An admittedly-rumor-based-but-still-thought-provoking post from John McCrea:

…a source who-shall-go-un-named shared with me that Facebook has just quietly launched a “single sign on” initiative designed to put them in position of de facto cross-site identity monopolist.

I’ve been saying for awhile that MySpace could get-back to relevancy if they became an OpenID provider.  Not much of a surprise that Facebook would be working on the same thing (they’re smart) … and not much of a surprise that they would take a proprietary approach (worked pretty well so far) …

The only prediction I want to make is that the name for their single-sign-on service will notbe something the tech community currently uses (’single-sign-on’ and anything with ‘identity’ are out).  Facebook changed ’social network’ to ’social graph,’ ‘blogs’ to ‘Notes’, a ‘website’ to ‘Pages’ … maybe they’ll just call it ‘Sign On’?  Or just ‘Login’?  Place your bets.

And on the you-own-your-identity-data-side, there’s also lots of action …

At the end of my explanatory Portable Social Graphs post, I said that I would talk about ‘getting there’ in another post.  Here’s that part of that promise.

There are three technologies that are coming together to make portable social graphs happen: OpenID, Oauth, and Higgins.

• OpenID and CardSpace is the distributed framework for single-sign-on across multiple sites.
• OAuth is a protocol that lets users grant sites the ability to access their data on other sites using tokens (instead of storing their user/pass).  The first draft was just released.
• Higgins is a very loose data model for storing nodes, node data, and link information (ie: a social graph, among other things). 

Put these things together and users can very-easily login to numerous sites (OpenID), can allow those sites to share data amongst one another (Oauth), and the those sites can communicate data in a standard way (Higgins, in conjunction with a schema dictionary/translation service to explain the differences between site’s data models).

I should note that all of these things have been around for awhile.  OpenID is really old, Higgins is moderately old (2003), and oAuth is about six months old.  Why do they matter now?  Because they needed each other.

[One technology I’ve left out of this document is Microsoft’s CardSpace/InfoCard.   Even though I find it one of the most compelling and most-easily-understood identity concepts (we all understand business cards, credit cards, club cards, etc), it’s backed by Microsoft too strongly to succeed amongst web developers out there.   Higgins seems to have subsumed part of the idea on its own and although it might take longer to get the code going, I’d guess it’ll have wider adoption than Microsoft’s initiative. Note to self: Read more about I-cards and Higgins…]

So now that we’ve got the tech, all the big sites will switch over tomorrow we’ll all have portable social graphs?  Not so fast.  Users need compelling reasons to use the technologies above.  Time to create them.

Attending the Data Sharing Summit last weekend inspired me to talk about “Identity Rights” and “Portable Social Graphs” with my friends.   As such, I’ve gotten pretty good at elevator-pitching the big ideas that (I think) comprise the identity-rights and portable social graph movement.  Here’s my take…

First, there is a movement to educate-and-then-encourage users to demand more ownership and control over the data they enter into web sites.  This includes, at the basic level, the profile information (name, eye-color, birthday) and connections to other users on the site (lists of friends).  Many sites own the data that users put into their systems, and users should at least be aware of this and, ideally, once-aware, the users will demand the site to be a custodian of their data rather than an owner.  There is a movement to develop a Creative Commons like Identity-Rights-Agreements that let sites communicate to users how their identity data will be used.

The second aspect is technological.  Once users have the ability to import/export their online identities (including their personal social links) from sites, then technologies (data structures, protocols, interfaces, permission management) to transfer online identities must be agreed upon to manage the interoperability.  One important point about all this: portable/interoperable social graph does not mean a centralized graph; people have different groups of contacts (friends/coworkers/family/etc), and a portable graph simply means that these can be transferred easily, not necessarily aggregated into a single graph.

Once you have these first two pieces working, the social graph becomes part of the underlying ‘platform’ of the internet, rather than an asset owned by only a few sites (Facebook, MySpace).  In this future, companies must compete on the quality of their services using the social graph rather than simply competing to own the social graph. 

The world described above will look different but will not be unrecognizable.  There will still be a place to “find about friend’s activities” (Facebook or MySpace).  There will still be a site for “professional networking” (LinkedIn or Xing).  What will be different will be the proliferation of competitors in each space and the thousands of new sites built on top of the previously unavailable social graph.  These new sites will not necessarily be “social networks” but more like “social applications,” utilizing the underlying social graph to do things we haven’t even considered yet.

Sound cool?  Yeah.  Just need to get there.  And that’s for another post…