The problem is that Facebook's claiming that email is just another piece of metadata about a user. However, from Google's point of (and rest of the non-Facebook web), email is not a metadata, but the key identifier around which all of the services know which "John Smith" the given user is.
If I'm building anything interesting and want to play outside the Facebook walled garden, the Facebook ID doesn't really get me anything - it's like someone giving me a currency from a random country that I never intend to visit.
Unfortunately, even Facebook itself treats the email address as an identifier data (what do you need to use to log in to Facebook? Email address and password). It's a little disingenuous for them to turn that around and say that it's a metadata that's part of the user's profile, as opposed to the only unique, persistent, and widely used identifier that we currently have on the web.
Actually the facebook uid is very useful. Why else would facebook competitor.com need a friends email addresses but to spam them to sign up? If two people sign up with facebook data dumps you can still link them up via data dumps.
Another useful feature is email hashed (dunno if it's still supported. But if you have someone's email you can connect compare email hashed so emails are never revealed.
I'm glad facebook doesn't give out the email addresses of friends to third parties without permission, and I am for their distinction between owning the friend list, but not their friends' data.
The public seems to not have a consistent sense of privacy. They slam Facebook for being too open by not having a privacy setting enforced as the default, and then slam Facebook again when Facebook isn't advertising emails.
When I sign up to Facebook and use their contact list importer, they are using the private email addresses of my friends to link me into their network. When I export my social graph, Facebook will not return to me the email addresses I gave it when I signed up.
Either way, all this bluster is a red herring. The article has it right: Facebook is outright lying when they claim this is about protecting its users--people who have explicitly agreed to include themselves in my social graph in the first place. It's about owning the social graph.
Facebook can't claim that "every person owns and controls his/her information" when the Graph API allows access (via friends permissions) to your friends' status, likes, notes, location, photos, relationships, checkins, website, groups, events, activities and birthdays[1].
In fact, the only information about your friends not available via friends permissions are email addresses and full streams.
This soo wrong. Arrington keeps using the word "friends" as if emails from your FB contacts were those of your actual friends. Imagine Arrington being able to turn 4000 "friends" on Facebook into a mass email list!!! No way! That just so wrong and I don't want that to happen.
The premise under wich we befriend someone on Facebook just never included them being able to email you directly.
In my case, it would be the last thing to happen before I quit FB entirely and stuff my account with bogus info or close it altogether.
I'm the opposite. If I facebook friended someone, I've most likely met them in person, and hence providing my virtual contact is quite all right. Facebook, in a way, is the place you say things to people you're likely to meet face-to-face.
I'm not friends with Arrington on facebook, and wouldn't ever expect to be, although I'd probably follow him on twitter if any of my twitter-friends retweeted him. Yet, his e-mail is probably public knowledge. My point: it's all relative. To converge on a compatible set for all of these rules is social evolution.
As I understand it, taking a list of FB contacts and turning them into a mass email list would be a violation of the CAN-SPAM rules - people need to explicitly agree to be added to a mail list.
So it's right to export your 4000 contacts from GMail and mass mail them, but it's wrong to do the same with Facebook.
With GMail I can export everything and import it to an E-Mail client of my choosing, with Facebook this is impossible, if I join a new social network I have to do everything manually.
At both Gmail and Facebook, the most common way someone new winds up in your 'contacts' is they send you a message, and you somehow 'ack' that you want to maintain a link to them. (Or vice-versa.) From that point on, your view includes the email address they freely volunteered to you. That's the info anyone should be able to export.
Facebook wanting to pretend that somehow, contact info shared between friends in their system can't go any further than Facebook is just a self-serving rationalization.
Now, you don't have to show your email addresses to any or all friends on Facebook -- it's part of the privacy controls. So naturally if I don't show it to certain people, those people shouldn't be able to export it. And it's a nice feature of Facebook that me changing my privacy settings, or de-friending someone, essentially recalls my email from their contacts, unless they took special steps to copy it elsewhere earlier.
But in the meantime, if I can see it, and copy & paste it, and use it to send messages, it's mine at that moment, even though Facebook may be holding it for me.
You can already get Facebook UIDs, which can be used to reconstruct the graph edges. You don't want to store Facebook UIDs? Build your own social graph.
And Facebook is right. I own MY info on Facebook. I can prove it. I'll just delete my account with my email address. If you were my friend let's see if you still have acces to that info. If they start letting my friends export my email to third parties then I'm getting off Facebook.
EDIT: Think about it. Most sites these days require an email. It's not exactly optional info to use Facebook. Are we seriously considering that it's acceptable that we let friends EXPORT people's email addresses for third parties just because they "friended" on Facebook? Maybe if there was a new "Share my email" feature this would be acceptable but "friending" != "here you can give my email to third parties and here's an easy API for you to do that"
Actually Facebook doesn't need to co-own it. If the user uploads a Facebook dump with UIDs then that relationship info is only useful if someone with a corresponding UID provides more data. But once it leaves Facebook it's free and owned by the user. What I meant is that if you don't like Facebook's UID system then you should build your own social network from scratch, otherwise these pre-built relationship data is still really valuable.
Also the UID is the relationship data. You do get that. No need to go out and dump emails which you didn't build. If you do get that info facebook would have to GIVE that to you.
> If you don't want me to have your email address I'm not your friend.
That actually depends on how Facebook designs the application to work. I could very well design an application that lets people store their social security numbers and share that in certain ways. There's no universal law that says an arbitrary indication of relation such as "friend" means that I must have access to your social security number now. Clearly Facebook has not chosen to make that the default and let users easy export emails just by friending. If they did, then yes, I would unfriend people that I don't to give this power to.
User choice is the problem here - I should be able to choose whether or not apps that my friends use can access my contact information, not Facebook.
And in fact, there already is an extremely fine grained control panel managing what kind of information the apps my friends use can access (18 different toggles), from my bio to my location to the content of my status updates.
The one thing that I'm not allowed to expose to those apps? My contact information.
For my protection my ass. I just can't believe that's about protecting my privacy, considering they encourage me at every step to pass every other piece of my Facebook presence around like the village bicycle.
You can expose your contact info to third parties: just connect with the app. The only thing you can't do is expose your friends contact info to third party apps.
Every other piece of information that Facebook has on me is allowed to be exposed to my friends' apps without me personally connecting with the app.
The motivation here is crystal clear: e-mail addresses function as (essentially) UIDs on the web as a whole, and someone like Google has billions of these e-mail addresses laying around. But since people started managing parts of their social graphs on Facebook instead of through (say) Gmail, Google's edge graph is starting to get stale. Facebook is terrified of the idea that Google could connect all the Gmail-to-Gmail edges without finding every one of those users.
In order for Google to refresh that graph without e-mail addresses, they'd need every involved user to export their Facebook UID out of Facebook - if I didn't do this myself, then despite the fact that (say) 30 of my Facebook friends are on Gmail, even if every one of them exported from Facebook to Google, Google could never match my Facebook UID to my Google account.
If they were able to match e-mail addresses, they could probably reconstruct a very healthy proportion of the edges (almost every edge that has a Gmail user at both vertices) even if only a small proportion of initial users seeded the graph by exporting their own data; further, when Google got an edge (suppose my friend exported his data, and my Gmail address matched), they could follow up with that edge, knowing that they are also Facebook users, and suggest that they export their data as well, which would lead to blisteringly fast filling out of that tree.
To anyone that doesn't already have a huge userbase, this is not a big deal, but to anyone that does, it's the difference between having effectively zero access to the social graph and being able to reconstruct your users intersection with it with almost perfect resolution.
> Every other piece of information that Facebook has on me is allowed to be exposed to my friends' apps without me personally connecting with the app.
Really? Because I'd love to grab that information for my app. Are you talking about the publicly available information?
> The motivation here is crystal clear: e-mail addresses function as (essentially) UIDs on the web as a whole, and someone like Google has billions of these e-mail addresses laying around. But since people started managing parts of their social graphs on Facebook instead of through (say) Gmail, Google's edge graph is starting to get stale. Facebook is terrified of the idea that Google could connect all the Gmail-to-Gmail edges without finding every one of those users.
Sure Facebook probably wouldn't want to do that even if there wasn't a privacy issue with letting friends export friends' email addresses. But I don't care about that, I just don't want them to let my friends export my email, and I don't think they have to create that feature. That feature would help google and other sites ride on Facebook's success at the expense of user privacy. I don't care about the former and I would be on Google's side if it were just the former issue but it is not.
> In order for Google to refresh that graph without e-mail addresses, they'd need every involved user to export their Facebook UID out of Facebook - if I didn't do this myself, then despite the fact that (say) 30 of my Facebook friends are on Gmail, even if every one of them exported from Facebook to Google, Google could never match my Facebook UID to my Google account.
> To anyone that doesn't already have a huge userbase, this is not a big deal, but to anyone that does, it's the difference between having effectively zero access to the social graph and being able to reconstruct your users intersection with it with almost perfect resolution.
Last time I checked (may have changed) Facebook let's you query email hashes to find the person's friends based on the email hash. Also YOU created those networks on Facebook. Why would you expect Google to magically know that? Sure google is trustworthy, but more importantly why would you want malicious third party site to know your email address?
I would love for Facebook make it really easy for sites to use their graph data as easily as possible but Facebook already does this. The people complaining probably haven't even seen the Facebook APIs or even used Facebook. They're just complaining because bashing Facebook for controlling its data is the popular thing to do right now.
I'm assuming they actually delete the info when I tell them to delete it. But in any case my friends won't have access to that info therefore it's not their right to export that info to others unless I give them permission to (which I won't).
Last I checked, fb does not delete your data when you deactivate your account, they just hide it all. Moreover if you want it all gone, you have to go to all of your friends' pages and manually remove each piece of content you've contributed.
That's only if you deactivate your account. There's also a way to delete your account, and then your content will be deleted. However, they will still maintain the social graph (so if you'll create a new account with the same email, they know who you were connected too).
Because Gmail contacts list is a list >> I << compiled and maintain. If my friends deleted their gmail email accounts or yahoo or whatever I still have the list.
Contrast this to Facebook: I sign up on Facebook and friended a person based on their name, photo, and certain other details but not necessarily email. Does this mean I want them to be able to automatically pull my profile because they friended me based on my public info? Sure they can always compile their own non-Facebook database of info based on what they scrape manually but Facebook should not, and is not obligated to make it easy for people to grab their friends' data.
Not to speak for GP, but that is a perfectly reasonable position to take, and one that I would take. They're different services; GMail does not have third-party apps in the same sense. Facebook's app ecosystem has some quite disreputable parties in it; an API that lets these parties have access to friends' email addresses would place a lot of Facebook users' emails in the hands of companies that they have no direct relationship with or knowledge of.
If I'm building anything interesting and want to play outside the Facebook walled garden, the Facebook ID doesn't really get me anything - it's like someone giving me a currency from a random country that I never intend to visit.
Unfortunately, even Facebook itself treats the email address as an identifier data (what do you need to use to log in to Facebook? Email address and password). It's a little disingenuous for them to turn that around and say that it's a metadata that's part of the user's profile, as opposed to the only unique, persistent, and widely used identifier that we currently have on the web.