As you know from my posts on my other blog I am a huge fan of Open Innovation. I define open innovation basically as honest community building for the general advancement of a group of people or for the good of the technology. I usually think of the Apache Software Foundation as one of the best models for this. I know that some folks tend to get involved in ASF for the good of their company, but with Apache, if you do this, the members pretty much cite you on lists for not working for the good of the community, and your reputation is pretty much tarnished right there and then. Not only that, with the incubation process that Apache uses, it pretty much weeds out folks who might be doing just that.
I've been closely following the OpenSocial movement that Google has kicked off over the past few days. Initially I was really excited about it - with all of the freaking APIs out there, it's a terrific idea to create common APIs so that devs have less to learn when building for multiple sites. And what a roster of partners there - Salesforce, Ning, etc etc. Very cool.
That said, as I was reading my RSS this AM, little subtleties started popping up, like this nice entry from Bob Warfield's "SmoothSpan" blog talking about the authentication scheme of OpenSocial's APIs. From Bob's perspective, this is a "leaking" of information that Google will, in the end, be able to access and pull information from. He states:
The preferred approach (to be authenticated to the API) is to use your Google account, a mechanism they call AuthSub. Can you see where this is going? If everyone who uses an app has a Google account, and is logged in while they use the account, Google has the treasure map. They know how all the names link up across all the Social Networks. Pretty cool, eh?
Now, I haven't gone through this process, so as a disclaimer I have to note that this may not be 100% true, but it sounds pretty fishy to me, as a community person. Is this really how this works? Is Google in the end accessing all of this data? Google is pretty smart then, I'd say. Data is power, as we all know.
Now, a bunch of folks have picked up on this here, and there's been an onslaught of MSFTers posting on this (of course). But there are some other folks coming out and jumping to this conclusion as well, including Danny Ayers, Marshall Kirkpatrick, and a handful of others. I'm still waiting on the Redmonk guys to jump on this with their take.
I'm not a fan of control when it comes to community - I prefer to have a self-governing community. And I'm interested to see how Google and their new partners in the OpenSocial network respond to this. I for one wouldn't want all of my information accessible to vendors who have their own personal best interests at heart. In the end, I think it's a double-edged sword: you get the common APIs which mean easier development, but you might have to give up some privacy here as well. I guess we'll see which one wins in the ongoing debate on community v. vendor control. /LC