Tag Archives: dataportability

Yahoo and AOL Enhancing OpenID with Data Portability via the “Simple Registration” Extension

As many of my readers know, the user experience (UX) for OpenID has been a source of confusion and an impediment to broader adoption. That gave rise to an OpenID UX Summit a few weeks ago, hosted by Yahoo and attended by Google, Microsoft, MySpace, AOL, Plaxo, Facebook and many others. It also was a major focus of sessions and late-night discussion at last week’s Internet Identity Workshop. Today, we get to see some of the fruits of those efforts, as Yahoo rolls out (in a limited test) a new implementation of OpenID, currently live with just two test sites, Plaxo and Jyte; and AOL releases preview support for data portability via SREG.

Yahoo’s post describes the details:

Today, we are announcing the start of a limited test of the Simple Registration extension for the Yahoo! OpenID service. The Simple Registration extension allows OpenID RPs to request user profile data from the OpenID provider. Yahoo! will be providing Yahoo! OpenID users the ability to share the following Simple Registration fields for this initial test: Full Name, Nick Name, Email Address, Gender, Language and Timezone. The Yahoo! OpenID user will have full control on whether to share their profile data with the OpenID relying party. We will use the Yahoo! Profiles API to populate the user card which will be presented on the Yahoo! OpenID Review and Confirm page.

Joseph Smarr of Plaxo also has a post on the matter, including screenshots of the improved onboarding flow. As Joseph points out, this is really something bigger than single sign-on; the key is that the identity can bring with it, at the user’s option, some of their social data. This is an important step forward for data portability:

I think we can continue to expect more and more data to flow across the OpenID link, which will make it increasingly valuable for Relying Parties like Plaxo, and should incentivize many more sites to become RPs themselves. It’s great to see this virtuous cycle in motion, and Plaxo is eager to work with any and all OpenID Providers who want to improve their UX and empower their users to use more of their data across the web!

So, if you don’t have a Plaxo account yet, you can sign up for one with your Yahoo OpenID. If you choose to share your basic account info, you’ll land on a registration form that is pre-populated with with almost every field you need to activate your account. You only need to add your birthday and your country. (In a future release, we hope to get those last two fields as well, so we can do away with the form entirely.) Oh, and the user’s language choice will come along, too, so we can drop them into the appropriate localized version of Plaxo. Sweet!

George Fletcher of AOL also has a post on the AOL and SREG, entitled “OAuth and SREG and MapQuest! Oh My!” I’m still trying to figure out where I can go see the AOL OpenID w/ SREG live. Any pointers, anyone?

It’s great to see the pace of innovation on the Open Stack begin to accelerate.

For more on Yahoo’s test release, we made it the primary topic of this week’s episode of The Social Web TV, complete with a “magical” demo. (We didn’t know about the AOL news when we shot!):

Tagged , , , , ,

Facebook, Microsoft and Data Portability

Michael Arrington has a great piece up on TechCrunch entitled “The Very Curious Microsoft-Facebook User Data Relationship“. In it, he shines a spotlight on a most curious thing — that Facebook has given Microsoft access to data on Facebook users that they have said they would not give to anyone, as it would violate users’ privacy. Specifically, he shows screenshots of an import of a Facebook friends list into Microsoft’s IM client, Messenger, in which the user ends up with the email addresses of all of the their friends (and can then connect with them or invite them to Messenger).

As you may recall, this was at the heart of the controversy now know as “Scoblegate,” in which Plaxo had created a Facebook importer that brought a user’s friends list, including email address over into the Plaxo address book. Aside from the interesting questions Michael Arrington raises, I would add this observation: It is great to see this functionality out there, live since March, without a single bit of controversy. That speaks to the utility of data portability. If social networking really is about real people and real relationships, it would be great if sharing information were real sharing of information, not tethered-sharing , which is essentially “social DRM”.

Also, really funny how the official blogpost from Microsoft directly references the Scoblegate incident! That is a head-scratcher!


One, I’d love to hear Dare Obasanjo’s perspective on this. A refresher on his position on this issue as of last January.

Two, check out the comment on TechCrunch from Facebook’s privacy officer, Chris Kelly. While he corrects a few things, he does not deny that they are sharing email addresses with Microsoft.

Tagged , , , , , ,

What a Week! Now Facebook Announces “Facebook Connect”

The Wall

My head is spinning. I can hardly keep up. In the latest news, according to Dave Morin at Facebook, is the announcement of Facebook Connect:

“Facebook Connect is the next iteration of Facebook Platform that allows users to “connect” their Facebook identity, friends and privacy to any site. This will now enable third party websites to implement and offer even more features of Facebook Platform off of Facebook – similar to features available to third party applications today on Facebook.”

Michael Arrington at TechCrunch writes:

“Facebook connect is Facebook’s first honest attempt to allow access to Facebook user data outside of Facebook itself. The company is describing it as giving third party applications access to much of the same data as Facebook applications have today. We’ll know more in a couple of weeks when it formally launches.”

Like MySpace’s announcement of yesterday, the general spirit sounds great and totally aligned with the data portability and open Social Web memes. But, of course, the devil may be in the details. Eager to connect with Dave to learn more and see what this means for sites like Plaxo Pulse.

This sure sounds great:

“These are just a few steps Facebook is taking to make the vision of data portability a reality for users worldwide. We believe the next evolution of data portability is about much more than data. It’s about giving users the ability to take their identity and friends with them around the Web, while being able to trust that their information is always up to date and always protected by their privacy settings.”

Caroline McCarthy of CNET has a nice writeup with some insight into the backstory:

One Facebook insider, speaking on the condition of anonymity, said to CNET News.com that the project had been in the works for quite some time, and said the announcement wasn’t issued as a response to MySpace’s “Data Availability” project.


David Recordon of SixApart and the OpenID Foundation has an insightful writeup on the actual details of yesterday’s MySpace announcement:

“After this announcement I had the pleasure of speaking with a reporter who was on the briefing call. He explained that MySpace said that due to their terms of service the participating sites (e.g. Twitter) would not be allowed to cache or store any of the profile information. In my mind this led to the Data Availability API being structured in one of two ways: 1) on each page load Twitter makes a request to MySpace fetching the protected profile information via OAuth to then display on their site or 2) Twitter includes JavaScript which the browser then uses to fill in the corresponding profile information when it renders the page. Either case is not an example of data portability no matter how you define the term!”

Indeed, the devil is in the details.

Tagged , , ,
%d bloggers like this: