Feeds

Zuckerberg admits fallibility over Gmail block

'But you must understand: I believe in OPENNESS'

Protecting users from Firesheep and other Sidejacking attacks with SSL

Facebook founder Mark Zuckerberg isn't sure that Facebook is "100 per cent right" in preventing Google's Gmail and other third-party apps from automatically importing email addresses from the social-networking service. He says that the company is still weighing the possibilities — and that it believes in openness.

"We're trying to think through these things and be respectful of all the forces that are at play," Zuckerberg said on Tuesday evening at the Web 2.0 Summit in downtown San Francisco. "One thing that we do care a lot about: our value system errs very strong on the side of openness and portability. That's why we built [Facebook] Connect, the single largest system that allows people to bring data from one system to another that's ever been created."

Google has long complained that Facebook doesn't offer an API that would allow users to automatically export email addresses from the social networking service — a complaint that came to a head earlier this month when Google cut off Facebook's access to Gmail's Contacts API.

Using the Google API, Facebook had offered its users the option of importing their contact names and email addresses from Gmail. But Gmail was unable to offer its users a similar import from Facebook, and in blocking access to its API, Google hopes to force a Facebook reversal.

Before expressing some uncertainty over Facebook's stance, Zuckerberg echoed previous claims from within the company that it was preventing exports because users didn't really "own" the email addresses of their Facebook "friends".

"Email is a little bit different from social networks," he said. "In an email program, if you have an address book, you put all the addresses in there, so that's very much your information. In a social network...if you upload a photo album or a blog post, that's yours. But there's information that's clearly not yours, [such as] someone else's photo album. But then there's information that's somewhere in the middle — maybe a photo you took but I tagged.

"What are my rights to that? What should I be able to do with your email address if we're friends and I can see your email address?"

And he indicated that he's just doing what Facebookers want him to do. "The feedback we get on a regular basis from hundreds and millions of people is more along the lines of 'we want control of all the information we put into the site,'" he said.

That, of course, cuts two ways.

Google did not immediately respond to a request for comment. But its stance is unlikely to change in the wake of Zuckerberg's moment of self-reflection. Earlier this week, Facebook rolled out a new messaging system that gives users the option of adopting an @facebook.com email address. As part of this roll-out, according to Facebook engineering head Andrew Bosworth, Facebook is allowing the automatic export of those @facebook.com handles, though not others.

But this didn't draw a response from Google. Clearly, Mountain View wants complete reciprocation.

Zuckerberg may say that Facebookers don't "own" their friends' email addresses. But surely they "own" the addresses they've imported from services such as Gmail. And during Zuckerberg's Tuesday appearance, it was pointed out that Facebookers can manually download their friends' addresses if they want — and that his arguments sounded like sophistry.

But Zuckerberg reiterated that the situation was "not black and white." And later in the conversation, he repeated that he's not sure the company's policy is the right one.

Whether this admission of fallibility was premeditated or not, it was a semi-effective way of deflecting the repeated complaints over Facebook's policies — from Google and from countless Facebook users. But what Zuckerberg didn't acknowledge is that Facebook does allow users to export email addresses into some third-party apps: namely Yahoo! Mail and Microsoft Hotmail. The social networking giant has partnerships with these two large Google competitors which allow for the free exchange of data.

So, in some cases, it doesn't matter if he's 100 per cent sure. ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.