Yahoo says it’ll sell bookmarking service, a reminder that we exist online at other people’s whims

UPDATED

(Please see the note at the bottom of this piece.)

Yahoo says it will try to sell its Web bookmarking service, Delicious. This news, posted on the Delicious blog, comes a day after widespread reports — unchallenged until now by Yahoo — that the company was shuttering the service.

One result of the earlier reports was a frenzied search for a new social bookmarking service to replace what many people, including me, have used over the years to stockpile and organize links to online material we’ve found interesting. A second result was a further hit to Yahoo’s declining reputation.

But the most important result may ultimately be what this move, among others. does for public understanding of the role of Internet service providers of all kinds. As Amazon.com’s recent takedown of the Wikileaks site it was hosting demonstrates, we are at the whims of the companies that provide the services, and they are increasingly demonstrating that we should be highly skeptical about their commitment to our data’s longevity.

We put our data — our websites, photos, bookmarks, email and more — on their sites. But they can, and do, change their terms of service at will, doing what they please with what we’ve put on their servers. And sometimes they just shut down the services they’ve been providing. They may do it for good reasons, or absurd ones. It doesn’t matter. The point is, they can.

As noted here some months ago, we all need a Plan B for just about everything we do online these days. If we give others a choke point over our communications, we are inviting them to throttle us.

Note: The original version of this piece said Yahoo was closing Delicious. That was based on a variety of credible — and, as noted, unrefuted — news stories that started appearing more than 24 hours ago. They were based, initially, on a Twitter posting that linked to a screenshot taken at an internal Yahoo meeting. The screenshot, which has now been taken down, had Delicious among a group of Yahoo services that were being “sunsetted,” which is corporatese for end of life.

Whatever Yahoo’s intentions with Delicious, my points here stand. Even if the service is sold, a new owner might radically change the terms of service (as Yahoo itself could do at any time). The users’ insecurity remains, whatever the ownership may be.

Attacks on WikiLeaks are part of an attack on free speech, aided by the companies that make up the Web’s backbone

UPDATED

The WikiLeaks affair is highlighting the Internet’s soft underbelly: the intermediaries on which we all rely to store our information and make it available. We are learning, to our dismay, that we cannot trust them. Combine that with increasing government intervention, we’re also learning that the Internet is somewhat easier to censor than we’d assumed.

This should worry anyone who believes that we’re going to move our data and online lives into the fabled “cloud” — the diffused online array of hardware and services where, proponents say, we can do our online work, play and commerce without the need for storing data on our own personal computers. Trusting the cloud is becoming an act of faith, and it’s time to question that faith.

And the situation should absolutely chill everyone who believes in free speech — and especially the people who call themselves journalists. Sadly, however, too many of them have been cheering on people who want to make WikiLeaks disappear. Do they realize that it could be their own turn someday?

WikiLeaks has been under attack all week from governments that want to hide their misdeeds, not just legitimate secrets. That’s unsurprising, to put it mildly, despite the hypocrisy of official Washington’s loathing of Internet blocking in other countries while it works so hard to make it happen here.

The government and other anti-WikiLeaks forces don’t have even the thinnest legal case for taking WikiLeaks off the Internet, however — much less the news organizations, here and abroad, that are discussing the leaked diplomatic cables contained in the latest trove — and they know it. So they’re attacking the intermediaries, and they’re getting results.

WikiLeaks had put some of its trove on Amazon.com’s “Web services” servers — a system designed in part to help third-party websites meet extraordinary demand. But as the Electronic Frontier Foundation notes, WikiLeaks

found itself kicked off of Amazon’s servers earlier this week. WikiLeaks had apparently moved from a hosting platform in Sweden to the cloud hosting services available through Amazon in an attempt to ward off ongoing distributed denial of service attacks.

According to Amazon, WikiLeaks violated the site’s terms of service, resulting in Amazon pulling the plug on hosting services. However, news sources have also reported that Amazon cut off WikiLeaks after being questioned by members of the staff of Senate Homeland Security Committee Chairman Joe Lieberman. While it’s impossible to know whether or not Amazon’s decision was directly caused by the call from the senator’s office, we do know that Lieberman has proposed “anti-WikiLeaks legislation” and that he has a history of pushing for online censorship in the name of “security.”

Amazon’s statement isn’t just full of doublespeak and nonsense. It’s already been shown to be false in at least one respect: an untrue assertion that WiikLeaks was publishing willy-nilly the documents without vetting them to redact the names of people they might put in danger. In fact, as Glenn Greenwald has noted, news organizations have released far more of the documents than WiliLeaks has itself posted. But Amazon’s terms of service do give it the right to remove just about anything it chooses, for almost any reason or, effectively, no reason at all.

That’s Strike 1 to our faith in the Internet. We are all, to one degree or another, forced to rely on the good will of larger enterprises that host and serve the media we create online. So when a company as big as Amazon — and it’s huge in the Web services arena — yanks down content this way, it is demonstrating that we cannot fully trust it with our content, either. And if Amazon, a powerful enterprise, can be bullied, which one can’t?

Strike 2 came with the news that EveryDNS — a company that helps Internet users find specific Web addresses via the Domain Name System. — had booted WikiLeaks off its service. An analogy: Suppose your local library removed the card for a book you wanted from its catalog. The only way you could find the book would be to look through all the shelves. This is roughly what EveryDNS did.

Strike 3? Look at what the U.S. government has done in several recent cases involving alleged copyright infringement and other violations of intellectual property laws. Notably, the Department of Homeland Security seized 82 domain names based on allegations — with no notice to the domain holders and no proof beyond persuading a judge to sign a take-down order. This was accomplished even without the help of aproposed law, making its way through Congress, that would give the government the right to take down sites based, again, on allegations.

Between what’s already happened and the floodgates that would open with such a law, sensible people are terrified about the censorship power here.

You would imagine this would spur America’s journalists to raise the roof. Free speech is in jeopardy, and the people who should be protecting it with the most tenacity are talking about Julian Assange’s weirdness.

UPDATE: The Library of Congress has blocked access to the WikiLeaks site from its computers, saying in a statement quoted by Talking Points Memo:

The Library decided to block Wikileaks because applicable law obligates federal agencies to protect classified information. Unauthorized disclosures of classified documents do not alter the documents’ classified status or automatically result in declassification of the documents.

This is even more absurd than Amazon’s incoherent rationale. By this standard, the library should ban from its hallowed halls all kinds of investigative journalism that cited classified information, starting with gobs of material from the New York Times and Washington Post.

Such knee-jerk responses from people who should know better are beyond disappointing. Does the Librarian of Congress know about this? If he does, and if he supported the decision, he’s disgraced his profession and institution.

(Note: I’m an Amazon sharedholder and a supporter of the EFF. To that end, I donated some Amazon shares this week to the EFF, which I’m convinced at this point has a greater appreciation of free speech than does Amazon.)

The FTC’s proposal is a potentially useful improvement in our woefully inadequate online privacy

Americans have become so numb to the relentless erosion of our privacy that we tend to view even small advances with skepticism, if not outright cynicism. Such is the case with yesterday’s Federal Trade Commission proposal for a “do not track” system, whereby people could tell online marketers that they don’t want their online activities to be captured and used by websites or online advertising firms.

The FTC’s report is just that: a document with no regulatory power. But FTC Chairman Jon Leibowitz told reporters in a conference call that the commission will urge Congress to act if the industry doesn’t “step to the plate.” I take the need for congressional action as a given, since the online industry’s self-regulation has ranged from weak to bogus.

What’s best about the FTC’s approach is its recognition of reality. It calls for a multilayered approach to enhancing privacy. One piece is to encourage websites and services to build in privacy protection from the ground up. This is laughable, given the industry’s record of bolting privacy on later, if at all, not to mention the currently enormous economic incentives to abuse it.

Another principle is transparency: Tell us, in clear language, what you’re tracking and how you’re doing it. Privacy policies on most websites and services take hundreds to thousands of words, in the densest legalese, to tell us we have no privacy and that’s tough. In today’s world, sorry to say, clarity would only mean language like this: “We can do pretty much whatever we choose with your data, and you can take us or leave us.” Not good enough, either.

The best principle is countermeasures, technical and, perhaps, regulatory. I use a variety of protective plug-ins for my Firefox browser. But I’m under no illusion: The technologists who create the privacy-invading tools are better funded and just as smart as the protectors — and so far, they’re winning the arms race. I would pay for a browser that really, truly blocked the spies or fed bogus data back to them. What I don’t know is whether there’s a sufficiently large market to support it.

A do-not-track list is a mostly regulatory approach. Saying we want it is a lot easier than making it happen in a way that works as intended and doesn’t create massive new privacy problems. For one thing, contrary to some of the commentary about the proposal, it wouldn’t be precisely analogous to the hugely popular “Do Not Call Registry” that has greatly reduced those annoying dinnertime phone calls from people pitching crappy products, loser stocks and beachfront property in Kansas. The online tracking, in theory, is designed in part to help marketers pitch us products and services we might actually want, based on what we do online. In a system that worked to preserve real privacy, which the current one does not, that would be the opposite of annoying.

There are many reasons to question whether a do-not-track system could even work as intended. For one thing, as privacy expert Lauren Weinstein has noted, we’d have to create some kind of unique identifier to notify the marketers and digital trackers. Wouldn’t this become a ripe target for abuse?

For another, many people are still getting junk phone calls, albeit at a reduced rate, and the callers are using digital technology to disguise their origins; over time they could well make the registry a nice idea that ultimately failed. If we know anything about the people creating the online spying tools, it’s that they are ingenious and resourceful. Mere laws and regulations won’t end the abuses.

Online tracking, even if the trackers have good intentions, is so worrisome in part because we don’t generally have much knowledge of what’s happening to us — and because the online spies are going way beyond the bland assurances we’ve heard in the past. For example, few people would object to having a news website track what we do on that site. If the New York Times knows what I’ve read on nytimes.com, it can do a better job of showing me material I might want to see there.

The tracking gets offensive when it crosses boundaries — and it almost always does these days. As Ed Felten, the Princeton computer scientist who just joined the FTC as chief technologist, explained at Wednesday’s event, the potential for harm soars when online trackers create a centralized database, “connecting the dots between consumers’ activities at different times and places to build up a profile of what a person has been doing.”

The tracking companies, as noted, are clever. Yesterday’s Wall Street Journal article on device “fingerprinting” — essentially creating unique identifiers that can’t be removed — was another example of why we should not trust the tracking companies’ bland assurances that they have only our best interests in mind.

The Journal has taken the journalistic lead in looking at this matter. While its seemingly endless series about online privacy has had some glaring flaws — not least of which the newspaper’s too-hysterical tone and tendency to conflate the big abuses with the small ones — it’s also educated me (and I try to, uh, track this stuff) about things I didn’t know, such as the fingerprinting advances.

The Journal, which does its own share of online tracking, has another horse in this race, of course. It charges for much of what we can read there, via a paywall that is one of the news industry’s only successful such initiatives. Its corporate parent, Rupert Murdoch’s News Corp., is pushing its other properties in that direction, with initially pathetic results. Murdoch, meanwhile, has been in full-rant mode for several years about what he sees as the need to end the era of “giving away” the news, or at least trying to pay for online news via advertisements only. So when you read the Journal’s series, make sure you have that perspective on its own corporate interests.

But we should recognize a reality in any do-not-track world: To the extent that online spying has been a revenue source for companies providing products (including news) and services, the loss of that revenue will mean A) website investors will get less return on their money; B) we’ll get less of what they’ve been providing us; C) sites will find new ways to attract online advertising that’s less targeted to individuals, which would mean more irrelevant ads; or D) we’ll pay more directly for what is subsidized today — most likely some combination of all of those options.

Option D is OK with me. I pay now for the Journal’s website and several others (such as Consumer Reports), and would be willing to pay for some others, ideally in a bundle of top-quality information services. I’d expect lots of activity in that vein if real privacy measures ever take hold, but I don’t dispute the widely held belief that most people have come to take “free” — a word that should almost always be enclosed in quotes — for granted and would be, at best, reluctant to pay directly for what they use.

All I know for sure is that the online trackers are expanding in their invasiveness and creepiness. It’s time we pushed back, and hard.

* * *

Some folks did push back, and are continuing to do so, in another privacy attack that got tons of press last week. I’m referring to fliers’ outrage at the federal government’s deployment of “porno-scanners” in airports, and the deep groping techniques Transportation Security Administration personnel impose on fliers who decline to go through the scanners.

Traditional media latched onto a specific protest movement, in which fliers were urged to refuse to go through the scanners the day before Thanksgiving, the busiest day of the year in most airports. When that ill-advised protest predictably flopped, some media reports declared that Americans didn’t care all that much about the invasive nature of the new rules, or not enough, at any rate, to make much of a fuss. And a variety of commentators — most from traditional media — lectured the people who had had enough of government encroachments on privacy, or at least this one. “Grow up,” they said, as if they were grown-ups and the rest of us were wayward children who needed to be reminded of our place.

We’re not kids, and we’re not going to let this go. Not only is the effectiveness of these scanners questionable — and the safety of the newer X-ray machines in sufficient doubt to avoid them — but the groping is plainly designed, in part, as punishment for people who dare to say no to the scanners.

Once upon a time, journalists challenged government to prove its worth. Today, too many journalists bow and scrape to keep their access to the rich, powerful and influential people who run this country. With too few exceptions, especially in Washington, they want to be members of the club, and their work tends to show it.

The social networking giant wants all of your conversations to happen on its site. You should think twice.

UPDATED

Facebook wants you to live, online, in Facebook.com, and it wants to be the main repository for your online identity. Its new, all-in-one messaging system will encourage more people to do just that.

Which is why, despite the overall smartness of the initative, I believe people should be wary about using the Facebook Messages platform. I don’t believe Facebook should dominate people’s online experiences, and the idea of the company becoming the de facto online identity holder is downright scary. Before I discuss why, let’s look at what the company announced on Monday in San Francisco.

The rumors over the weekend focused on e-mail. Pundits said, wrongly as it turned out, that Facebook was launching what some called a “Gmail killer,” a nod to Google’s hugely successful system.

This is much more ambitious. As Facebook founder and CEO Mark Zuckerberg said, it will combine users’ e-mail, SMS, instant messages and, assuming they’re already Facebook users (a reasonable assumption), Facebook messages into a single flow of information. (What’s missing? Well, direct messages in Twitter…) The system, to be rolled out over the next few months, will store messages from individuals in the form of conversations — everything two people have communicated to each other.

With an emphasis on the real-time nature of the communications Facebook encourages — which means being connected to the site at all times — Zuckerberg positioned e-mail as a flawed and old-fashioned, if still occasionally useful, method of staying in touch. Facebook Messages, as the new service is called, is the future, he said.

The assumptions are that A) most users are already on Facebook (with 4 billion messages a day flowing through the service, a lot of them are); B) they have a list of “friends” there; C) those friends have lists of friends; and D) that this will be the primary collection of people they all want to hear from. Users will see three folders: Messages, typically containing conversations from Facebook friends and, maybe, friends of friends; Other, such as messages from people who aren’t Facebook friends; and Junk. Users can move people from one folder to another.

UPDATE: I’m already wondering how people are going to deal with what’s sure to be an enormous amount of messages showing up in what amounts to a mega-inbox , and especially when it all happens in something close to real time. My IM window isn’t front and center on my computer, because I don’t sit around waiting for someone to message me. Data overload is bad enough already; this could make it worse. Moreover, I tend to compartmentalize messages, on purpose, because they have different qualities (and often quality) depending on what kind of messaging is being deployed.

Facebook intends various kinds of messages to be seamlessly available on various platforms: personal computer, phone and other mobile devices. Users will be able to get e-mail addresses at facebook.com (for example, given my Facebook user name, I’ll automatically be able to claim dangillmor@facebook.com).

In a feature that Facebook thinks is great — and will thrill law enforcement and divorce lawyers — every conversation will be captured for posterity, unless users delete specific messages or entire conversations. Do you assume that the people with whom you communicate are saving every text message and IM? You’d better.

That’s only one of the things that makes me cautious about the service. Facebook’s privacy record is spotty enough already; trusting the company to archive and protect my communications? Not so likely.

Asked if voice conversations were going to be part of this, Zuckerberg said, essentially, not in the product’s first iteration. I take that to mean it’s coming. Video too? Why not? The infrastructure Facebook has created to house all these services is impressive and obviously designed to be extensible to other kinds of media.

The clear goals of all this are, first, to suck you further and further into the Facebook ecosystem and, second, to further reinforce the notion that your identity on Facebook is your only serious online identity. I see mostly negative consequences, personally, of allowing either of these to become the default.

We should all be uncomfortable about moving more and more of our cyber-activities into the embrace of a single company — and I don’t care if it’s Google (one reason I rarely use Gmail) or Facebook or anyone else. Facebook has federated its “Like” button all over the Internet, so it’s not trying to entirely capture your browsing and communications, but in the process it’s turning its service into a glue — replete with extremely granular data about what you do online — that should make everyone cautious about putting so much power into a single enterprise’s control. Easy to use, which Facebook certainly is, does not equate with good for you in the end.

And the notion of letting Facebook essentially capture my identity online is not just disturbing, but dangerous. As noted, the company has shown repeatedly that its assurances on privacy are at best treated with skepticism. But that’s only part of the issue. If you let Facebook become the method by which you are known online, you are giving it permission to start charging you for the privilege someday. The only party who should own your identity online is you.

I grow more and more impressed by the technical and social vision of Facebook. That’s why I also grow more and more wary about following it.

Social networking giant moves swiftly to be the central reality in your digital life

One of the obvious missing pieces in the Facebook data arsenal has been granular location data — knowing where its users are and what they’re doing. The modest but genuine inroads we’ve seen from startups such asFoursquare and Gowalla, among others, proved that at least some members of the latest generation of Internet users are willing to share their location, among many other things, with friends, colleagues and maybe everyone else.

So last evening’s rumor-confirming rollout of Facebook Places, a location check-in service that has a lot in common with what’s come before, wasn’t a big surprise.  Facebook is nothing if not eager to incorporate other companies’ innovations into its own core services.

The launch demonstrated a number of Facebook’s qualities. On the positive side, the Places pitch also included the notion that we need to get out from behind our screens, PC and mobile, and join each other in the physical world. Can’t argue with that, even if Meetup.com has been years ahead in the hugely important recognition that one of technology’s greatest values is in bringing people together to collaborate on offline goals.

The company insisted it had made a serious effort to create meaningful and, if desired, somewhat protective user privacy settings, and it does look possible to stay out of the location service if you wish while still using the service’s other features. Yet the bias — as always with Facebook settings — aims to get you to say Yes to sharing, not No.

The breathtaking über-ness of the initiative shone through in what a company vice president, Christopher Cox, described as a goal: essentially to aggregate history itself — or at least tomorrow’s version of it — around users’ locations, doings and what they’ve told each other about both.

And Facebook will be holding it all in its corporate databases, creating a data set that advertisers will surely find irresistable. (In my case, no thanks — but this is a topic for another day.)

Facebook’s not alone in having vast ambitions, of course. Google, for example, has major social-networking plans of its own and no small amount of location expertise. So presuming Facebook doesn’t succeed in its goal to become the Internet that most people use — Internet users will need to figure out that Facebook isn’t really their friend — a healthy competitive marketplace could still emerge. Will it include the innovators who have helped bring location so prominently into the mix?

When Foursquare and Gowalla shared the stage with Facebook executives, you had to wonder what they were thinking. Certainly they seemed to celebrate their new partnership. Maybe it’ll all work out, but technology history suggests other possibilities.

When Microsoft was the despotic ruler of the personal computing software world in the 1990s, it had a strategy some called “embrace and extend” — to develop software that had the functions someone else had already created and then to extend it in ways that would tend to freeze out others. In time, that phrase morphed, according to Microsoft’s rivals, to “embrace, extend, extinguish.”

Maybe the earlier location services have the kind of deal with Facebook that will give them what they need to grow. If I were one of their investors, I would not be betting on this outcome.

I’d be betting more on an updated riddle (which I first heard in the 1990s in relation to dealings between Apple and IBM):

Q: What do you get when you combine Facebook and Foursquare? A: Facebook.

***

Coverage I liked by other folks:

• Caroline McCarthy, CNET: And now, one check-in to rule them all
• Harry McCracken, Technologizer: One Big Reason Why Facebook Places Beats Foursquare: Clarity of Identity
• Adrian Chen, Gizmodo: The First Thing You Should Do with Places: Don’t Let Other People Tag You
• Walt Mossberg, Wall Street Journal: Facebook Checks In to the World of Locations

Our Web browsing habits are under growing surveillance. Can we fight back?

UPDATED

The next time you leave home, are you willing to have someone follow you with a video camera? The idea would be to record every step you take, everything you look at and especially everything you purchase. That information would be available to people you don’t know and whose specific reasons for wanting to see it — apart from wanting to know your habits better so they can sell you things — are considered none of your business.

This is the rough equivalent of what happens when you browse online these days, and not just at shopping sites. Data surveillance by marketers, as the Wall Street Journal is describing in a series of articlesthat started running over the weekend, is one of the online world’s “fastest-growing businesses.”

The main article begins by describing the eerily granular information that online surveillance and marketing companies have learned about Ashley Hayes-Beaty, a 26-year-old woman in Nashville, without her direct knowledge or permission. Then we are told:

In between the Internet user and the advertiser, the Journal identified more than 100 middlemen — tracking companies, data brokers and advertising networks — competing to meet the growing demand for data on individual behavior and interests. The data on Ms. Hayes-Beaty’s film-watching habits, for instance, is being offered to advertisers on BlueKai Inc., one of the new data exchanges.

“It is a sea change in the way the industry works,” says Omar Tawakol, CEO of BlueKai. “Advertisers want to buy access to people, not Web pages.”

The Journal examined the 50 most popular U.S. websites, which account for about 40% of the Web pages viewed by Americans. (The Journal also tested its own site, WSJ.com.) It then analyzed the tracking files and programs these sites downloaded onto a test computer.

As a group, the top 50 sites placed 3,180 tracking files in total on the Journal’s test computer. Nearly a third of these were innocuous, deployed to remember the password to a favorite site or tally most-popular articles.

But over two-thirds—2,224—were installed by 131 companies, many of which are in the business of tracking Web users to create rich databases of consumer profiles that can be sold.

To be sure, the Journal’s coverage is lurid — more so than necessary to make the point. And the series, at least so far, doesn’t address the disturbingly huge amount of information collection and sales by the shadowy offline industry that combines our credit-card, banking and other information into a gigantic data bazaar over which we have little or no control.

That said, the Journal’s coverage is valuable in at least one respect: It explains just how pervasive the surveillance has become and with what indifference the people doing the surveillance view your privacy.

They will say, with some truth, that it’s all in the interest of creating advertising and services aimed at your interests. Why, then, do they cloak what they do in such opaque ways?

My friend Jeff Jarvis, who leads an unusually public life, says the Journal is telling us nothing we don’t already know. Granted, the fact that websites have put cookies and other user-observation mechanisms on our computers is not news. But do we all know that tracking systems have become not just ubiquitious but also disturbingly interlinked? I pay fairly close attention to this field, and the Journal series has opened my eyes a bit wider; for those who have a vague idea of what’s going on, the stories may well come as a nasty shock.

I’m closer to what another friend, Doc Searls, concludes: This is creepy, and we need to turn it around. Doc, a Fellow at the Harvard Berkman Center for Internet & Society, writes:

There is no demand for tracking by individual customers. All the demand comes from advertisers — or from companies selling to advertisers.

For now.

Here is the difference between an advertiser and an ordinary company just trying to sell stuff to customers: nothing. If a better way to sell stuff comes along — especially if customers like it better than this crap the Journal is reporting on — advertising is in trouble.

Here is the difference between an active customer who wants to buy stuff and a consumer targeted by secretive tracking bullshit: everything.

Two things are going to happen here. One is that we’ll stop putting up with it. The other is that we’ll find better ways for demand and supply to meet — ways that don’t involve tracking or the guesswork called advertising.

Doc is working on a project to create “Vendor Relationship Management,” turning on its head the idea that sellers should manage customers. Rather, he says, we should be the ones in charge.

At best, getting there from where we are will take years. What do we do in the meantime?

It’s encouraging to see that venture funders have “spotted a new market opening and are pumping millions of dollars into privacy-related start-ups,” as the Journal reported last month. What we need, sooner than later, are tools to manage our own privacy.

When I browse I use several extra tools in the browser that help me block unwanted spying. In particular, Firefox has a well-developed add-on ecosystem including BetterPrivacy (for “super-cookies like Adobe’s irritating Flash plug-ins) and NoScript (lets me specify by domain). Whatever browser you use most, you’ll probably be able to find ways to block at least some unwanted behavior. I’m testing Abine‘s tools, which go much further than others (too far, by some accounts), as well.

One thing I don’t do is block cookies from host sites. I don’t mind at all if a website I use regularly — especially a site offering me services at no charge — wants to keep track of what I do there, or ask me to register. These are entirely fair tradeoffs.

What I mind a great deal is when that information becomes cross-referenced with what other sites and services learn about me. What I do at the Journal’s site (which I pay for, making further data collection even more outrageous, in my view) is emphatically not the business of, say, Dictionary.com, or vice versa. Yet I have no clear idea if they or third-party data collectors are sharing or cross-referencing, or what they’re doing with the data if they are.

The alleged transparency efforts by data collectors is an illusion of openness. Read the various privacy statements and disclosures, not  just on the sites you’ve visited but the third-party trackers they don’t always tell you about, and if you can decipher it all you’re a lot smarter than the rest of us. It’s obfuscation and plainly designed to be.

A few years ago, when supermarkets started offering frequent-shopper cards that provided discounts in return  for creating shopper databases, some people I knew came up with a clever idea. They met once a month and put their cards into a hat, then drew someone else’s card out of the hat and used it. This clearly violated the spirit of the bargain, and probably the letter, too. But it reflected a wise mistrust of the corporate motives behind the shopping cards, especially because it was not clear what would happen to the data.

I suspect we’ll need to do things like this on the Web, too. Until we have vastly more transparency from the companies collecting, massaging, renting and selling this information, I’ll be inclined to mislead the marketers.

The Library of Congress and other preservation-minded organizations ponder how we preserve what we’re creating

They’re trying to save the news. Among other things.

No, this isn’t yet another thumb-sucking cogitation about the future of journalism, at least not the kind we typically see these days. Rather, this is about a different issue: How do we save journalism (and other media) that’s already been created — including the all too ephemeral information that we’re creating online?

This week in Washington, DC, the Library of Congress is gathering its “Digital Preservation Partners” for a three-day session — one of a number of such meetings the library has been holding under a broad initiative called the “National Digital Information Infrastructure and Preservation Program.” Its multi-year mission is:

to develop a national strategy to collect, preserve and make available significant digital content, especially information that is created in digital form only, for current and future generations.

It’s what my technology friends call a non-trivial task, for all kinds of technical, social and legal reasons. But it’s about as important for our future as anything I can imagine. We are creating vast amounts of information, and a lot of it is not just worth preserving but downright essential to save.

My role this week, and at a workshop I joined last year, is to be thinking about the news. My mind almost explodes when I consider the issues.

Even when there were relatively few community information sources — mostly newspapers — we had preservation issues. I started my newspaper career at a small weekly that has long since closed down. While I’m sure someone, somewhere, has a printed copy of the issues, the journalism is nowhere to be found online. And what happens when a newspaper with some printed archives and some online shuts down? Sometimes those archives go dark, too.

Even newspaper archives that exist online tend to live behind paywalls that prevent most people from using them. This greedy policy, which I’ve discussed before, has helped ensure that newspapers are less relevant in their communities than they should be.

A newspaper company I worked for deleted years worth of my blogging, twice. Once was when it changed publishing platforms. The second time was after I left the company. With some technical help I recovered and republished most of it myself.

TV and radio broadcasters have tended to save tapes or digital archives, though huge gaps have emerged in the record. Remember, storage used to be expensive.

The rise of citizen media has complicated everything. Now we had vast new sources of information, some useful and some not. (Kind of like traditional media, no?) Who had the obligation, if there was one, to save this material?

Well, we have the wonderful Brewster Kahle and his team at the Internet Archive to thank that a bunch of it still exists (including my old blogging that we recovered, no thanks to the newspaper company that killed it). The reality, however, is that much of the Web — not to mention many if not most of the great BBS conversations of earlier times — is lost.

After last year’s digital preservation meeting I suggested that we needed better ways to do our own archiving of blogs and other social media. I still believe the Library of Congress, Internet Archive and other preservation-minded folks should help the rest of us with this task.

The social question arises about people who don’t want to save what they’ve done.? Do they have a right to delete it? The Archive will take things down on request. But once you’ve put something up publicly, isn’t it public?

It’s not just a social question, but a legal one, now that judges areordering newspapers to delete archived stories. It’s a legal issue as well because copyright laws are constantly getting in the way of reasonable use of published material. The entertainment industry has taken us down a troubling path in this regard, and things are only getting worse.

And then there’s the entire question of material we create spontaneously, using databases that provide individualized experiences when we seek information. This isn’t just about search queries but about many kinds of community information sources; what you and I see when we visit Everyblock may well differ based on what we type into the text box. The only people archiving this stuff are the ones who own the databases; will the rest of us every have a look? Privacy interests say that we should not reveal it, but historians in the next century and beyond would find this absolutely crucial to their understanding of our times.

Happily, smarter people than yours truly are working on all of this. I’ll be filing some reports from the Washington meetings, to let you know what they’re thinking.

Zuckerberg’s evasions about FB’s evolving privacy policies raise new questions about the company’s intentions

Some of the tech-world buzz today is about Facebook founder and CEO Mark Zuckerberg’s astonishingly poor showing onstage at this week’s Wall Street Journal conference, All Things Digital. Make no mistake: His fumbling, rapid-fire, sweat-drenched appearance was probably the most cringe-inducing at the D gathering since Jerry Yang and Sue Decker, then CEO and president of Yahoo, spent many minutes several years agofailing to explain what business Yahoo was in.

On Wednesday afternoon, Zuckerberg repeatedly ducked some fairly simple questions about Facebook and its notoriously evolving privacy policies — rules and default settings that have led many, including me, to mistrust the company and its intentions. In fact, his fast-talk evasions deepened my sense of unease.

What attracted much of the notice, especially from media covering the event, was his extreme perspiration, which more than a few commentators called Nixonian. (This is a reference to a TV debate Richard Nixon held with John F. Kennedy in 1960 when they were running for president; Nixon’s sweaty, shifty appearance in the first-ever event of its kind is widely seen as one of the reasons he lost the election.)

The Nixon comparison is, of course, a big stretch — and it distracts from the much more serious issues.

For one thing, Zuckerberg’s panic attack — which is the most charitable explanation I can come up with — raised more than a few questions about his fitness as CEO of one of the biggest companies on the Web and, increasingly, one of the most important companies on the planet.

The “he’s young, give him a break” folks have half of that right. He’s young, just 26 years old, and has the obvious smarts (and a solid senior team) to get his P.R. efforts in better shape. But give a break to someone who wields such influence? Not likely.

I don’t know Zuckerberg personally. Several people I know well, and who know him well, say he’s deeply thoughtful about what he and his talented team at Facebook are creating. And his admission of having said and done regrettable things when he was a much younger college student — Facebook was founded at Harvard, where he was an undergraduate — was at least a sign of some self-awareness.

But I absolutely do not trust him or his company’s intentions. Facebook’s P.R., and Zuckerberg’s recent statements on privacy, claim a deep concern for users’ privacy. Their actions tell a different story. Repeatedly, Facebook has expanded the user data and postings it makes public by default, as this compelling visualization by IBM’s Matt McKeon shows. The evidence suggests that the company’s policy is to push and push the boundaries, roll back when enough people complain, and then keep pushing.

This is worrisome enough. But consider, among many other Facebook aims, its goal to essentially own personal identity on the Web — identity that you use to sign into all kinds of other sites. If Facebook becomes the default user ID for the Internet, it will have a power that no single company should own, period.

Facebook’s legions of fans, and most of its users, plainly find this line of thought silly. They keep signing up and using the service for more and more of their activities. They may regret their info-promiscuity someday, but maybe Zuckerberg is right that people really don’t care, and maybe there will be no consequences for not caring. Although we all need to cut each other some slack about the foolish things we all say and do, especially when we’re young, I’m also convinced we need zones of genuine privacy, and that we should not turn over our Web presences to a single company, even one we might trust. (I’ll be writing more about this in an upcoming post.)

For now, when I watch Facebook, I hear echoes of Silicon Valley in the late 1990s, when the standard of behavior changed. What was acceptable was what you could get away with. That’s a corrosive way to do things.

Like many other people, I have a Facebook account. One reason is to keep track of what’s happening in the planet’s largest social network, including what application developers and users are doing there.

Another is that some of my friends — actual friends — are using the site. Facebook helps me stay in touch.

But the privacy fiasco of the past few days has left me feeling that I really can’t entirely trust Facebook, even with the limited amount of things I’ve said and done on the site since I got an account several years ago. Maybe I’m over-reacting — and I continue to admire the company’s accomplishments in many other ways — but that’s just the way it is.

Why don’t I feel safe and sound in their benevolent hands? Because although some of the changes they’ve made in their privacy settings are actually helpful, they are suggesting that users share much more of their data and other information, much more widely than ever. Facebook’s extremely smart leaders know perfectly well that the majority of users are likely to accept these suggestions, because most people say yes to whatever the default settings are in any application.

I wasn’t very happy with my Facebook situation in any case. Early on, I said yes to just about everyone who asked me to “friend” them, including people barely knew and some I didn’t know at all.

The privacy changes — and my continuing uncertainty, given the number of pages you have to look at to modify your settings — made me realize I’d rather take fewer chances. So I’ve made a fairly drastic change.

This morning, I deleted my account. Then I started a new one.

Actually, I scheduled the old one for deletion several weeks from now, which is all Facebook allows. The company figures, perhaps correctly, that some people will have made this decision rashly and wants to give them a way to reconsider. And it’s clearly in Facebook’s interest to avoid as many cancellations as possible for business reasons.

It wasn’t easy to figure out how to delete the account, which no doubt is part of the company’s strategy, too. If you go to your Settings page, the only option in this realm is to “deactivate,” not delete.

But a little searching on the site turns up this Facebook Group called “How to permanently delete your facebok account” (more than 35,000 members) — which in turn reveals this link to a delete-account form.

Before I did the actual deletion, however, I went to my Account Settings and opened up the Username option. I’d previously set my username to “dangillmor” so my Facebook URL would be facebook.com/dangillmor, and wanted to be able to use that again. I changed the username to something else, and only then did I delete the account.

Then I started a new account, using a different email address, and set the username to match the old one.

Next up was a check of the default privacy settings for new users. They’re pretty un-private, in my view, sharing way too much with people you don’t know. I systematically went through the various screens — Facebook makes this chore both annoying and obscure, perhaps on purpose — to ratchet down the settings to something I can live with.

Look, we all know what is Facebook’s best interest: exposing to search engines and advertisers the largest possible number of pages by among the largest number of people willing to create stuff and make it all public. Marketers drool at what they can do at Facebook if the company will only let them, and Facebook’s entirely rational goal, like almost every other Internet company’s, is to make profits in almost any way it can. What’s in the corporate interest, however, doesn’t necessarily match what’s in my interest, or yours.

So I’m still at facebook.com/dangillmor — though my real Web homebase is dangillmor.com — with just two Facebook friends at the moment. I’ll be adding more, but not in any hasty way.

UPDATE: Wired News explains How to UnFacebook Yourself.

And Jason Calacanis asks, “Is Facebook Unethical, Clueless or Unlucky?” I vote mainly for the first.

Searching for Thomas Crampton

Industries that talk proudly of the “content” they offer — raise your hand, journalism organizations — have a special need to preserve what they’ve created in a consistent and easy-to-find way. Content, in this context, includes the links that people have been using to find it.

You would imagine that the news industry would understand this. If so, you would be overestimating the industry’s collective common sense.

A current case in point is what the New York Times Co. (a company in which I, perhaps stupidly at this point, still hold a bit of stock) just did to my friend Thomas Crampton and a host of other journalists whose work has appeared in the International Herald Tribune (owned by the Times) in recent years. In an open letter to the NYT chief executive, “Reporter to NY Times Publisher: You Erased My Career“, he observes:

The IHT website earned an ever-increasing pagerank due to all of the blogs and sites linking to stories there. (Based on the number of Internet pages linking back to a site, pagerank starts at 1 and rises to 10. A page with a Google rank of 5 will show up higher than a page with a Google rank of 3 and the IHT.com grew to match nytimes.com at a Google rank of 9. You can check pagerank of any site here.)

So, what did the NY Times do to merge these sites?

They killed the IHT and erased the archives.

No doubt, the Times will eventually make his and other IHT journalists’ articles available again via search through the mother ship’s own archives. But not preserving the URLs is truly foolish move.

Thomas isn’t alone among media folks in this content carnage, as he reported in a follow-up posting. Changing the URL structure of websites is a too-common event. Even if, as is the case most of the time, the originals are still around, disappearing the links is tantamount to hiding the original material.

In my case, when I worked for Knight Ridder, what happened was considerably worse. My former employer deleted my entire archive of blog postings — not just once but twice.

The first time, Knight Ridder moved all of its Web properties to a centralized system. This was part of a move decreed by the bosses who’d been sold on the notion that homogenizing the company’s content — and, more importantly, centralizing the display advertising engine — would be a brilliant business move. I question that, by itself, but I can assure you it was a stupid journalistic move to wipe out years worth of what I’d been creating for Knight Ridder.

The second time came after I left the company. I was offered a CD of my blog archives before the site was turned off, but I don’t recall ever receiving it, and by the time I realized I didn’t have anything it was too late.

I was enraged, both times. And entirely powerless to do anything about it.

I’ve learned my lesson. Anything I write — for myself or for someone else — is backed up on my machines under my control. I’m creating a cloud backup as well. I realize that there are circumstances under which I could lose even those copies, but I can’t make my stuff 100 percent safe.

This applies in spades to other kinds of things we store online. As far as I know, practically every service you use reserves the right to delete your account. Some of them will give you an opportunity to download what you’ve posted, but you should not even count on that when push comes to shove, especially in when economic pressures are as high as they have become today. 

The point is that I no longer rely entirely on the good graces of other people, including employers, to preserve what I’ve created, much less keep it available for you to see. I try to rely on myself.