Facebook's Vulnerabilities
3 min read

Facebook's Vulnerabilities

Facebook has a shot at being the first web company since Google to build a really big BUSINESS, not just a big user base. But Facebook has a number of vulnerabilities, which are worth pondering as we also ponder its huge potential. I’ve written before about some of these vulnerabilities, such as the risk that Facebook will lose the sense of exclusivity that once propelled it, or the risk that specialized professional networks will steal away business users. Here are two more of Facebook’s vulnerabilities:

  1. Facebook Platform vs. Open Platform
    Facebook was brilliantly first to market with a platform for application developers, but that approach was quickly copied by everyone, from MySpace on down. Now there’s news that Google is leading the charge on introducing API standards, called OpenSocial, for turning every social network on the web into an OPEN developer platform. Rather than developing an application ONLY for Facebook’s proprietary platform, developers can create an application that works on EVERY social network that adopts the standard.

There’s a BIG potential upside here for every site that competes with Facebook, and for Google in particular, as Erick Schonfeld points out:

The real killer app for Google is not to turn Orkut into a Facebook clone. It is to turn every Google app into a social application without you even noticing that you’ve joined yet another social network.

Unlike Facebook, which only benefits from what goes on inside its walls, Google, by supporting the OpenSocial standard, is setting itself up to benefit from activity outside its walls — the more sites that support the OpenSocial standard, the more developers will write applications to that standard, and the more Google will benefit from enhancements to its social applications and the ability to leverage the huge amounts of user data that these applications generate.

It’s a brilliant way to trump Facebook’s brilliance — give developers incentive to develop for your platform by enabling them to deploy the same apps on EVERY OTHER platform via a shared standard.

What remains to be seen is whether Facebook’s being first to market holds any long-term competitive advantage, now that they’re going head-to-head with the ENTIRE market united by an open standard.

  1. “Do Not Call” For Online Ad Targeting Based on Personal Data
    Facebook’s big business model bet is that it can use all of the information that users provide in their profiles to target ads not only on Facebook but across the web. Such an ad network could be behavioral targeting on steroids, because the information about a user would be explicit, i.e. skiing listed as hobby, vs. implicit, i.e. visiting a web page about skiing.

Behavioral targeting has raised many privacy concerns, but that’s nothing compared to the privacy issues inherent in an ad targeting model driven by explicit user profile data. What happens when Facebook users realize that every bit of data they put into their profile is being sold to advertisers and following them everywhere they go on the web?

Several privacy groups are expect to call for the creation of the equivalent of a “Do Not Call” list for the web, which would allow users to opt out of having their personal data used for ad targeting. While behavioral targeting is the current focus of privacy advocates, Facebook’s ad model could easily become the new poster child for privacy invasion.

Of course, there’s a strong counterargument to such an opt-out — this type of targeting based on personal data makes ads on the web MUCH more relevant and, in the best scenario, actually USEFUL — think Google AdWords at its best.

I think most web users can appreciate the value of relevant ads — certainly search advertising has trained people to appreciate this value exchange. I think the real issues is going to be the mechanisms used to gather data for targeting ads — people will likely draw their privacy lines in different places.

It’s one thing to target ads based on keywords that users type into a search box. It’s another thing to target ads based on information that users passively supply by visiting pages or that was supplied once during a registration process. To move now to harvesting data from a social network profile page that is constantly and actively updated by the user — that ups the ante yet again.

Since Facebook has currently the greatest potential to target ads based on user data, it will also be the greatest test case for whether users value ad relevancy more than privacy.