Why I Don’t Do Social Networking Sites

Time for a bit of a rant:

"Its not you, it’s me"

 

So said George Costanza, and I second the notion. Please do not be insulted when I turn down your request for one of the social networking sites. Really, "its not you, it’s me." 

Actually, its neither of us, but that’s hardly amusing. Several times a week, I get an invite to some social networking site: Plaxo, Friendster, MySpace, Orkut, 43Things, Spoke, Leverage Software, Zero Degrees, SelectMinds and LinkedIn.

Kevin Bacon may be six degrees away from everyone else, but I don’t need to be. More importantly, I do not want to entrust my data (precious data) to a start up firm — or Microsoft for that matter. (Google, maybe — but thats where I draw the line).

Indeed, I refuse to participate in any and all of these sites, and with good reason.

Why?

I think its safe to say that the marketplace does not have space for 9 (nine!) of these companies. And I probably missed some. Eventually, there may be some consolidation -we see it starting already. That means two things:  One, I have no idea where my personal data and address book will ultimately end up, what company or person; and B) the liklihood is that at least 2 but more likely 3 and probably 4 and maybe even 5, and quite possibly 6 of these firms will go belly up, the long dirt nap, buy a farm.

And when that happens, the VC’s investments will be worth zero, nada, zilch, and they will seek to recoup something, anything, even just pennies on the dollar (pretty please?). And then the vultures will come in: strip the offices down to the bare walls, sell everything thats not moving for pennies on the dollar. Aeron Chairs (ha!), PCs, desks, wall cabinets, EVERYTHING.

And when that happens, when the Bankruptcy Judge brings down the gavel, the most valuable asset these companies have — all of my personal info, plus all of your contact info, plus every person you know’s name/number/email address — will be sold to the highest bidder. They may promise that they will protect your data, but I simply do not believe they can control anything post banckruptcy.  The contracts are ignored.

And I’ll bet you dollars to donuts that the buyer will be a bigtime spammer. That’s right: I bet that some of the data that you have so willingly forked over to these new social networking firms will be sold to a spammer. That’s why I suggest you update your own damned address book.

No thanks . . .

>

UPDATE   March 27, 2005 5:24pm

This spam scam is circulating, preying on  (what do you know!) Social Networking sites:

Subject: Ringo

Finally got around to checking this, and it may be of interest to others.  It came from a friend a month or so ago, and I haven’t had a chance to speak to him yet, but it’s clearly something that should be avoided.

This falls in the same category as e-cards.  Seems like a nice easy and convenient service, but when you "send" the e-card, you’re giving out somebody’s email address to a big black hole.  Who knows how many places the address and other info are stored, or who has access to it..

This Ringo thing is a spammers mother lode — an organized, up-to-date email database.  We have enough problems with private info being hacked into, without offering even more of it up for grabs.  It doesn’t take much effort to keep an address book up to date, or to notify friends of address changes; and nobody else needs to get involved.

Just a FYI,
–Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
Hi,

I’m updating my address book.  Please click on the link below and enter your contact info for me:

http://ringo.com/i?uid=Y-5lis.G6jG5zrpA&

I’m using a new, free service where I put in my contact info for you, you put in your contact info for me, and everyone stays up to date automatically.  It’s surprisingly easy and useful.

It was inevitable that the spammers and scammers would get around to spoofing/phishing via these networks.

Print Friendly, PDF & Email

What's been said:

Discussions found on the web:
  1. BusinessBits commented on Feb 22

    Social Networking Sucks?

    …so says Barry Ritholtz at The Big Picture. He writes about the overwhelming possibility of people losing control of who has their information.

    …when the Bankruptcy Judge brings down the gavel, the most valuable asset these companies have — al…

  2. Dinesh Vadhia commented on Feb 23

    Brilliant! At last! What I’ve been saying for nearly two years.

    Another reason is why would any sensible person share their network (of contacts) to people who are essentially six degrees removed. Makes no sense to me as this is competitive information for my benefit!

  3. Stacy Martin commented on Feb 23

    NOTE: The following comment is from a PR person from Plaxo; I do not believe what she suggests is fully accurate. I was referencing the issue of a bankruptcy liquidation — not a reord or a takeover — i.e., what bankruptcy judges can do with contractually private data.

    After a chapter 13 filing — the contract is becomes moot, and the Judges obligation is to dispose of the corporate assets on behalf of creditors. One of those assets is the mailing/subscriber list.

    Anyway, here’s the PR spin:

    .

    OK, I understand yours was a rant, but what you are saying is a common misperception and completely untrue.

    > And when that happens, when the Bankruptcy Judge brings down the gavel, the most valuable asset these companies
    > have — all of my personal info, plus all of your contact info, plus every person you know’s name/number/email
    > address — will be sold to the highest bidder. They may promise that they will protect your data, but I simply do
    > not believe they can control anything post banckruptcy. The contracts are ignored.
    >

    No. The contracts are NOT ignored. Here is the truth, backed up by facts and actual case examples.

    First, people should always do is read the Privacy Policy of the company they are dealing with and understand their privacy practices.

    Second, people should understand that for US-based companies, privacy policies are legally-binding documents. They are enforceable by the FTC, granted under the FTC Act. Specifically, Section 5 of the FTC Act declares “unfair or deceptive acts” are declared unlawful.

    I’m sure you would agree that making public statements as those in a privacy policy in order to convince people to use your service, only to later violate those promises would certainly constitute an “unfair or deceptive act”. The FTC would agree and they have taken action numerous times to protect the rights of consumers and require companies to adhere to published privacy practices.

    But you make the point all “contracts are ignored” in bankruptcy or perhaps some other business transition. Again – this is incorrect.

    The FTC Act also covers material changes to privacy policies. The FTC operates under the concept that “a privacy policy walks with the information”. Basically, this means that consumers are protected even in cases where the privacy policy may be changed. The privacy policy in place at the time the information was collected remains in place for that same information. It is illegal for companies to make promises saying they will never sell your information to a 3rd party, only to change their privacy policy after they have collected your information.

    In the recent case between the FTC and Gateway Learning, Howard Beales, Director of the FTC’s Bureau of Consumer Protection, summed it up by stating, “You can change the rules but not after the game has been played.”

    There are numerous examples including the following:

    FTC vs. Gateway Learning: the FTC charged Gateway Learning with making deceptive claims about how it will use consumers’ information and from applying material changes in its privacy policy retroactively, without consumers’ consent. http://www.ftc.gov/opa/2004/07/gateway.htm

    FTC vs. Toysmart.com: Toysmart.com, a failed dot-com business attempted to sell it’s customer database in bankruptcy, only to be stopped by the FTC. The final settlement forbids the sale of this customer information except under very limited circumstances and ultimately the records were destroyed. http://www.ftc.gov/opa/2000/07/toysmart2.htm

    FTC vs. Petco: Petco was found to have violating promises made in their privacy policy regarding the security of their site. “Consumers have the right to expect companies to keep their promises about the security of the confidential consumer information they collect,” said Lydia Parnes, Acting Director of the FTC’s Bureau of Consumer Protection. “The FTC will hold companies to their word.” http://www.ftc.gov/opa/2004/11/petco.htm

    While I can not speak for other companies, with Plaxo, our privacy practices are summed up in our Privacy Principles:

    – Your Information is your own and you decide who will have access to it.
    – You maintain ownership rights to Your Information, even if there is a business transition or policy change.
    – You may add, delete, or modify Your Information at any time.
    – Plaxo will not update or modify Your Information without your permission.
    – Plaxo will not sell, exchange, or otherwise share Your Information with third parties, unless required by law or in accordance with your instructions.
    – Plaxo does not send spam, maintain spam mailing lists, or support the activities of spammers.

    Your information includes any information you manage within Plaxo, including information about yourself as well as information about your contacts.

    This information many not sway your opinion, and you may still feel that services such as Plaxo are still not appropriate for your usage. But I at least wanted to set the record straight when it comes to questions about privacy policies and their enforceability.

    I hope this helps. If you have any questions, please feel free to contact me directly.

    Thank you,

    Stacy Martin
    Plaxo Privacy Officer
    privacy @t plaxo.com

  4. Brian Shiau commented on Feb 23

    Hey Barry,
    I am actually part of a networking site. Thefacebook.com is the dominant networking site for college students, why? It’s a great directory for people at your school. The privacy system somewhat isolates you to your own school so that’s pretty good. The real benefit of this system verse others is that all the people on it are people you can/will potentially meet (at Princeton anyways, we’re a small school). Thefacebook.com shouldn’t bankrupt any VCs as its completely setup by some students at Harvard.

  5. Johannes Ernst commented on Feb 23

    That’s why you would want to support a decentralized model that puts you in control, instead of a centralized model that puts somebody else in control whom you don’t trust (for good or not so good reasons, doesn’t matter). Why not host your own?

    Disclaimer: we recently built such a system called LID(tm) — Light-Weight Identity(tm) — more info at http://lid.netmesh.org/

    Quotes from around the web at http://lid.netmesh.org/quotes/

  6. Coyote Blog commented on Feb 28

    Carnival of the Capitalists

    Welcome to the Carnival of the Capitalists.

  7. Coyote Blog commented on Feb 28

    Carnival of the Capitalists

    Welcome to the Carnival of the Capitalists.

  8. Barry Ritholtz commented on Feb 28

    Hi Guys,

    While I appreciate your input, you are incorrect about the enforcability of a privacy contract in bankruptcy. My example refers to a liquidation bankruptcy proceedings (not reorganization). In such a case, all the contractory obligationbs are vitiated. The legal entity known as a corporation owes monies, is obliged by promises, has contracts — they all get tossed nin the liquidation — ALL OF THEM.

    Hey, I understand you guys have a PR job to do, and there are cases where the FTC will step in. But that is not a guarantee — and to state this broadly, I do not want to trust my data to whther to not the FTC decides to stop the liquidation of the single nbiggest asset these companies likely have.

    Perhaps you can get me to change my tune if the FTC will release a definitive statement that ALL of these databases are exempt from liquidation in bankruptcy liquidation proceedings.

    Then all I would have to worry about is the FTC not changing their policy . . .

  9. Stacy Martin commented on Mar 1

    Barry – The Toysmart case I mentioned earlier is a prime example of what you are referring to – a total liquidation bankruptcy proceeding. I understand your reservation pertaining to the FTC, but as they demonstrated in this case, the fact remains that the privacy practices remain in place for any acquiring entity. The information may not be used in a manner contrary to what the user initially agreed upon to without receiving their consent.

    Hopefully, this isn’t going off too much on a tangent, but I think we would both agree that much of this comes down to trust as well as a person’s own balance between privacy and service. Everyone has different thresholds, I’ll be the first to admit that Plaxo may not be the solution for everyone.

    In deciding whether or not to use a service, I recommend people at least take a look at the privacy practices of services and businesses they are considering as well as the type of company the business keeps.

    In the case of Plaxo, we believe we have established one of the most stringent and consumer-protective privacy practices in the industry, even when compared to respected services such as Yahoo!, Google, or Amazon.

    In addition, we are backed by some of the most successful and reputable investment firms including Sequoia Capital, Globespan, and Cisco Systems as well as business strategists behind successful companies such as Yahoo!, Netscape, Google, and Amazon. Personally, I do not believe our backers would risk their money or reputations on an operation that did not uphold the same high business ethics and standards that made them successful.

    Sorry for my own rant. And thanks again.

  10. Joe B commented on Apr 26

    Stacy, as compelling as your argument sounds, there is always more to the story. All these cases you quote as examples are instances where data was collected, and in essence ‘archived’. These are store fronts that could involve a one-time purchase. If the company’s privacy policy changed, applying the change to historical data becomes more difficult (though not impossible).

    In the case of Plaxo, the idea is for the customer to actively use the service. Plaxo could change their privacy policy and include a phrase something like ‘continued use of our services constitutes acceptance of the policy change’. You know as well as I do, that few users will actually read these policy changes.

    Now, you could argue that anyone that doesn’t read them is causing their own problems, but in this case if a ‘friend’ puts my info on your servers, doesn’t read a change in policy, and continues to use your service, that puts MY info up for grabs. Also, privacy policies require a trust in the company posting them. Granted, companies can incur legal action for violating them, but how many violate them and don’t get caught. How many violate them, make a small fortunate and pay some small fine. (In other words, the fine is a good investment for the company.) I realize the same risk exists for any other site. Plaxo bothers me more because in this case, I don’t decide if I want to risk giving you my data. Someone else decides that for me.

    I knows it’s easy to accuse people like me of being cynics, but in today’s marketplace it’s better to be safe than sorry. Unfortunately, what you’re up against is the history of American business at work. As long as enough companies decide that the almighty dollar is more important than their customers, customers will get screwed and there will be skeptics. Plaxo may have a strict privacy policy, but I ask two questions. How do we KNOW you’ll abide by them? And how do we know you won’t change them mid-game?

    I know . . . trust me. (Don’t you wish it was that easy!) The reality is that you’d have better luck convincing people of your honesty if you were outright charging for the service. Then you’d risk losing a paying customer. I think your company’s secrecy in its early stages hurt them. After all, “nothing in this world is free”.

  11. Stacy Martin commented on May 4

    Joe – Thanks for the excellent comments. You bring up some good points that I’d like to address.

    > Plaxo could change their privacy policy and include a phrase
    > something like ‘continued use of our services constitutes acceptance
    > of the policy change’.

    You’ll notice that our privacy policy does not include any such statement. On the contrary, we do state that in our “Changes to the Plaxo Privacy Policy” section:

    ‘We will use Your Information in accordance with the Privacy Policy under which the information was collected. If, however, we plan to use Your Information in a manner different from that stated at the time of collection we will notify you via e-mail and/or through a notice on our Web site and any other appropriate methods and you will have a choice as to whether or not we use Your Information in this different manner. ‘

    So basically, in trying to establish some of the most consumer protective privacy practices, we have kept the power of choice with the Plaxo member. If they do not chose to have their “information used in a manner different from that stated at the time of collection”, their information will not/may not be used in the new fashion.

    Of course we could still change our policy to include such a phrase, but it would only apply to new users, and it would likely be difficult (impossible?) to manage different member’s information in different fashions.

    > you could argue that anyone that doesn’t read them is causing
    > their own problems, but in this case if a ‘friend’ puts my
    > info on your servers, doesn’t read a change in policy, and
    > continues to use your service, that puts MY info up for
    > grabs.
    > ….
    > Plaxo bothers me more because in this case, I don’t decide
    > if I want to risk giving you my data. Someone else decides
    > that for me.

    So do you object to a ‘friend’ saving your information to their online Address book that they perhaps maintain on Yahoo!, AOL, or any other webmail provider? Perhaps you have your own online address book with your own ISP. Do you feel you are putting the information of your own friends up for grabs as well?

    How is someone using Plaxo different from you using something like Yahoo! or the online address book provided by your ISP. In all cases, the member has chosen to use a 3rd party service and within that service, they may be managing the information of others. I understand that because our service is focused on address book management, the issues of privacy become very evident, but if you think about it, the risks and issues are the same. For example, does MSN/Hotmail’s privacy practices allow them to share the contents of the online address books of their 50M+ members. What should happen if the service were to be sold off or be closed down? Who would “own” the information and what could it be used for? Now of course, a legitimate business would likely not do anything like this as it would undermine their business, and the same is true for Plaxo.

    But at least with Plaxo, we’ve tried to address these question within our own privacy practices. We state very clearly that members own their own information (which includes information about themselves as well as their contact lists); members maintain ownership of their information regardless of a business transition or policy change, and Plaxo will not sell, exchange, or otherwise share the member’s information with any 3rd party.

    As long as we are true to our practices (and thus not violating US law), I certainly feel both members and the member’s contacts are protected when using Plaxo.

    > How do we KNOW you’ll abide by them? And how do we know you won’t change them mid-game?

    Hopefully I’ve properly addressed the second question with my earlier comments. But the main question is “How do you KNOW” we will abide by our privacy practices? I agree with you that it all comes down to trust. This is true for any service or company that someone deals with, and I’ve stated it before that our business is built on trust.

    But I will never say – “just trust us”. Trust is not something that can be give, but rather it must be earned. It is based upon what a company says, and more importantly what a company does. And this is what we focus on each day. Our privacy practices are one example our our public statement to allow people to judge our actions against our words. All we can do is try to operate in an open and public fashion and allow people to decide for themselves.

    As as for a final comment on Plaxo’s business model, it is built on providing premium services on top of the basic free service. One example is the recent release of our Plaxo Premium Suite which provides a growing list of add-on services that Plaxo members have highly requested and are willing to pay for (duplicate removals, WAP access, VIP support, and more to come). We also look for win-win features that allow our members to stay connected to their contacts, better utilize and control their own information, while providing revenue opportunities to Plaxo. Our Birthday Reminder service is such an example. Members love being proactively notified when a contact has an upcoming birthday. Members control if they wish to receive reminders, and for which contacts. The reminders also provide the member the opportunity to quickly and easily send their friend or business associate a card or gift and the ordering process can be streamlined by having Plaxo provide the contact or shipping information directly out of the member’s address book (no need to retype or remember). Plaxo generate revenues anytime a member makes a purchase through the Birthday Reminder service.

    Thanks again for the comments and discussion. If you have any further questions, please feel free to contact me directly.

  12. NishanStepak commented on Nov 4

    What the hell, might as well say it. Friendster looks lame why would you go there and give your information to them. Most of these sites look like someone tried aggressively to make you their friends wrong idea. Here is something that looks on target
    https://namesdatabase.com/ over 17 million members. Myspace also looks interesting because it is based on common interest. Think communities of interest with simple interfaces. I like the names database because it does what I want it to– give me a chance to communicate with someone in a straightforward secure manner. The rest look like bullshit. The only one which is mildly interesting is http://www.myspace.com it has a group of interesting people music lovers. I think a social networking site would work better if it was focused on a specific interest. Here is another one that makes sense http://sossoon.net/ — create a network for a purpose– professional contacts, love of music, etc. These generic sites look dumb. Or create an invitation only network.

  13. social networking site commented on Mar 21

    I tryed to use Orkut social neworking site but it looks like you need invite or something like that as i was not able to sign up.
    Just curious if it will be as good as friendwise.com i haven’t found a better online community then them people are super nice and very active as they get points for there activity and has more features like take and make polls and quizzes people actually answer everyones blogs just hope it stays better then myspace.
    I think basically you just need to sign up for the type of social networking site you wpuld like it’s not for everyone.

  14. ABInagali commented on Sep 23

    “Rumor has it”?? A rumor spread by… Brian Cliff of friendsnet.com perhaps?

Posted Under