This is the second lecture in the Social Web course (2014) at the VU University Amsterdam. Visit the website for more information: http://thesocialweb2014.wordpress.com/
Lecture 2: Interactions, Frameworks, Privacy & Security on the Social Web (2014)
1. Social Web
2014
Lecture II: What People DO on the Social Web?
Lora Aroyo
The Network Institute
VU University Amsterdam
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
3. Social in Physical World
People have relationships within & across different contexts:
family, sports, work, friends
In ‘real world’ it works due to a relatively small set of social
contexts & interaction opportunities
http://www.w3.org/2005/Incubator/socialweb/wiki/SocialWebFrameworks2#Social_Graph_Management_Today
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
4. Social in Digital World
Digital social dynamics match physical world:
friends are friends in both worlds
There are also significant differences:
•
# people to interact with, not limited by
distance/time
•
a person can ‘block’ or ‘manage’
relationships
•
multiple systems - multiple accounts, i.e.
multi-ple digital representation (personae,
personal profiles) of a user
•
personae are subject to different social
norms
•
personae can evolve over time
•
personae are less (not) limited in scope
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
6. Multiple SN Accounts
• Accounts on different social & professional networks, utilised in
different ways, depending on the digital context, e.g.:
• friendly chat on Facebook
• professional discussion on LinkedIn
• dating on Hives
As a consequence there is a need to manage the user profiles,
identities & permissions, and their social graph (relationships) & their
social media
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
7. Problems
Maintaining a multitude of online profiles for different contexts is
cumbersome and time consuming —> not scalable
Difficult for new social networks to attract new & maintain active
members simply because of the effort involved in creating &
maintaining “yet-another-profile”, e.g. re-establishing different aspects
of your profile under yet another context
Users cannot control how their information is viewed by others in
different contexts by different social applications
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
8. Architecture Needed
for managing multiple Social Web profiles
“policy-oriented web” architecture to support trusted
services in the longer term
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
9. For example …
In one system manage your personal information:
• home address, telephone number, & best friends
• your Friends Profile gets exposed to Hives and Twitter
In another system manage work-related information:
• office address, office telephone number, & work colleagues
• your Work Profile gets exposed to Plaxo and LinkedIn
Another choice could be to store your entire profile locally
with a trusted third party, and then
• your Health Profile can be exposed to health care providers
• your Citizen Profile can be exposed to government services
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
17. Opening the Sites
• Demand from application developers to make use of the
amounts of Social Web data & make their applications
available to the site members
• Demand from users to reuse data and connections they
have already established on other sites, e.g. Google+
download your data, Diaspora* download xml, download
photos
• In response: Facebook provided an API & Google
OpenSocial API
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
18. • open, decentralized standard for authenticating users
that can be used for access control, allowing users to log
on to different services with the same digital identity
where these services trust the authentication body
• making sure the users are who they say they are
• http://openid.net/
• Started in 2005 as Yadis (Yet another distributed identity
system)
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
19. with OpenID, the process
starts with the application
asking the user for their
identity (typically an
openid URI)
http://openidexplained.com/
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
20. who’s right?
privacy vs. security?
can we trust what
people provide to
SNSs?
Monday, February 17, 14
21. what’s next big thing
in SNS?
why do people make
their social life
explicit?
earning money vs.
protecting users
Monday, February 17, 14
22. OAuth
• an open protocol to allow secure API authorization in a
standard method for web applications; it enables users to
grant third-party access to their web resources without
sharing their passwords
• largely based on: Flickr’s API Auth & Google’s AuthSub
• limitations in terms of complexity, user experience, scale
• 3 flows merged into one: web-based apps, desktop clients &
mobile/limited devices; e.g. when Facebook Connect existed
- flows for web apps, mobile devices & game consoles
• http://oauth.net/
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
23. OAuth 2.0
• OAuth 2.0 focuses on client developer simplicity - providing specific
authorization flows for web & desktop applications, mobile phones &
living room devices
• not backwards compatible with previous versions
• 6 New Flows
• http://oauth.net/2/
the application directly
requests a limited
access OAuth Token
(valet key) to access the
APIs (enter the house)
on user's behalf. If the
user can grant that
access, the application
can retrieve the unique
identifier for establishing
the profile (identity)
using the APIs.
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
24. Twitter Employing
Figure credits: http://www.phpbuilder.com/columns/sachin_khosla062510.php3
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
25. Facebook Platform
•
•
•
•
•
•
Graph API - core of Facebook Platform, to read and write data
to Facebook (simple and consistent view of the social graph)
Open Graph - defining Actions and Objects
Facebook Query Language (FQL) - SQL-style interface to query
the data exposed by the Graph API
Authentication (Facebook Login) - interact with Graph API on
behalf of Facebook users (single-sign on mechanism for web,
mobile & desktop apps)
Social Plugins, Facebook Payments, Ads API, Chat API (via
Jabber/XMPP service), JavaScript SDK
Depreciated: REST API, FBML, and the old Javascript API,
Facebook Connect APIs
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
26. • open standards-based (e.g. JavaScript, HTML) component
model for cloud-based social apps
• Google initiative (set of APIs) in 2007:
• People & Friends API (people and relationship
information)
• Activities API (publishing & accessing user activity
information)
• Persistence API (simple key-value pair data for
server-free stateful applications)
• with Open Social embedded in a site, a site instantly
becomes a social Web site (initially running only at Orkut)
• integrated, e.g. OAuth, OAuth 2.0, Activity Streams
• http://www.opensocial.org/
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
27. OpenSocial
•
•
•
•
•
Half a year after Facebook Platform, Google launched Open
Social
Popular containers (initially): MySpace, Hi5, Plaxo, LinkedIn,
Orkut, Friendster, Six Apart
http://opensocial.org/category/showcase/ (currently)
Plugged-in applications: iLike, Slide, Flixter, Rock You, etc.
https://github.com/opensocial
•
Apache Shinding: reference implementation of
OpenSocial Specification (Social Network APIs):
•
Apache Rave: lightweight extendible platform for
using, integrating & hosting OpenSocial and W3C
Widget services (context-aware personalization,
collaboration & content integration capabilities)
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
28. Twitter APIs
• The Twitter platform offers access to the data
of more than 200 million tweets a day, via
different APIs
• Each API represents a facet of Twitter
• These APIs are constantly evolving, and
developers have to be aware of that
• http://dev.twitter.com
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
29. REST API
•
•
•
•
the API for leveraging core Twitter objects
enables access to core Twitter primitives including timelines, status
updates & user information, etc.
RESTful API calls to build a profile of a user: user name, user
Twitter handle, user profile avatar & the graph of people that user
is following on Twitter
enables interaction with Twitter: create & post tweets back to
Twitter, reply to tweets, favorite certain tweets, retweet other
tweets, etc.
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
30. Search API
•
•
•
Dedicated API for running searches against the realtime index of recent Tweets; query for Twitter content:
• a set of tweets with specific keywords,
• tweets referencing a specific user,
• tweets from a particular user
to access to data around Trends
it’s limited, e.g. index of only recent tweets (6-9 days);
no authentication: all queries are made anonymously;
some tweets & users may be missing from search
results (focus on relevance)
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
31. Streaming API
•
•
•
•
•
•
•
real-time sample of the Twitter Firehose
for data intensive needs, e.g. data mining, analytics research
allows for large quantities of keywords to be specified and tracked,
retrieving geo-tagged tweets from a certain region, or have the public
statuses of a user set returned
Public streams: public data flowing through Twitter. The primary use case
is following specific users or topics, and data mining, e.g. public statuses
from all users, filtered in various ways: by userid, keyword, geographic
location
User streams: single-user streams (all data for a single user's view of
Twitter; Requires the user's OAuth token); The primary use case is
providing updates to a Twitter client
Site streams: multi-user version of user streams (for servers to connect to
Twitter on behalf of many users); The primary use case is website and
other service integrations
Connecting to the streaming API requires keeping a persistent HTTP
connection open (different than the REST API)
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
33. Twitter for Websites
TfW: a set of products that enables websites to
easily integrate Twitter basic functions
•
•
•
•
Tweet button
Follow button
Embedded Tweets
Embedding Timelines
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
36. Issues related to
User Profiles &
Networks
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
37. Privacy Concerns
• Legal still in its infancy, but courts do rule on new behavior
• 4th amendt. to U.S. Constitution - not equipped to address SNS
• e.g., is content on Facebook accessible without a warrant?
• Truthfulness of personal profiles - subject of debate
• Privacy hard to understand (few read Terms) & misinterpret ‘Friends’
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
38. Security
•
•
security of people (sex offenders)
security of computers & data
•
with enormous numbers of users & enormous amounts of data,
sites are natural targets of spammers, phishing, malware attacks
(‘new friend malware’, ‘twitter spam’ etc.)
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
42. Bill of Rights
Fundamental aspects to consider for users of Social
Web:
• Ownership of their own personal information, including:
• their own profile data
• the list of people they are connected to
• the activity stream of content they create
• Control of whether & how personal information is shared
with others
• Freedom to grant persistent access to their personal
information to trusted external sites
http://opensocialweb.org/2007/09/05/bill-of-rights/
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
43. http://www.economist.com/blogs/babbage/2012/01/online-privacy
27-01-2012
“Having figured out how to
remember nearly everything,
it is about time people
relearned how to forget”
“Personal data is the new oil
of the internet and the new
currency of the digital
world.”
Meglena Kuneva, European
Consumer Commissioner, 2009
Issues:
•
burden on companies: it is next to
impossible to rid the web completely
of a piece of information: some
digital ripples will inevitably remain
•
where one man’s data end and
another’s begin
•
crooks may try to invoke it to have
their name struck from unfavorable
online coverage
•
it is not always clear what counts as
reporting on the internet
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
44. Privacy:
Awareness not Paranoia
•
•
•
•
"privacy paradox" = lack of awareness of the public nature of Internet
flexibility to handle friends with different conceptions of privacy
ability to control data flow inside and outside network
realize that sensitive information can be reconstructed
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
45. Initiatives
SOPA, PIPA, ACTA
•
By media industry:
• AHRA 1992 - soft
• DMCA 1998 - surgical
• SOPA/PIPA 2011 - nuclear
•
By non representatives
• ACTA - 39 countries
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
60. how do you think we
should keep people
‘awake’?
what about the
involvement of big
companies and their
desire to find out more
about our network,
behavior and interests?
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
61. the real piracy solution
may be to offer highquality, easily available
and relatively cheap
content to the users
Why wouldn’t
governments just
stimulate the industries
to innovate?
piracy as stimulus for
innovation?
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
62. Richard Foreman, playwright
“Carr argues that the Internet physically "rewires" our brain to where
we end up acting like computers — avaricious gobblers of
information –- and our grip on what it means to be human slackens.”
2008
2010
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
63. Assignment 1
Social Web 2014, Lora Aroyo! source: http://www.flickr.com/photos/bionicteaching/1375254387/
image
Monday, February 17, 14
64. Provide analysis of privacy issues on the (Social) Web
• three articles <--> three mind maps <--> main Social Web privacy issues
• write for people who didn’t attend the course (max 3 pages)
Provide analysis of current privacy-related public initiatives
•
•
•
•
•
legal contexts for privacy and ownership
compare the intentions of both initiatives (advantages & disadvantages)
your own vision on how this impacts the future of the social web
your own advise to policy makers with regards to privacy on the web.
links to Net Neutrality
Link to Hands-on session:
• what would change if SOPA/PIPA, ACTA, CISPA were active – would you
still have access to the information you pulled in for the assignments
• illustrate your answer showing what changes could appear in the graph
from exercise 4 (Hands-on session 2), explain why. (max 1 page)
• all visuals, e.g. screenshots, diagrams, in appendix, use template
Deadline: 21 February 23:59
Social Web 2014, Lora Aroyo!
Monday, February 17, 14
65. Hands-on Teaser
Installations
• Python 2.6 or 2.7
• Python packages: json, facebook, uurllib2
• JavaScript Info Vis Toolkit (jit.zip)
• Facebook Developers app
Experience OAuth
Query the Facebook Open Graph
Visualize your FB social network in various ways
Social Web 2014, Lora Aroyo! source: http://www.flickr.com/photos/bionicteaching/1375254387/
image
Monday, February 17, 14