Privacy and revocation: two sides of the same coin – a new privacy model for the social web


This is another idea I have been thinking of over the holiday season ..

It is inspired from a social network called Ecademy – of which I am a member .

Although I don’t agree with all of its policies , it still has some good members ..

As a simplified view .. There are two forms of members : The orange stars and the black stars. The black stars pay more. They have the privilege of sending messages to all their contacts.

This leads to a whole bunch of sales pitches .. for instance – masquerading as holiday greetings.

I have a very liberal and an open approach to networking i.e. I will try and meet/speak to people if I can. However, there are some who will take advantage of this .. as in the case of these spam messages.

Is there a better way to handle this going forward?

Conventional privacy models lean towards a closed, digital fortress. These can take many forms – linkedin introductions, signed applications, third party trust endorsers etc etc ..

However, these methods don’t fit the current open web ecosystem and more importantly a future web based ecosystem where there is a tendency to give up privacy with a younger generation.

So, what is the solution?

Let us first consider that social networks are increasingly going to be the primary form of interface to the Web for many of us Beyond Web 2.0: The social web or the semantic web ? and the rise of the Umbrella social networks . For many teens, that’s already the case with facebook

Unlike the Open Web, the social network has some form of structure(profiles, messages etc etc)

Hence, the proposition is: privacy and revocation go side by side

Taking the ecademy example, I found myselves ‘terminating’ i.e. blocking these irritating people. (hence the terminator picture i.e. networking like the terminator!)

Inspite of being a liberal, experienced, open networker: it is a nice feeling to stop these people dead in their tracks! And I must admit I kind of enjoy it as well.

This could be a new privacy model i.e. I will be open to contact but in return – I choose to exercise the right to terminate that contact if I need to

This is based on ‘Innocent until proven guilty’ as opposed to the existing digital fortress ecosystem(guilty until proven innocent)

Applying the principles of social networking to this scenario – it could soon become very efficient

Admittedly, the revocation engine may not work in context of the whole web but it may well work in context of a social network.

In a sense, the spam features if Gmail work in a similar way(except Google does the revocation implicitly on our behalf)

I can also see this working well with mobile social networks and for that matter any of the new, emerging social networks – all of which have an ecosystem (open or closed)

So, hasta la vista baby could take on a whole new meaning!

AKA – strengthen the revocation – not the moat bridge .. let people cross freely at the moat but always have the revocation engine as a defence mechanism



  1. Agree with the innocent until proven guilty approach. Rejection may even have a couple of reasons rather than the monolithic catchall of ‘reject’.
    To ramp up the ‘policing’ of those who spam or wildly friendadd the social network should keep tabs /stats on who is being rejected and why. That way pruning of the network (using collective intelligence about spammers) could happen either in an automated way or via admin intervention.
    I would also be interested in further automated tools that ‘find my time wasters’ which could be ran over my communications on the social network i.e. identify all those who post to me but I don’t post to them OR identify senders that I only scan their message for <2 seconds etc
    I want my social networking ‘automated butler’ to help me manage the front door.
    p.s. your preview message function doesn’t prompt for the catchpa “who publishes open gardens”

  2. “Innocent until proven guilty” that says it all. Rather than trying to build a closed digital fortress, making revocation more strong will certainly make social networks more “social”. I mean, I really don’t like concept of getting introduced to a unknown person on through the people I know. The whole reason I am there on is to get in touch with those whome I don’t and NOT to whom I know already. And I think same applies for other social networks.
    Great article!
    Thanks, Pravin

  3. Stefan Weiss says:

    Good to read that the challenge of enhancing the privacy of social network users get more attention at different fronts. However, your suggestion of revocing somebody’s access or viewing rights of your profile information only covers a small part of what information privacy actually requires. And in some social networks such as XING this type of setting functionality already exists. But information privacy goes way beyond that. The data portability initiatives today do not truly address privacy issues but rather only cover viewing and access rights. You can possibly revoce somebody’s viewing rights to your profile but what happens to the personal data you provided to one social network once that data is exported to some application developer or is scrapped from the site by an unauthorized individual? Unless we develop new methods to attach data purpose and certain usage rights to each personal data set, we will continue to care about information privacy only on the surface. At the same time personal data in all kinds of forms is spread without any kind of control by the original owner of the data. I would be interested to discuss these issues at the WebCamp event in Ireland but I am afraid I cannot be there in person. Hope to be able to follow the discussions here.

  4. Ajit Jaokar says:

    Thanks Stefan. I am also following the open social networks ideas with great interest. shall blog more soon rgds Ajit

  5. Stephen James says:

    It seems that there is a false either/or choice lingering here. Either completely closed or completely open. Even in the context of a social network, where the members are not completely vetted, I would want to have some information held close to the vest, so to speak. I see nothing wrong with getting/having to control who gets to my most personal information.