The Effective CIO

Maintaining Privacy In An Open World September 22, 2008

My recent posting hiatus was not for lack of desire, but due more to a shortage of time. The ideas are there, swirling in my head, but getting them captured is a bit more difficult. At the moment, I’m on a flight to San Francisco, which is the perfect opportunity to resume writing.

(Rest assured that I have not had to engage in a seat-back war with the traveler ahead of me. Having an exit row seat provides a few inches of room that defuse any potential conflict with those that seek to recline into my personal space.)

As I become more engaged in online communities via Twitter, text messaging, and blogs, it is becoming clear that these tools provide a great but flawed way to simulate the one-to-many and many-to-many conversations that we have in our lives. It is easy to keep up with friends and family, catch otherwise unavailable bits of information, and develop stronger connections with people that matter to us. Unfortunately, these tools do a poor job of emulating the natural walls of privacy and discretion that accompany “real world” communication.

Most of us are fairly selective in deciding what with share with the world. Trivia about our personal lives gets routed to family and close friends. Work stuff goes to coworkers. Less sensitive things may wind up with public visibility, although few of us go out of our way to make sweeping public announcements. These boundaries are natural and intuitive, developed over a lifetime and enacted without much conscious thought.

Few of these boundaries exist in current social networking tools. Where they do exist, they are cumbersome and detract from the interaction experience. Consider a few examples:

• Twitter has single level of communication.  People see everything you tweet, regardless of who they are.  The Twitter model presumes that listeners will solve the problem, ignoring things that don’t matter. This results in great streams of unimportant information washing over you with occasional nuggets of wisdom thrown in.  You can protect your updates in Twitter, restricting them to only those followers that you explicitly approve, but this is a fairly draconian measure: your tweets are pulled from the public timeline, your “@ replies” are hidden from general view, and you lose a lot of the value that Twitter naturally brings.

• Plaxo tries to solve this problem with four levels of access: public, work, friends, and family.  This is a good idea, but is crippled by the tedious posting mechanism in Plaxo.  Updating your Pulse in Plaxo (the equivalent of tweeting) requires direct access to the Plaxo web site.  Unlike Twitter, Plaxo has no cool phone or mobile access mechanisms.  Still, the Plaxo idea of access controls is a start at solving the problem.

• Yammer is a new service that restricts the Twitter experience to the corporate world.  You can create a Yammer environment for members of a single email domain, with all tweets (yams?) restricted to members of that space.  It solves the sensitive public exposure problem that makes many companies leery of Twitter, but immediately shifts it to the microcosm of the workplace: work has as many layers of privacy as the rest of the world.

What we need is a tool that emulates the natural exposure of data that we use every day. I want to develop a community of followers that, for some inexplicable reason, want to hear what I have to say. Within that community, I want to define many layers of access. When I post (or tweet, or whatever) I want a way to quickly and easily indicate the layers that should see that particular posting.

We seem to be in the early stages of building this system. Step one, being able to develop a community of follows, is well in hand. Step two, defining and applying layers of accessibility, is in its infancy and hardly usable. The last step, posting to those layers in a natural and intuitive way, is simply not possible yet.

Step two is easy. There are plenty of existing role-based security models that would be easily adapted to these environments. Let a user define an arbitrary number of layers, provide a way to map those layers to their followers, and you are done. Design some clever drag-and-drop interface with photo icons that appear to sit on a shiny reflective black surface, port it to Android and the iPhone, and you can probably pocket $10 million in venture capital by the end of the week.

The third step fascinates me. It is horribly difficult and a great exercise in elegant user interface design. How do you capture a message, quickly select one or more access levels, and send it out in a quick and intuitive way? Having to scroll and select from a pick list of levels is horribly invasive and breaks your concentration as you post. Are there gestures or some other interaction technique that make level selection easy and obvious? And I mean easy and obvious to anyone, not just the in-crowd that knows that Ajax is more than a cleanser.

Build this tool, and you’ll own the next wave of social interaction platforms. When it’s ready, give me a call so I can be a beta tester!