Provide videos. Explain why it is good for them. Explain potential risks. Shoot down conspiracies. And then force the user to check the box if they want it.

In Conclusion
While I am not surprised by user backlash as a result of the most recent Facebook changes, I did not expect this level of outrage from mainstream media and technically savvy, intelligent people. With that in mind, it is important that we all do the following:

• Research and understand the benefits and risks involved


• Weigh those risks and benefits with the way that each person uses Facebook


• Understand and actively utilize Facebook’s privacy settings


• Establish a global “privacy setting,” understanding that if we are concerned about privacy we should always be careful about what we share

In the end, it’s personal. These changes are likely to affect me differently than they do you. Maybe Facebook is just too much of a hassle for you. Maybe Facebook does not offer enough benefit to you to actively manage a sometimes confusing control panel of privacy settings. Maybe you do have reason to be outraged. But I don’t believe this feeling is universal. We all need to rationally weigh the risks and benefits and decide what is best for us.

Photo by nitot/ / CC BY-NC-SA 2.0

Facebook announced dramatic changes in their service at their annual “F8” conference on Wednesday. Facebook used to be a network where you could establish semi-private communities with family, friends and like-minded sets of people. Now it’s an internet-wide info-sharing platform that can keep your friends, and the businesses and advertisers that Facebook partners with, fully briefed on all of your internet-based activities and opinions.

The biggest announcement was the introduction of the Open Graph and the new “Like” buttons for the web at large. Yesterday, you could only “like” or “fan” something that appeared on Facebook’s web site. Now you can “like” things anywhere that the social graph and like buttons are implemented. What you “like” will be shared with Facebook, your Facebook friends, and all of the applications you subscribe to on Facebook, and, depending on your Facebook privacy settings, the world at large.

Also this week, and all of a sudden, despite what you might have confirmed a few months ago when Facebook started this paradigm shift, your likes, interests and job history are now Google searchable. That’s right: even if you went in and flagged them as private, your only way to protect this information, as of yesterday, is to remove it (and wait a month for it to fall out of Google’s cache).

Online privacy is a relative concept

Much of the Facebook privacy that we lost wasn’t real privacy to begin with, because any time you add an application (such as a quiz), that application’s developers have complete access to your entire Facebook profile. Worse, anytime a friend invites you to use an application, that application gets access to your profile. You don’t have to lift a finger to have data that you’ve marked as private shared with strangers; you just have to have friends on Facebook who aren’t thinking that, by inviting you to compare movie favs, they’re telling a complete stranger your gender, age, birthdate, job history, sharing all of your photos and publishing your wall to them.

Why “Love it or leave it” is unfair

I have friends who are somewhat blaze about all of this. After all, nobody put a gun to my head and ordered me to join Facebook. I just got so many requests from friends and family that I caved. And, once I caved, I connected to a bunch of “blast from the past” friends, extended family, former co-workers and current associates. So, now have a real investment in Facebook as a social connector. Sure, if I don’t like these changes, I can just delete my account and be done with it. But I’m throwing away far more than just a social network profile—I’m tossing out my connection to my communities of friends, family and professional associates, who are now expecting me to be on Facebook with them.

I could decide that I don’t like the policies of my local utility company, too, and just cancel my service. But the services they provide enable other services that I want/require as well—such as light, heat, computing, communication. Leaving Facebook wouldn’t be as extreme as canceling power services, but, with 40 million users and climbing, Facebook is like a utility in many people’s lives, and it supports services in such a way that relationships beyond our relationship with the service provider are centered there.

Change Management

This is what is so dishonest about CEO Mark Zuckerberg’s repeated assertion that Facebook is only following the direction of the Internet as an open sharing platform. He is right abut the trend. But this is the equivalent of saying that the trend is now for baggy pants and see-through tops, so all of your clothing has been swapped out in accordance with the trend. The internet is all things to all people, and there are plenty of places on it where privacy and closed community are the norm. Just because the internet is becoming more open, it doesn’t mean that Internet users need to be dragged into this new era.

It all boils into “Opt Out” vs. “Opt In”, and respecting rather than walking all over your customers. Facebook began with an assumption of privacy; changes in that assumption should be acknowledged by each user before they are enacted. Facebook could have easily developed their platform in ways that give users the choice of having open or private profiles. Instead, they’ve simply switched our private data to public without asking if that compromises our security, reputation or preferences. And it doesn’t escape my notice that there’s great money to be made in having more personal info about what I like and who I share that information with.

What you should do if this concerns you

If you went in and verified/altered your Facebook privacy settings a month or two ago, you should make another visit ASAP. Facebook has turned it around. Beth Kanter has a good write-up on what has changed. If you have any custom Facebook Pages, look out there as well—even if you’ve set profile data to private, if you link to any of your profile info from a Facebook page, it will default back to public. Whatever you do with your privacy settings, most of your basic profile data is now public and there is no option to make it private. So review your employment history, “about” and likes sections to make sure that it only has data that you don’t mind sharing with Google searchers and every advertiser on earth.

It all boils down to this

Facebook is now like Twitter and Google, with even less options for privacy than those big public networks offer. This doesn’t have to be a bad thing, it’s just a very different thing, and the crime here is mostly that “F8” and “social graph” are not terms that the vast majority of the 40 million Facebook users are paying any attention to. If you’re reading this, you know better, so you can set your profile up with information that you don’t mind being in the public domain, and you can decide if you’re willing to “like” things on the internet and, thereby, expose yourself and your Facebook community to the demographic analysis and actions that will ensue. I won’t be abandoning Facebook over this, but I’m very restrictive in my use of it, and will continue to approach it with great caution.

We’re all back from the Nonprofit Technology Conference, where nine of the ten Idealware bloggers congregated, along with some 1,440 of our peers in the nptech community. What a gas! NTC, as we call the conference, is what high school would have been like if everyone had been a member of the popular clique. The combination of peer education and celebration of our common interest in saving the world with heart and technology make for an exuberant occasion. And I can’t say enough about the awe and appreciation I have for Holly, Anna, Annaliese, Brett, Sarah and Karl, and the amazing event that they recreate year after year for us.

But, enough gushing. One of my (many) rants regards my concern that, although the biggest group of people that we call “nptechies” are the ones who support technology in their organizations, our biggest nptech conferences focus heavily on social media and the web (NTC, Netsquared, and now SXSW). It is true that the advent of social media and the interactive web is spawning a revolution in the way that we do advocacy and fundraising. But there is no less of a revolution in our server rooms, where virtualization, cloud computing and wireless devices are changing the entire way that we manage and deliver applications.

Our System Administrators, Support Specialists and Accidental Techies need to share in the peer support that can inform their efforts and help them feel more connected, both to their missions and the broader community. This year, in deference to a throat getting hoarse from ranting, I took a first stab at addressing this gap.

The Tech Track

The tech track was conceived as a six session “mini” track; five of the proposed sessions made the cut. The topics went from the basics to the broad overview:

• Tech Track 1: Working Without a Wire (But With a Net): Dealing with Wireless Networks, Laptops, and Cell Phones


• Tech Track 2: Proper Plumbing: Virtualization and Networking Technologies


• Tech Track 3: Earth to Cloud: When, Why and How to Outsource Applications


• Tech Track 4: Budget vs Benefits: Providing Top Class Technology in Constrained Resource Environments


• Tech Track 5: Articulating Tech: How to Win Friends and Influence Luddites.

Joining me in these sessions were fellow blogger Johanna Bates of OpenIssue, Matt Eshleman of CITIDC, Tracy Kronzak of Applied Research Center, John Merritt of the San Diego YMCA, Michelle Murrain of OpenIssue, Michael Sola of National Wildlife Federation and Thomas Taylor of the Greater Philadelphia Cultural Alliance.

Subject Matter

Instead of doing the usual Powerpoint presentations and talking to the crowd, we pulled the chairs into circles for these sessions and put the session agenda up for grabs, asking each group what issues, related to the session topic, were foremost in their minds. The conversation was rich, and served as a healthy catalogue of the challenges facing nonprofit technology practitioners. Some highlights:

• Supporting remote laptop use in a western state with very little wireless bandwidth available


• Securing our networks while making network data accessible on mobile devices


• Supporting use of and crafting fair policies to address the boom in mobile devices


• Understanding the risks and benefits of virtualizing servers and desktops


• Knowing how and when to virtualize, and how Storage Area Networks fit in the big picture


• Weighing the risk of cloud computing, which also entails weighing the risks of our non-cloud networks


• Knowing what to ask a cloud provider to insure that data is safe, even in the case of the provider going out of business


• Assessing the cost of owned vs service-provided applications


• Assessing the readiness of Cloud Computing, and moving large, complex server rooms to the cloud


• Chickens and eggs: what to do when IT is asked to budget, but is not part of the planning process prior?


• What strategies can be applied to provide good technology with limited budgets?


• What tools and resources are available to help with the budgeting process?


• How can we engage our users when we roll out new technology?


• How do we get them to attend training?

Next week, I’ll follow this up with some of the answers we came up with for these questions.

I recently took on the project of migrating the Idealware articles and blog from their old homes on Idealware’s prior web site and Google’s Blogger service to our shiny, new, Drupalbased home. This was an interesting datamigration challenge. The Idealware articles were static HTML web pages that needed to be put in Drupal’s content database. And there is no utility that imports Blogger blogs to Drupal. Both projects required research and creativity.

The first step in any data migration project is to determine if automating the task will be more work than just doing it by hand. Idealware has about 220 articles published; cutting and pasting the text into Drupal, and then cleaning up the formatting, would be a grueling project for someone. On the other hand, automating the process was not a slam dunk. Database data is easier to write conversion processes for than free form text. HTML is somewhere in the middle, with HTML codes that identify sections, but lots of free form data as well.

Converting HTML Articles with Regular Expressions

My toolkit (of choice) for this project was Sed, the Unix Stream Editor, and a generic installation of Drupal. Sed does regular expression searching and replacing. So I wrote a script that:

1. Deleted lines with HTML tags that we didn’t need;


2. stored data between title and body tags;


3. and converted those items to SQL code that would insert the title and article text into my Drupal database.

This was the best I could do: other standardized information, such as author and publishing date, was not standardized in the text, so I left calling those out for a clean-up phase that the Idealware staff took on. The project was a success, in it that it took less than two days to complete the conversion. It was never going to be an easy one.

Without going too far, the sed command to delete, say, a “META” tag is:

/

That says to search for a literal “less than” bracket (the forward slash implies literal) and the text meta and delete any line that contains it. A tricky part of the cleanup was to make sure that my search phrases weren’t ones that might also match article text.

Once I’d stripped the file down to just the data between the “title” and “body” tags, I issued this command:

s/.*(.*)/insert into articles (title, body) values (‘1’, ‘2’);/

This searches for the text between HTML “title” tags, storing it in variable 1, then the text between “body” tags, storing it in variable 2, then substitutes the variable data into a simple SQL insert statement in the replacement string. Iterating a script with all of the clean-up commands, culminating in that last command, gave me a text file that could be imported into the Drupal database. The remaining cleanup was done in Drupal’s WYSIWYG interface.

Blog Conversion

As I said, there is no such thing as a program or module that converts a Blogger Blog into Drupal format. And our circumstance was further complicated by the fact that the Idealware Blog was in Blogger’s legacy “FTP” format, so the conversion options available were further limited.

There is an excellent module for converting Wordpress blogs to Drupal, and there were options for converting a legacy Blogger blog to Wordpress. So, then the question was, how well will the blog survive a double conversion? The answer was: very well! I challenge any of you to identify the one post that didn’t come through with every word and picture intact.

I had a good start for this, Matthew Saunders at the Nonprofits and Web 2.0 Blog posted this excellent guide. If you have a current Blogger blog to migrate, every step here will work. My problem was that the Idealware blog was in the old “FTP” format. Google has announced that blogs in their original publishing format must be converted by May 1st. While this fact had little or no relationship to the web site move to Drupal, it’s convenient that we made the move well in advance of that.

To prep, I installed current, vanilla copies of Wordpress and Drupal at techcafeteria.com. I tracked down Google’s free blog converters. While there is no WP to Drupal converter, most other formats are covered, and I just used their web-based Blogger to Wordpress tool to convert the exported Idealware blog to WP format. The conversion process prompted me to create accounts for each author.

To get from Wordpress to Drupal, I installed above-mentioned Wordpress-import module. As with the first import, this one also prompted me to create the authors’ Drupal accounts. It also had an option to store all images locally (which required rights to create a public-writeable folder on the Drupal server). Again, this worked very well.

With my test completed, I set about doing it all over again on the new Idealware blog. Here I had a little less flexibility. I had administrative rights in Drupal, but I didn’t have access to the server. Two challenges: The server’s file upload limit (set in both Drupal and PHP’s initialization file) was set to a smaller size than my Wordpress import file. I got around this by importing it in by individual blogger, making sure to include all current and former Idealware bloggers. The second issue was in creating a folder for the images, which I asked our host and designer at Digital Loom.com to do for me.

Cleanup!

The final challenge was even stickier—the posts came across, but the URLs were in a different format than the old Blogger URLs This was a problem for the articles as well. How many sites do you think link to Idealware content out there? For this, I begged for enough server access to write and run a PHP script that renamed the current URLs to their former names—a half-successful effort, as Drupal had dramatically renamed a bunch of them. The remainder we manually altered.

All told, about two hours research time, three or four hours conversion (over a number of days) and more for the clean-up, as I wasted a lot of time trying to come up with a pure SQL command to do the URL renaming, only to eventually determine that it couldn’t be done without some scripting. A fun project, though, but I’d call it a success.

I hope this helps you out if you ever find yourself faced with a similar challenge.

Long time readers of my ramblings here are aware that I drink the Google kool-aid. And they also know that I’ve been caught tweeting, on occasion. And, despite my disappointment in Google’s last big thing (Wave), I am so appreciative of other work of theirs—GMail, Android, Picasa—that I couldn’t pass up a go with their answer to Facebook and Twitter, Buzz.

Google, perhaps because their revenue model is based on giving people ad-displaying products, as opposed to selling applications, takes more design risks than their software-developing competitors. Freed of legacy design concepts like “the computer is a file cabinet” or “A phone needs a “start” menu“, they often come up with superior information management and communication tools.

What is Buzz?

Buzz, like Twitter and Facebook, and very much like the lesser used Friendfeed, lets you tell people what you’re up to; share links, photos and other content; and respond to other people’s posts and comments. Like Facebook, Friendfeed and Twitter (if you use a third party service like Twitterfeed), you can import streams from other services, like Google Reader, Flicker, and Twitter itself, into your Buzz timeline.

Unlike Twitter, there is no character limit on your posts. And the comment threading works more like Facebook, so it’s easy to keep track of conversations.

How is Buzz Different?

The big distinguishing factor is that Buzz is not an independent service, but an adjunct of GMail. You don’t need a GMail account to use it, but, if you have one, Buzz shows up right below your inbox in the folder list, and, when a comment is posted on a Buzz that you either started or contributed to, the entire Buzz shows up in your inbox with the reply text box included, so that continuing the conversation is almost exactly like replying to an email.

The Gmail integration also feeds into your network on Buzz. Instead of actively seeking out people to follow, Buzz loads you up from day one with people who you communicate regularly with via GMail.

Privacy Concerns

Buzz’s release on Tuesday spawned a Facebook-like privacy invasion meme the day that it was released—valid concerns were raised about the list of these contacts showing up on Buzz-enabled Google Profile pages. A good “get rid of Buzz” tutorial is linked here. To Google’s credit, they responded quickly, with security updates being rolled out two days later. I’m giving Google more of a pass on this than some of my associates, because, while it was a little sloppy, I don’t think it compares to the Facebook “Beacon” scandal. Google didn’t think through the consequences, or the likely reaction to what looked like a worse privacy violation than it actually was (contact lists were only public on your profiles if you had marked your profile “public”, and there was a link to turn the lists off, it just wasn’t prominently placed or obvious that it was necessary). Beacon, in comparison, started telling the world about every purchase you made (whether it was a surprise gift for your significant other or a naughty magazine) and there was no option for the user to turn it off. And it took Facebook two years to start saying “mea culpa”, not two days.

Social Media Interactions for Grownups

Twitter’s “gimmick”—the 140 character limit —defines its personality, and those of us who enjoy Twitter also enjoy the challenge of making that meaningful comment, with links, hashtags, and @ replies, in small, 140 character bursts. It’s understood now that continuing a tweet is cheating.

Facebook doesn’t have such stringent limits, but you wouldn’t necessarily know that to glance at it. It hasn’t shaken it’s dorm room roots; it’s still burdened by all of the childish quizzes and applications; and, maybe more to the point, cursed by a superficiality imposed by everyone having an audience composed of high school buds that they haven’t seen for a decade or two, and who might now be on the other side of the political fence.

But Buzz can sustain a real conversation—I’ve seen this in my day and a half of use. Partially because it doesn’t have Twitters self-imposed limit or Facebooks playful distractions; and largely because you reply in your email, a milieu where actual conversation is the norm. This is significant for NPOs that want to know what’s being said about them in public on the web. I noted from a Twitter post this week that the Tactical Philosophy blog had a few entries discussing the pros and cons of Idealists’ handling of a funding crisis. But Twitter wasn’t a good vehicle for a nuanced conversation on that, and I can’t see that type of dialogue setting in on Facebook. Buzz would be ideal for it.

The Best is Yet to Come

This week, Google rolled out Buzz to GMail. Down the road, they’ll add it to Google Apps for Domains. The day that happens, we’ll see something even more powerful. Enterprise microblogging isn’t a new idea—apps like Yammer and Socialcast have had a lot of success with it. I’m actually a big fan of Socialcast, which has a lot in common with Buzz, but I was stumped as to how I could introduce a new application at my workplace that I believe would be insanely useful, but most of the staff can’t envision a need for at all. What would have sold it, I have no doubt, is the level of email integration that Buzz sports. By making social conversations so seamlessly entwined with the direct communication, Google sells the concept. How many of you are trying hard to explain to your co-workers that Twitter isn’t a meaningless fad, and that there’s business value in casual communication? Buzz will put it in their faces, and, daunting as it might be at first, I think it will win them over.

[Oops! Forgot to publish this Idealware post from late January…]

Here are a few updates topics I’ve posted on in the last few months:

Nonprofit Assessment

The announcement that GuideStar, Charity Navigator and others would be moving away from the 990 form as their primary source for assessing nonprofit performance raised a lot of interesting questions, such as “How will assessments of outcomes be standardized in a way that is not too subjective?” and “What will be required of nonprofits in order to make those assessments?” We’ll have a chance to get some preliminary answers to those questions on February 4th, when NTEN will sponsor a phone-in panel discussion with representatives of GuideStar and Charity Navigator, as well as members of the nonprofit community. The panel will be hosted by Sean Stannard-Stockton of Tactical Philanthropy, and will include:

• Bob Ottenhoff of Guidestar


• Ken Berger of Charity Navigator


• Lucy Bernholtz of Blueprint R & D


• Christine Egger of Social Actions


• David Geilhufe of NetSuite


• and host Holly Ross of NTEN.

I’ll be participating as well. You can learn more and register for the free event with NTEN.

The Half-Life of Internet Explorer 6

It’s been quite a few weeks as far as headlines go, with a humanitarian crisis in haiti; a dramatic election in Massachusetts; A trial to determine if California gay marriage-banning proposition is, in fact, discriminatory; high profile shakeups in late night television and word of the Snuggie, version 2 all competing for our attention. An additional, fascinating story is unfolding with Google’s announcement that they might pull their business out of China in light of a massive cybercrime against critics of the Chinese regime that, from all appearances, was either performed or sanctioned by the Chinese government. There’s been a lot of speculation about Google’s motives for such a dramatic move, and I fall in the camp that says, whatever their motives, it’s refreshing to see a gigantic U.S. corporation factor ethics into a business decision, even if it’s unclear exactly what the complete motivations are.

As my colleague Steve Backman fully explains here, here’s been some fallout from this story for Microsoft. First, like Google and Yahoo!, Microsoft operates a search engine in China and submits to the Chinese governments censoring filters. They’ve kept mum on their feelings about the cyber-attack. Google’s analysis of that attack reveals that GMail accounts were hacked and other breaches occurred via security holes in Internet Explorer, versions six and up, that allow a hacker to upload programs and take control of a user’s PC. As this information came to light, France and Germany both issued advisories to their citizens that switching to a browser other than Internet Explorer would be prudent. In response, Microsoft has issued a statement recommending that everyone upgrade from Internet Explorer version 6 to version 8, the current release. What Microsoft doesn’t mention is that the security flaw exists in versions seven and eight as well as six, so upgrading won’t protect you from the threat, although they just released a patch that hopefully will.

So, while their reasoning is suspect, it’s nice to see that Microsoft has finally joined the campaign to remove this old, insecure and incompatible with web standards browser.

Google Wave: Still Waters

I have kept Google Wave open in a tab in my browser since the day my account was opened, subscribed to about 15 waves, some of them quite well populated. I haven’t seen an update to any of these waves since January 12th, and it was really only one wave that’s gotten any updates at all in the past month. I can’t give away the invites I have to offer. The conclusion I’m drawing is that, if Google doesn’t do something to make the Wave experience more compelling, it’s going to go the way of a Simply Red B-Side and fade from memory. As I’ve said, there is real potential here for something that puts telecommunication, document creation and data mining on a converged platform, and that would be new. But, in it’s current state, it’s a difficult to use substitute for a sophisticated Wiki. And, while Google was hyping this, Confluence released a new version of their excellent (free for nonprofits) enterprise Wiki that can incorporate (like Wave) Google gadgets. That makes me want to pack up my surfboard.

Google unveiled a bold new product last week; one of critical and compelling import to anyone who believes that their online reputation is important.  I’m not talking about Google Buzz.  I’m talking about Google Profiles.  This isn’t a new service—Google introduced the profile pages a few years ago.  But the release of Google Buzz has illuminated how important they are in Google’s plans, and how important they can be for us.  And if this profile is now a major component in my personal branding strategy, I demand better tools to manage it than Google has provided.

About a year ago, Google pointed out that, if you have a populated Google Profile, they will include it below the search results when people google your name. So, for someone like me—who does want to be easily located on the web, but has a reasonably common name, this seemed like a good deal, and I filled out my profile.  As a result, I’m prominently placed in the profile links when you search for my name, even though I’m about the fifth best known “Peter Campbell” on the web.

A Google Profile page contains four important pieces:

• Biographical information about you.


• Links to your important web sites.


• Secured contact information.


• Google Buzz integration.

The bio and links are much like other online profiles, such as Yahoo! and Facebook.  The contact info option is interesting, as you can share it with groups defined in your Google Contacts.  I can’t see a good reason to do this, as any group I’d be willing to share with (such as “family”) already knows how to find me and, if they don’t, they aren’t going to think to look at my Google Profile(!). So I’ve left this blank, as it seems like better security to not publish my address and phone number online if I don’t have a good reason to.

The Buzz integration is particularly worrisome.  First, by default, Buzz publishes your connections to your profile.  It’s easy to turn off, and recommended if you have any concern about anyone in the world knowing who your online friends are.  I turned this right off.

Second, your Buzz stream is published to the profile as well. So consider that—anything you say on Buzz gets added to your profile, which might be prominently placed in search results for your name (whereas your buzzes might not be).  We all know that employers are getting savvy, and searching the web for info about us as part of a candidate review.  But I assume that an employer seeing my Twitter stream on Twitter will bear in mind the context—Twitter, like Buzz, is a conversational medium.  A profile is much more like a resume.  I may well buzz about my favorite Doctor Who episode, but I’m not going to discuss TV shows on my resume…

The furor over Buzz’s privacy violations at rollout were really much more about the profiles—many new Buzz users didn’t even know they had  a Google Profile prior.

So, Google—I hope you’re listening.  If my Google Profile is going to factor more and more into my online identity—and the way that Buzz both highlights it and depends on it suggests so—you need to give me more tools and flexibility about how that profile looks and what information it contains.  Here’s what would make me feel like I have a profile on the web, as opposed to Google having a dossier on me on the web:

• Less structured content.  The “what can’t you find on Google” question is cute, but it’s not a key component of my personal branding.  Get rid of the cute stuff, and give me more options to share the info that I want to share, not that you necessarily want to hear.


• A logo, stylesheet, and other basic web design tools.  I’d like this to look more like this blog, with the black background and the Techcafeteria logo.


• My own tabs, and the ability to remove the extra tabs that you think I should have.  Mostly, the decision to publish my Buzz feed to my profile should be mine, not yours.  Make that optional, but add the ability to add new tabs and link them to other websites or RSS sources.

For an example, look at my home site at http://techcafeteria.com.  That is a profile, with info about me; lifestreaming; shared resources via RSS; and a contact form.  If Google Profiles could do what I ask, I’d scrap the current Techcafeteria site and link this blog, along with my other feeds, directly to my Google Profile, and redirect both techcafeteria.com and peterscampbell.com to it.

Until then, that’s not my profile.  That’s Google’s profile of me, and it’s a bit creepy.

Last week, we talked about domain registrar services and what to look for. In today’s followup, we’ll focus on how to transfer a domain and the accompanying security concerns, then talk a bit about registrars vis a vis hosting services.

Domain Transfers

Transferring domains is a somewhat complex process that has been designed to minimize the risk of domain hijacking. In order to insure that transfers are performed by the actual owner of the domain, a few important measures are in place:

• Every domain has an authorization (a.k.a. EPP) code associated with it. Transfers can not occur without this code being submitted. If you don’t have this information, your current registrar does. Some registrars have automated functions that will deliver that information to the domain contact; others require that you ask for them via email to the registrar or their support ticket application. Registrars are required to provide you with these codes within five calendar days of your request. If they don’t, your best recourse is to determine who they get their domain authority from (there are only a handful of companies that resell registration services) and appeal to them for assistance.


• Communication is strictly through the registered “whois” email address of the domain owner. You can determine what that is by doing a whois lookup on your domain.
  
  Tip: While most domains can be looked up at http://whois.net. However, whois.net has some trouble with .org domains, so the alternative http://www.pir.org/whois is a more reliable source for most non-profit domains.
  
  
  If the address that your domain is registered with is either non-functional or owned by someone other than you, then you need to update it, via your current registrar’s web interface, before you can successfully transfer the domain.


• Domains can (and should) be locked to prohibit transfers before and after you switch registrars. Locking and unlocking your domains is usually done by you, from your registrar’s web site. If you don’t have options to do that when you log on to the web site, your registrar should do it for you upon request.

Transfer Procedures

To initiate the transfer, go to the web site of the registrar that you want to switch to and follow their instructions. They will have you submit a request and, upon receipt of your domain fees, issue an email to the email address associated with the domain containing a link to a form where you can confirm the request. That form will also ask for the authorization code. Subsequently – and this can take up to seven days – you’ll receive an email from your current registrar asking you to confirm the transfer request. Once that is submitted, the transfer should go through.

Detailed rules about how domains are transferred, as well as what the responsibilities of the registrars are in handling the transfers, are listed at http://www.icann.org/en/transfers/policy-en.htm.

Choosing Registrars

Registrars charge anywhere from $5.00 to $50 dollars for a year’s domain service. The two best known registrars are Network Solutions and GoDaddy. Many people go with Network Solutions because they’re the longest standing of the registrars (for many years, they were the only registrar). GoDaddy has become very popular by dramatically undercutting the cost. Note, though, that both of these registrars have been accused of questionable business practices:

• Network Solutions has engaged in “Front Running“, a questionable practice of locking domains that a potential customer might search for in order to block competitors from making the sale. They will also use subdomains of your domain to advertise, a practice called subdomain hijacking. A decent registrar will not seek to make profits based on your intellectual property.


• GoDaddy famously suspends accounts based on corporate requests. In 2007, they suspended seclists.org, a website that archives internet security mailing lists, per the request of MySpace, with no court order or valid complaint. MySpace was upset that content posted to one of the lists that Seclists archived was inappropriate. But, instead of contacting Seclists to deal with the content in question, GoDaddy closed the site and wouldn’t respond to desperate emails or phone calls regarding the sudden closure. Worse, after the fiasco was resolved, they were unrepentant, and reserve the right to shut down any site for any spurious reason. If your NPO does work that is in the least bit controversial, keep this in mind when considering GoDaddy.

Web Hosting and Registrars

Many registrars supplement their business by providing web hosting services as well. Some will even offered discounted or free domain registration with a hosting plan. While this simplifies things, it can also be a bit risky in the “eggs in one basket” sense. Having a separate registrar and control over your DNS service allows you to be more flexible with switching hosts, should your current host prove themselves unreliable or go out of business. And the web hosting industry is pretty volatile, with companies coming and going pretty quickly. I would suggest a best practice is to keep your host and registrar separate.