Mobile Address Book—Much Heat, Little Light

Editor’s note: Guest author Keith Teare is General Partner at his incubator Archimedes Labs and CEO of newly funded He was a co-founder of TechCrunch. is a stealth company in the mobile space and as such Keith’s opinions on this issue are likely to reflect his product focus.

The controversy that began last week with mobile startup Path being exposed for downloading users address books from their mobile device exploded over the weekend.

Fighting the good fight

Nick Bilton at the New York Times opined on the matter and declared Path to have been let off way too lightly due to the Silicon Valley echo chamber and its lack of concern for privacy. Path investors, and my good friends, Mike Arrington and MG Siegler weighed in, to resist Nick’s points, and now Kara Swisher and others have responded.

Oh boy…. Lots of  heat, but where oh where is the light? Well, it is beginning to be demanded.

Om Malik, who I love, has a has a post this morning asking developers who have apps that use the mobile address book to “do the right thing”.

Chris Dixon, angel investor, also has a post  and asks himself aloud:

 I don’t know what the product design motivations are for uploading contacts, but I assume there are legitimate ones.

So, what constitutes “the right thing”?

The address book was stolen by web 2.0, and remains captive today.

As I remarked in my TechCrunch post last week, the address book has evolved over the past 10 years from something that sat alone on your desktop or laptop, usually inside Outlook. Firstly into something shared (Plaxo), then into something mined for intelligence (Xobni) . And since Web 2.0 the address book has become something that is implicitly owned and managed by a service provider – usually Facebook or Google – on the user’s behalf. Of course it is mined too. The big unspoken fact is that Facebook is the biggest perpetrator of address book hijacking. Google + seems to be in the same bucket. Path simply copied their architecture, but because the address book came from the phone the act of “taking” was explicit whereas in Facebook, Google and other web 2.0 services it is implicit – part of the service.

Mobile – Taking back ownership of your friends/contact list.

For the first time the growth of smart phones, and the mobile architecture, makes it possible for the address book to once again be under the control of the user.

The incident with Path last week is mainly unfortunate in that it gave the impression that the mobile software ecosystem will be exactly like the web 2.0 ecosystem – one that requires users address book data to be stored or hosted on a service in order to be usable in various social scenarios. In this sense those who gave Dave Morin (who I have no reason to believe is anything other than a smart well intentioned guy) an easy ride, did nobody any favors.

This weekend Scottish blogger Matt Gemmell showed exactly why what Path was doing is unnecessary and even lazy, leaving aside its ethics. He described a method of building social software on the mobile platform, without compromising on user-facing features. His method (and in truth it is a well-known method) never (yes NEVER) takes the users address book from the phone and only uses partial, encrypted and anonymized data from the address book in order to provide social features like friend finding or matching .

After explaining the use of hashing and anonymous matching algorithms he says:

Everyone is happy. Your social friend-finding features are intact, and every bit as convenient as before. But, none of your friends’ email addresses are ever uploaded (in a readable, usable form) to some company’s server. Privacy is preserved along with convenience. It’s a mathematical miracle.

Peer to Peer through the cloud.

What Matt  is describing here is something I think of as peer to peer networking through the cloud. It isn’t true peer to peer because there is an intermediary. But the intermediary simply does the minimum necessary in order to glue the peers together. This architecture is a very good fit for the mobile ecosystem because it puts maximum control in the hands of each user on the device, without ever needing an all knowing vendor in the middle.

This architecture allows us to benefit from the growth of social features in a mobile context, without jeopardizing that by creating fear amongst users that their private data is being removed – either with or without their consent. The truly human needs being met by the smart phone – to communicate, to share, to discover people and so on – can be realized free of fear.

As Om Malik remarks in his piece today:

Today’s apps are inherently more social and thus by extension more human. The relationships on this social web are going from increasingly virtual to more real. In a sense, these apps have started to reflect our daily lives. As many have said before, we are the social web and the social web is us.

The smart phone can be a massive benefit to us humans if we can develop software for users first. That will require us to focus on different things than we focused on in the web 2.0 era. The events of the past two weeks make it pretty obvious that we need to start with a whole architecture.