UK Web Focus (Brian Kelly)

Innovation and best practices for the Web

Should Personal Data In Facebook Be Exportable?

Posted by Brian Kelly on 7 Jan 2008

On 2nd January 2008 I described various recent improvements to Facebook. I also pointed out that the research community has been developing tools for exporting data from Facebook for use in other applications. However my post added a note of caution:

Has the problem of data being trapped within Facebook now been solved? I don’t think so – remember that this is an experimental prototype … Perhaps more interestingly, though, are the ethics of exporting personal data to other applications.  The data I have received from my friends (their photos, contact details, interests, etc.)  has only been made available once we have mutually accepted friendship invitations.

Coincidentally the next day the blogosphere was full of discussions on this very topic, following an announcement (made initially on Twitter) that Robert Scoble had been banned from Facebook for using a scraping tool for exporting data from his Facebook account (“I got kicked off of Facebook because I was running a naughty script trying to get my friends info off of Facebook“).

Paul Miller and Nick Carr (“Scoble: freedom fighter or data thief?“) were amongst many bloggers who expressed their views on this incident in the immediate aftermath of this announcement.

My view if that it would be a mistake to portray this incident as a freedom fighter taking on the big evil corporate monster. I would also question the automatic assumption that people may have that they should be able to get out and reuse data they can access in networked services.  I feel that the nature of social networking services needs us to rethink assumptions which may have been valid in self-contained systems.

For example my email address and work details are freely available (on my Web site, my email signature, my business card, etc.)  However I took a deliberate decision not to publish my Skype and my MSN IDs and my mobile phone number in order to avoid both dangers of misuse (spam) and inappropriate use (being contacted out of work hours or being inundated with messages). 

But sometimes it would be useful to provide such information to others, but in a managed fashion. I do this from time to time, giving out my mobile phone number when I’m organising events (and am speaking at an event) so that conact can be made in case of problems, In such cases there may be an implied understanding that the information is provided only on a short term basis. However such understandings which may be reached by humans will not necessarily be the case in the networked world.

On Facebook when I befriend an individual this provides us with a mechanism for sharing information, which will include contact details as well as a wide range of other information.  But, whilst this information is managed in a Facebook environment I maintain control over this information, and can change the access conditions or even, by defriending people, withdraw access to my data.  And this is an important aspect of effective social networks. 

Circumventing such access control is therefore problematic, I feel. And this was the reason why I did not publish the FOAF file containing details of my Facebook friends.

Of course there are dangers of data lock-in if data cannot be exported from systems.  And if Facebook goes out of business there will be a lot of annoyed individuals if they cannot lose functionality and services they find useful.

It needs to be acknowledged that there does need to be a debate on how we should best proceed in addressing such tensions.  But this debate does need to be informed by an understanding of the diversity of requirements.

I was very pleased, therefore, to see a news item in Facebook from Dan Brickley about a WebCamp: SocialNetworkPortability event to be held in Cork on 2nd March 2008. The event will look at “abstract approaches for social network portability”, “authentication methods for cross-SNS usage” and “giving permission for profile discovery on different social networks”.

These are some of the important issues which need to be thrashed out. And Robert Scoble’s approach of simply running a screenscraper to extract personal data ignores these important issues.  So Facebook should be applauded, IMHO, for stopping Robert from infringing Facebooks’ terms and conditions. And note that there is a Facebook aplication – Friendscsv– which allows contact details to be exported from Facebook. Aparently:

This application has been created in accordance with the terms and condition outlined in the Facebook Terms of Use (May 24, 2007), Facebook Privacy Policy (Sept 12, 2007), and the Facebook Platform Terms of Service and Platform Documentation (July 25, 2007). The data exported from your cadre of friends is obtained in accordance with their Privacy Settings and does not contain any contact information.

That sounds good. But: 

By using this application, you consent to allow the developers to create a basic entry for you on, a site they also own and maintain. Your use of this application represents your consent to the privacy policies laid out on The developers of this application do not store any information (encrypted or otherwise) about your friends.

So a company (Bigsight) has already been set up which allows your contact data to be exported, provided the data is also uploaded to their social network. Now Bigsight is currently in beta and, according to their directory, there are only nine people from London registered.

But if a Facebook friend of mine uses this tool, will I find my personal details held on this service?  Is this something to be welcomed?  Or, to revisit the title of this post, should personal data in Facebook be exportable?

5 Responses to “Should Personal Data In Facebook Be Exportable?”

  1. Ben Toth said

    I’m trying Bigsight (got an error so far) and am wondering about the relationship with OpenID and the JISC names project. It’s so obvious that identity is the missing part of the Internet. Good luck to Bigsight. I’m pleased with Verisign’s OpenID Seatbelt just now but would be happy to pay for a simple, reliable, universally applicable identity service provided by a robust .org

  2. Here’s how to get yourself removed from BigSight.

  3. Hi Brian –

    Thanks for the WebCamp link – I think the three topics you highlighted – “abstract approaches for social network portability”, “authentication methods for cross-SNS usage” and “giving permission for profile discovery on different social networks” – would make for good topics for breakout sessions in the afternoon.

    Hope to see you and others there…


  4. […] Should Personal Data In Facebook Be Exportable? […]

  5. shaidorsai said

    Hmm. There’s a couple of views about this. My friend Phil Whitehouse suggests:

    …we should be focusing on permission and trust.

    When I add someone as a friend on Facebook, I give Facebook permission to share my details with them. I also give that person permission to use that data however they wish. And I trust them not to use the data for nefarious ends. Same as in real life, except there is an initial broker.

    …I (give) permission to (them) to use my contact data however (they) wanted. Facebook acted as the broker, but after the initial connection was made, they have no place in preventing (them) from using that data. Terms of Use be damned. If (they) abused the trust I place in (them), then that’s a matter between me and (them)

    Me? I’d like an easy way to get my data out of Facebook, flickr and so on, and use it. You never know, trust & data portability might even hang together…

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: