He Said, She Said In Google v. Facebook

More details on Facebook’s banning of Google Friend Connect from the Facebook API earlier today. I spoke with Facebook Chief Privacy Officer Chris Kelly and Google’s Director of Engineering David Glazer about the banning to get a fuller picture of the conflict.

Here’s an example of how Friend Connect (more details) works in practice. A third party site may want to add social elements to their service. They can integrate with Friend connect and allow users to sign in. Those users choose a social network where they keep their profile (Orkut, Hi5, GTalk and, until today, Facebook) and log in via the social network’s API. They then become “members” of the site, using Google’s terminology. If any of their friends from their social network also become members of that site, those friends are shown on the site and you can interact with them. To see it for yourself, click “log in” at the top of this sample site, IngridMichaelson.

Kelly says the issue comes down to the fact that Google Friend Connect users don’t have control over data pulled from Facebook. In particular, Facebook is concerned that they have no relationship to the end site where the data is presented (in the example above, IngridMichaelson). Instead, Google has inserted itself as a middleman in the process.

Also, Kelly says, once permission is granted to share data, the user has no way to revoke that permission from their Facebook account. Facebook has a privacy control panel that lets users set and change privacy setting over time, including the removal of applications. With Google in the middle, Facebook has no way to stop the flow of data to these third parties.

Google’s Glazer counters that they have a very effective method for unlinking to a site that a user has given permission to, so users will be just fine. In the screen shot below, Google gives an option to “Unlink” the specific social network from the site (on right) or change the data that’s shared from the social network (on left). Kelly is correct that you can’t trigger the unsubscribe from Facebook.com, but Glazer says that’s because Facebook’s API has no way of telling Facebook about the third party site the data has been passed off to.

Glazer says that they have been in “constant contact” with Facebook over the Friend Connect product, and are still trying to work with Facebook to get access to the API again. But Facebook has their own competing product to Friend Connect, called Facebook Connect. The longer the ban, made under the banner of protecting user privacy, remains in place, the stronger Facebook’s position will be competitively. My guess is they’re in no hurry to get through this conflict any time soon.

The fact is that Google is taking perfectly adequate steps to protect user privacy with their Friend Connect product, and it is a useful product for users. After talking with both sides, it seems to me that Facebook is relying on a very convenient catch-22 to stay out of Google’s network. They are the ones in control of their own API functionality, and they could add features that fix this problem. Until they do, there’s nothing Google can do to remedy the “problem,” and the walls around the Facebook garden get ever higher.