Facebook Connect and IdentityPublished on 2009-10-19 23:45:48 +0000
The more I think about Facebook Connect and identity the more worried I get. Lets start with my basic premise, your online identity is much too valuable to be controlled by a single company. We've been there before, we've seen what happens to the internet when a core technology is controlled by a single company, and Internet Explorer 6 was the result.
The problem really lies in that as a website developer I can understand exactly why Facebook Connect is so appealing, and in fact why I am likely to end up supporting it on my website for commenting and social web stuff. It's because facebook have put a lot of effort into ensuring that developing social knowledge applications for your website as easy and rewarding as possible.
If I want to support you logging in to write a comment on something I write, I have a number of possible solutions. Firstly i can outsource all the complexity to another site, like Disqus or Pluck. Secondly I can program it all myself, using OpenID, OAuth, Open Contacts and probably some other API's that I'm not a specialist in, or finally I can use the nice Facebook shim.
If I use someone like Pluck or Disqus, I still get no real control over my own users. I've still given up control to a third party, just not the identity behemoth that is Facebook. Other than through their management and reporting systems, I've got no visibility of who users are, what they are doing, or any more information about who they are than I started with. I might know that happy_boy_206 has commented twice, but I know nothing about who that user is, nor do I know when she/he just browses the website but doesn't comment.
With Facebook Connect, I can get information about users, and because users tend to stay logged into facebook at all times, as a web developer I can see when they come to my site, and what they do providing they are logged into facebook.
Even more importantly from a user experience point of view, Facebook is very easy to use. My mother is on facebook, my aunts and uncles use facebook, even most of my church and other non-technical freinds use facebook. They might wish that I wrote in English on occasion instead of technicalease, but they understand facebook. They do not have an OpenId account, or if they do (because of a yahoo account, or some other open id provider) they don't understand it as OpenId. I could create a login box that contains a list of possible accounts, including google accounts, yahoo accounts, other open id providers etc, but lets face it, the average user is likely to have a facebook account and know what it is.
Finally, the information that facebook gives to me as a website is amazing. You the user can log in, and grant my website permission to know who you are, and I get access to a large amount of your personal data. As a Web Developer, turning down that offer of access to your personal data and social graph is foolish.
So Facebook appears to be winning the identity wars, and because it's winning, it's becoming the defacto standard that can be used, and because it's a defacto standard, even people like myself who are wary of the power of the monolithic corporation need to use it's technologies.