May. 10, 2010

Posted by in Facebook, General | 12 comments

Don’t Simply Build a More Open Facebook: Build a Better One

Geek Level: Not overly technical, but aimed at developers and entrepreneurs.

Frustration with Facebook has appeared to reach a tipping point recently. Changes to the service have always drawn criticism and even outrage from various users, but after the latest updates, I’m seeing more people talk seriously about leaving the site. Consequently, some people have begun looking for alternatives, and a few have even started trying to build their own.

I’m among those looking for alternatives. I’ve held back from closing my account several times in the past due to a large network of friends, but my concerns continue to rise. Few other options exist, though, and any service looking to compete directly with Facebook faces an uphill battle.

Consider this post my advice to anyone who wants to tackle that challenge.

1. Avoid Pitfalls in Planning

When I’ve observed people discussing Facebook competition thus far, they invariably seem to fall prey to what I see as two mistakes. First, they focus almost entirely on the development side: what back-end technologies to support, what formats to use for data exchange, protocols for such interactions, etc. All of these aspects are important to consider, but I contend that you need to start by looking at the user side of the equation: mapping out the features you will sell to average people, designing interfaces with usability and simplicity in mind, creating processes and workflows that anyone can understand.

Second, many critics of Facebook focus on how the company fails to be “open,” a term that has long since entered buzzword territory. Ask a developer about their Facebook replacement, and they’ll probably start by telling you how it uses the Open Stack, with tools such as OpenID, OAuth, and Activity Streams. I have no problem with using these formats in a new site, but once again, you ultimately have to focus on your users. If you want your product to find mainstream adoption, you’ll have to convince average consumers that using it is worth any difficulty involved in leaving Facebook. Most people don’t care so much about whether technology is “open” or “closed” so long as it works. (Case in point: iPhone.) Rather than starting your plans by picking which “open” standards you’ll use, start by designing a better social networking service and then determine how “open” specs will help you build that service.

2. Think Through Your Setup

While I don’t recommending starting with too many technical details in planning, you still need to think through how the general structure of your application will work. Social networking services tend to involve a number of interlocking components, and the nature of the content involved can invoke problems other services don’t normally face.

For instance, nearly every Facebook alternative I’ve heard about thus far is built to be a distributed system, connecting multiple servers or platforms together into an aggregated network. This offers a number of advantages over Facebook’s centrally controlled setup.

But it also brings a number of disadvantages and hurdles that ought to be addressed. Say your social graph on a distributed service includes 500 friends, with profiles spread across 100 different servers. What sort of performance will you get when you need to pull data from 100 sources to build a news feed? If you use caching, how will you handle data retention and expiration to respect others’ privacy? What sort of fail-safe measures will be in place if a few servers are down? How will you establish trust relationships or handle malicious users? How will security vulnerabilities in one server affect others on the network? How will you ensure every server stays updated with the latest patches or features? All these questions and more come into play with distributed social networking, and I’ve yet to see many of them satisfactorily addressed by current offerings.

3. Learn from Academic Researchers

Many people in the academic community are producing research that addresses how people interact both offline and online, as well as how people understand concepts of privacy and social networking. As websites continue to reshape the fabric of our society and Facebook in particular affects notions of privacy, you simply can’t afford to ignore these studies.

While I wouldn’t want to neglect the work of anyone in this field of academics, I particularly respect and recommend works by danah boyd. For example, her talks on “Making Sense of Privacy and Publicity” and “Privacy and Publicity in the Context of Big Data” are must-read material for anyone looking to enter the world of social networking development. I’d also advise learning about the Helen Nissenbaum‘s concept of “contextual integrity,” explained well in a series of articles by Michael Zimmer. Fred Stutzman and Kaliya Hamlin (though she’s strictly not in academia) are just a few more of the many people I’ve come across who are contributing to our understanding of social media. Get familiar with more than just the technical implications of social networking: understand the social side.

4. Relationships are Not Digital

I understand that the Internet has created new possibilities and methods for people to relate to one another, and I’m not arguing there’s anything inherently wrong with those developments. But I do think some online applications generally employ constructs that fail to resemble many offline relationships. For example, many online connections with other people are essentially binary – friend or not, follower or not. Making such a connection often involves a subscription to the other person’s entire stream generated updates, regardless of type or content. Control over those updates can be limited or confusing.

I recognize that providing effective communication channels that avoid being cumbersome but also reflect social norms is a daunting prospect. It’s no wonder most of the sites we’ve seen thus far have followed previous online models of communication, such as the simple dichotomy of public discussions and private messaging. But I think it’s time we reevaluate some of our ideas about how sharing content should look and seek out new methods for staying in touch.

Of course, with this point I’m really advocating for a Facebook alternative that addresses a certain market: an online service that helps people leverage technology to stay better connected with their offline friends and associates. Remember, my overall message here is to build a better Facebook. It’s not enough to make things more open, or offer more privacy controls, or integrate with more sites. You need to provide more value. And personally, I see a great opportunity to provide more value in finding better ways for people to stay in touch. As someone who lives in a different state than the majority of my friends and family, I have enough trouble keeping up with people even with Facebook, but getting rid of my account would make that task more difficult. I would love to see a service that improves on Facebook in this area, and I imagine many others would as well.

One other note on this point: I would love to see a service try and tackle the issue of multiple identities with a more elegant solution than letting users create multiple accounts.

5. Don’t Overdo Privacy Settings

Given the uproar over Facebook’s lack of certain privacy controls and the amount of time I’ve spent talking about privacy controls, this point may seem a bit strange. But “privacy” is not simply about having granular, detailed settings for every bit of content or feature on a site. Too many choices will easily overwhelm users, and while powerful controls may help enterprises manage permissions on resources, most people don’t have the time to manage a plethora of menus and check boxes.

This ties back into previous advice on understanding the social side of social networking. Don’t simply rely on the sort of controls that you as a developer or systems administrator use for managing data. In some cases, you may even need to simplify things by eliminating layers. For instance, Facebook provides separate settings for both the photos application as a whole and the photo albums within the application. I would argue getting rid of the former and displaying available albums based on the current context.

From a high level, I think privacy controls need to clearly but concisely communicate two things to a user: who can access the data and where (or how) may the data be publicized. Whatever settings you include need to be simple enough to maintain usability but clear enough to avoid any unpleasant surprises.

6. Reduce the Noise

Facebook and other services thrive on people sharing content. These sites push people to produce more content and increase the flow of information. However, I would contend that while access to increased information can bring many benefits, we have to balance that notion with the understanding that more knowledge is not always better and that increased information does not always need to broadcast. Many online users are suffering from severe information overload, and better filters alone are not going to solve the problem. It’s time we dialed back some on the production of content to begin with.

Please don’t misunderstand my position here: I’m not trying to put an end to Wikipedia or become some sort of content police. What I am saying is that our obsession with streams and the real-time web may be driving us to lose sight of other priorities. Just because your service can track and broadcast every activity your users perform doesn’t mean that it should.

7. Integrate with Facebook

This is one bit of advice I’ve not seen anywhere else thus far: If you want to beat Facebook, use Facebook’s features against it. Over the last several years, Facebook has provided more and more access to information for third-party developers. I’ve not seen any provisions that would prevent another social networking service from taking advantage of these methods.

I’ve often heard people talk about the idea of “taking your social graph with you,” but that’s not really the problem right now. It may be a bit complicated, but you can pretty much export your entire social graph from Facebook. The real problem is this: where do you take it to? The only “import” function for most sites involves scanning a list of e-mail addresses to find other users.

With Facebook’s APIs, though, you can simply connect your other social networking profile with your Facebook profile. Be warned that you should not simply assume people who do this will want any Facebook friends who sign up for your site to know about their profile or be their friend on your site. But you at least have options to make the transition much smoother.

Also, since people criticize Facebook for taking in more information than they give out, you can simply make sure data originates outside of Facebook. Your application can push status updates, messages, and content to Facebook, and then you already have a copy on your service. Besides, nowadays you can pull a user’s inbox, updates, notifications, and so on from Facebook as well.

8. Value What Your Users Value

Building a Facebook alternative includes many details to worry about, such as monetization, advertising, and privacy. But never forget what makes any service valuable: the people that use it. If your product becomes popular, that means people will be using it to share content they deem valuable and trusting you to store content they deem valuable. You will have to earn that trust and work hard to maintain it.

Communicate with your users in a helpful, honest way. Give them meaningful support options. Provide them with default privacy settings that protect them rather than surprise them. It can be fine to let users share everything with everyone if they want, but let the users decide and empower them to choose the path they want rather than push them towards one approach.

And above all, keep providing a service that people find useful. The real reason so many people still use Facebook is that the benefits outweigh any difficulties or privacy concerns. If you’re going to compete with Facebook, you’ll have to top that.

(Oh and one last bit of advice: come up with a good, professional name for your start-up. Please.)

  1. Thanks for the great insights. I’d like to just add that you should not rely on the playing field (or technology environment) to remain static. For example, if you leverage Facebook’s features to gain market share over them, what do you think will happen? It’s pretty obvious that they will change the playing field and block you from threatening their equity. Same goes for any other proprietary technology you interface with. If you depend on it too much, that’s a potential point of failure.

    Also, I would try NOT to make security the differentiator, or the compelling reason to use your solution. Security should just be a part that works well, and is easy to use. It should even be easy to replace as new security technologies evolve.

    Otherwise, let me know if you need help with this awesome new Facebook replacement project ;o)

    - Scott

  2. Decentralize the web with Diaspora

    Diaspora – the privacy aware, personally controlled, do-it-all distributed open source social network.

  3. @Scott: Very good point about the playing field changing. I think leveraging Facebook would be a good way to get a jumpstart and overcome the initial chicken-egg problem of social networking sites, but you’re right that Facebook probably wouldn’t rest on their laurels. Still, if Facebook specifically targeted a competitor, you could also use the situation to generate press. :) I also totally agree about security not being the main differentiator.

    @sovereignjohn: I’ve heard of Diaspora and looked over their initial materials. I wish them all the best, but I’m taking a wait and see position on the project. Most of what I’ve seen so far reflects the two pitfalls I described in my first point, I haven’t seen them address the problems with decentralization I outlined, and they don’t seem to be taking steps to reduce noise. Most importantly, how will Diaspora tangibly benefit the average user? I don’t know yet.

  4. Great advice. I’ve been hoping you would weigh in on some of the more radical social networking platforms that are rallying to upset Facebook’s position of power.

    I looked at the Diaspora project and came up with some thoughts that touch on similar issues you addressed:

    I couldn’t agree with you more about “openness” not being good enough. If the average user of these sites were expressly concerned with openness Facebook wouldn’t be nearly as attractive as it is. Security, Privacy and Openness are rarely the principle motivation in whether a user sticks with your service.

    - Daniel

  5. Theharmonyguy asks about benefits to the average user. There’s no question in my mind that diaspora won’t start as an average user tool. The initial audience is people who worry about their privacy. Mass adoption will come later and very slowly.

  6. Check out
    It offers easy and expressive privacy controls.

    Build more or less as a research example on open-source software (elgg) as part of an EU project on privacy management. While currently development is somewhat halted they are looking for someone and/or the elgg community to take this further.

    - Arjan

  7. Following up on Arjan’s post: his comment was referring to your remark:

    “One other note on this point: I would love to see a service try and tackle the issue of multiple identities with a more elegant solution than letting users create multiple accounts.”

    This is exactly what Clique ( does; having multiple ‘faces’ within one account. Warning: this is research, so don’t expect commercial-grade support. Feel free to play around with it.

    Plans for the coming year:
    - Add time dimension: content expiry, fading relations
    - enrolment wizard
    - encrypted posts (server-side and/or client-side)
    - …

    The project’s name is PrimeLife, website:


  8. Cool post harmony guy, the user focus and drive for simplicity resonate with me.

    One possible point of departure is that I feel that any future open Facebook should be focused on helping people work together to create a better quality of life offline. Now more than ever, people need help. And less and less business and government is there to help. We need to rely on each other more. Here’s my take:

  9. @Jason: If that’s true, Diaspora is even less the sort of product I’m looking for. I don’t want a service that starts with privacy and then figures out features for a mass audience – I want a service that starts with using technology to enable better relationships for anyone and then pays attention to privacy as it comes into play with accomplishing that goal.

    @Arjan and Karel: Thanks for the tip on Clique. I’d worked with elgg some in the past, but hadn’t been too impressed with it. I’ll check out Clique.

    But I’d also reiterate what I just said to Jason about Diaspora. The current frustration with Facebook is an opportunity to build something revolutionary instead of just something “more private”.

  10. I have looked at clique and am very impressed by the granularity and multiple identity support . I think it’s on the right track.

    Your points about the challenges of decentralization are valid, but if you don’t decentralize you are forever depending on whoever operates the central server to behave themselves (Facebook being a prime example of why this might not be a good idea). If protecting privacy is among the key goals, you have to build a decentralized ecosystem.

    You are also correct that most people won’t bother running their own node. However, I can’t see how one gets real privacy and real control over one’s data without doing that.

  11. @Jason: I certainly wasn’t condemning decentralized systems, but I’ve yet to see many people looking at distributed social networking address the hurdles I described.

    When it comes to running your own node… yes, that’s the ultimate level of control over your data. But I’d submit that there’s a middle ground. Think of e-mail – most people don’t run their own mail servers, but they can choose which mail provider to rely on instead. It may be that in a few years there are several large “Facebooks” alongside many individual servers, all interacting with each other.

  12. robertmunich says:

    Nice list. Number 7 baby.

    Get large enough and they will begin to block you as violating their ToS (á lá

    I am looking at Diaspora as well, but got about as far as you it looks like.


  1. Tweets that mention Don’t Simply Build a More Open Facebook—Build a Better One | Social Hacking -- - [...] This post was mentioned on Twitter by securityninja and Social Hacking, nomad411. nomad411 said: RT @theharmonyguy: New Post: Don’t ...
  2. Webmaster Blog | Bauplan für das nächste Facebook - [...] Planungen für das nächste große Ding im Web anzugehen. Joey Tyson von Social Hacking hat sich Gedanken gemacht, ...
  3. The web as an ethical layer « - [...] big issue of year. Facebook in particular have gotten regularly flamed for their ever decreasing privacy circle. Now they’re ...
  4. Don't Simply Build a More Open Facebook: Build a Better One … - [...] here to read the rest: Don't Simply Build a More Open Facebook: Build a Better One … ...

Leave a Reply