Arrington’s Email Address Unusable in Andromeda Galaxy?

Super interesting Gillmore Group podcast today, if a little hot-headed at times. This has to be my new favorite podcast. Link.

At one point, about 45 minutes in, the group starts talking about the now famous(?) incident-turned-thought-experiment where Robert Scoble had used Plaxo to scrape an email address off one of his friend’s Facebook profile (Michael Arrington’s).

The basic problem is this: If Arrington had his way, Scoble would be able to enter Arrington’s secret email address into Gmail, because Arrington trusts Gmail. But Scoble wouldn’t be able to enter the secret email address into Plaxo, because Arrington doesn’t trust Plaxo.

To achieve this programmatically, we’d want a data-sharing framework set up whereby the secret email address would be wrapped a protective permissions blanket that would automatically prevent unwanted people from seeing it and using it. Only too bad the Gillmor Group didn’t talk about how this permission system would work, because I think the devil is in the details. Such a system would be an example of Digital Rights Management (“Code is Law!”); and through this system Arrington avoids having to take Scoble to court because the secret email address manages itself. Don’t we all love DRM?

So what might the DRM permission system look like? I was thinking about one straw man proposal and it got me cringing: What if it were a white-list. Then Arrington could block Plaxo? But how would it work when Scoble wants to enter Arrington’s secret email address into some completely new web system that Arrington doesn’t know whether he trusts or not? ((i.e. Can he play his dvd on linux? no.)) It doesn’t work.

Worse, take the white-list straw man into the future with an analogy for distributed computer systems: What happens if Scoble leaves the galaxy with Arrington’s protected secret, and meets an alien email system that purports to be able to send email privately AND faster than light. Scoble trusts it, and boy, what a great way to call home! But is he allowed to enter Arrington’s secret address? Or does he have to wait 22 million light years to get an updated permission set from Arrington? The white-list straw man doesn’t scale, and it impedes progress.

Hopefully the Gillmor Group will be telling us about DRM that does work soon.

Seems to me that the most useful permission system would allow for a sort of weighted transitive trust network. Returning finally to the original incident about the facebook-scraped email, here are my two cents: If someone provides you with their email address, the typical understanding is one of transitive trust: “Here’s my email address, I want you to have it. Use whatever software you use, but protect my data like you’d protect your own.” In this light at least, Scoble wasn’t wrong; he was just using his address book software.

Privacy == Can of worms.

3 Responses to “Arrington’s Email Address Unusable in Andromeda Galaxy?”

  1. Nick Says:

    I think the e-mail address analogy is the wrong place to start. E-mail is broken because of spam. Let’s instead think of friends on social networks as a big whitlist manager. Now let’s make that whitlist portable. This solves the spam/privacy use case to some degree.

    Twitter is a whitlist manager for people who can send me SMS messages, and the cool thing is that I don’t need to give al my friends my phone number. Could this be the model to follow?

    Whitlist=DRM=some privacy control. I agree that whitlists might not scale right now, but somone needs to come up with the architecture that will work.

  2. masonlee Says:

    Hi Nick,

    Interesting perspective on Twitter. It happens to be relevant to some of the software I’m working on now. I’d like to understand more this case where one might not want to give one’s phone number to friends, but wouldn’t mind receiving SMS disturbances from these friends the likes of “Wondering what to twitter.” It could simply be the ability to revoke the privilege of communicating with you that is appealing; though, if it’s that, wouldn’t a black-list on your phone just be easier?

    The privacy of email addresses is indeed a difficult example, though I think it’s actually a good one in that it doesn’t over-simplify the problem. I’ll post some thoughts about the privacy of photos in a minute.

    Thanks for the comment.

    –Mason

  3. Nick Says:

    By following someone on Twitter, you give them permission to direct message you. You could think of this as you adding them to your white list of people you can receive messages from. They can then follow you back, which you could think of as them adding you to their white list of people they can receive messages from.

    With SMS, there is an additional layer. You can choose to have direct messaged (which only go to one person, in contrast with regular status updates which go to the public) sent to your phone or just to your e-mail.

    This works out alright. There are a couple more features I wish it had such as the ability to tag or group people and then turn on and off SMS messages for these groups. But I am wondering if we can apply this granularity type to other aspects of social networking and at the same time have it be decentralized. You galaxy analogy should somehow take into consideration white listing not by domain name, but by the full address, maybe by the “planet” regardless of the other bad planets in the galaxy.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: