In the old days of web publishing, almost every site required its users to register in order to access certain functionalities, like commenting. However, each login was only useful to its corresponding website. Users had to remember a myriad of usernames and passwords just to read up on the morning news.
With the rise of social networks and search platforms, a few large B2C companies evolved into large-scale consumer identity providers (a.k.a. IdPs) — Facebook, Twitter and Google, among others. These companies began to fill the identity-management gap by giving users a few different IDs that worked across media websites. For instance, you can register at Mashable using your Facebook or Twitter ID, and a few others (like Google) will be activated soon.
As many of you know, when you register on a media site with your Facebook or Twitter identity, you’re usually asked to give access to your profile data (like name and email address), and allow that site to publish to your feeds (like your News Feed on Facebook, or your Timeline on Twitter). Presumably, media sites, not unlike Mashable, do this with the best of intentions. But they’re only going to publish content to your feed that you’ve expressed interest in, and then follow up with you via email, right? Maybe.
For instance, we just launched our Mashable Awards 2011 microsite. By registering with Mashable using your Facebook or Twitter account, you can nominate your favorite company, person, site, game, app or gadget for any of the 28 categories. Once you nominate, we’ll publish a notification to both your Twitter and Facebook accounts. When your notification appears on your feed, presumably your friends will see it, and stop over at Mashable to nominate their own favorites. (This is, in fact, what’s happening now, and the main reason why Awards is such a fun project for us.)
So, what’s the harm in this? None really, as long as this newfound power is wielded properly. In short, the media company posts to your feed when it’s supposed to. If you get annoyed, simply revoke access. You can take my word that we, at Mashable, will use this access appropriately. But that’s just it: You have to take my word. Easier said than done.
There’s a great burden placed on identity providers to police the media companies that connect with their users. There’s also a great burden on media companies to fulfill and not violate the trust of their end-users, and to behave appropriately.
In the end, if we violate your trust, you’ll just revoke our access and probably not return. But, is that the best means of policing media companies, or more generally, is that the best way of policing access to your shared identity?
How can we prevent media companies from abusing this level of access to your identity?
Or, how can identity providers give users greater control without making the whole process too complicated?
Identity management, and more pointedly, identity ownership, is a topic of great concern. Many heated viewpoints exist; the only agreement so far is that the “driver’s license” of the Internet faces a long road of obstacles.
t the Mashable Media Summit 2011, I’ll discuss this and more with my esteemed colleagues: Paul Berry, CTO of The Huffington Post, Andy Mitchell, strategic partner development at Facebook, and Andrew Nash, director of identity products at Google.
I won’t guarantee an answer, but I can guarantee a good discussion. Bring your thinking caps, your questions and, so you can get in the door, your driver’s licenses.
Source from : Mashable.com
1 comment:
With the rise of social networks and search platforms, a few large B2C companies evolved into large-scale consumer identity providers (a.k.a. IdPs) — Facebook, Twitter and Google, among others. These companies began to fill the identity-management gap by giving users a few different IDs that worked across media websites. For instance, you can register at Mashable using your Facebook or Twitter ID, and a few others (like Google) will be activated soon.
Post a Comment