VU University Amsterdam - The Social Web 2016 - Lecture 2

Social Web
2016
Lecture 2: What People DO on the Social Web?
Davide Ceolin (credits to: Lora Aroyo)
The Network Institute
VU University Amsterdam

Public Service
Announcement (I)
• Groups are formed
• Contact me otherwise
• From this Thursday we will have 3 labs
• Next deadlines:
• Wednesday 23:59 – slides/plan/screencast of your final
assignment
• Friday 10:00 – Post your questions about Lecture 3
• Friday 17:00 – Vote your favorite question

• Subscribing to the website is the easiest,
otherwise:
• You can vote by commenting “+1”
• Your comments need my approval
• Final Assignment Updates
• List of NI member added to the website
Public Service
Announcement (II)

Social Relationships
Social Web 2016, Davide Ceolin

People have relationships within & across different contexts:
family, sports, work, friends
In ‘real world’ it works due to a relatively small set of social
contexts & interaction opportunitieshttp://www.w3.org/2005/Incubator/socialweb/wiki/SocialWebFrameworks2#Social_Graph_Mana
gement_Today
Social in Physical World

Digital social dynamics match physical world:
friends are friends in both worlds
There are also significant differences:
• # people to interact with, not limited by
distance/time
• a person can ‘block’ or ‘manage’ relationships
• multiple systems - multiple accounts, i.e.
multi-ple digital representation (personae,
personal profiles) of a user
• personae are subject to different social norms
• personae can evolve over time
• personae are less (not) limited in scope
Social in Digital World

Accounts on different social networks, utilised in
different ways, depending on digital context, e.g.:
• friendly chat on Facebook
• professional discussion on LinkedIn
• dating on match.com
As a consequence there is a need to manage the
user profiles, identities & permissions, as well
as the data in them
Multiple SN Accounts

Problems
Maintaining a multitude of online profiles for different contexts is
cumbersome and time consuming —> not scalable
Difficult for new social networks to attract new & maintain active
members simply because of the effort involved in creating & maintaining
“yet-another-profile”, e.g. re-establishing different aspects of your profile
under yet another context
Users cannot control how their information is viewed by others in
different contexts by different social applications

for managing multiple Social Web profiles
“policy-oriented web” architecture to support
trusted services in the longer term
Architecture Needed

In one system manage your personal information:
• home address, telephone number, & best friends
• your Friends Profile gets exposed to Hives and Twitter
In another system manage work-related information:
• office address, office telephone number, & work colleagues
• your Work Profile gets exposed to Plaxo and LinkedIn
Another choice could be to store your entire profile locally with
a trusted third party, and then
• your Health Profile can be exposed to health care providers
• your Citizen Profile can be exposed to government services
For example …

Social Web User
http://www.w3.org/2005/Incubator/socialweb/wiki/SocialWebFrameworks2#Social_Graph_Manage
ment_Today

Distributed Profile
ment_Today

Social Graph
ment_Today

Social Groups
ment_Today

ment_Today
Frameworks

Opening the Sites

• Demand from application developers to make use of the
amounts of Social Web data & make their applications
available to the site members
• Demand from users to reuse data and connections they
have already established on other sites, e.g. Google+
download your data, Diaspora* download xml, download
photos
• In response: Facebook provided an API & Google
OpenSocial API
Opening the Sites

• open, decentralized standard for authenticating users
that can be used for access control, allowing users to log
on to different services with the same digital identity
where these services trust the authentication body
• making sure the users are who they say they are
• http://openid.net/
• Started in 2005 as Yadis (Yet another distributed identity
system)

http://openidexplained.com/
with OpenID, the
process starts with the
application asking the
user for their identity
(typically an openid
URI)

OAuth
• it enables users to grant third-party access to their web
resources without sharing their passwords
• largely based on: Flickr’s API Auth & Google’s AuthSub
• limitations in terms of complexity, user experience, scale
• 3 flows merged into one: web-based apps, desktop clients &
mobile/limited devices; e.g. when Facebook Connect existed
- flows for web apps, mobile devices & game consoles
• http://oauth.net/

OAuth 2.0
the application directly
requests a limited
access OAuth Token
(valet key) to access the
APIs (enter the house)
on user's behalf. If the
user can grant that
access, the application
can retrieve the unique
identifier for establishing
• focuses on client developer simplicity - providing specific authorization flows
for web & desktop applications, mobile phones & living room devices
• not backwards compatible with previous versions
• 6 New Flows
• http://oauth.net/2/

In a nutshell
What’s the difference between OAuth and OpenID?
OpenID is an authentication standard (to
prove who you are), Oauth is an authorization
protocol (to decide who can do what).

Figure credits:
http://www.phpbuilder.com/columns/sachin_khosla062510.php3
Twitter Employing

Figure credits
https://developers.facebook.com/docs/reference/dialogs/oauth
Facebook Employing

Facebook Platform
• Graph API - core of Facebook Platform, to read and write data
to Facebook (simple and consistent view of the social graph)
• Open Graph - defining Actions and Objects
• Facebook Query Language (FQL) - SQL-style interface to
query the data exposed by the Graph API
• Authentication (Facebook Login) - interact with Graph API on
behalf of Facebook users (single-sign on mechanism for web,
mobile & desktop apps)
• Social Plugins, Facebook Payments, Ads API, Chat API (via
Jabber/XMPP service), JavaScript SDK
• Deprecated: REST API, FBML, and the old Javascript API,
Facebook Connect APIs

• open standards-based (e.g. JavaScript, HTML) component
model for cloud-based social apps
• Google initiative (set of APIs) in 2007:
• People & Friends API (people and relationship
information)
• Activities API (publishing & accessing user activity
information)
• Persistence API (simple key-value pair data for
server-free stateful applications)
• with Open Social embedded in a site, a site instantly becomes
a social Web site (initially running only at Orkut)
• integrated, e.g. OAuth, OAuth 2.0, Activity Streams
• http://www.opensocial.org/

• Half a year after Facebook Platform, Google launched Open Social
• Popular containers (initially): MySpace, Hi5, Plaxo, LinkedIn, Orkut,
Friendster, Six Apart
• http://opensocial.org/category/showcase/ (currently)
• Plugged-in applications: iLike, Slide, Flixter, Rock You, etc.
• https://github.com/opensocial
• Apache Shinding: reference implementation
of OpenSocial Specification (Social Network
APIs):
• Apache Rave: lightweight extendible
platform for using, integrating & hosting
OpenSocial and W3C Widget services
(context-aware personalization, collaboration
& content integration capabilities)
OpenSocial

http://www.w3.org/2013/socialweb/social-wg-charter.html

• The Twitter platform offers access to the data
of more than 200 million tweets a day, via
different APIs
• Each API represents a facet of Twitter
• These APIs are constantly evolving, and
developers have to be aware of that
• http://dev.twitter.com
Twitter APIs

• the API for leveraging core Twitter objects
• enables access to core Twitter primitives including timelines, status
updates & user information, etc.
• RESTful API calls to build a profile of a user: user name, user
Twitter handle, user profile avatar & the graph of people that user
is following on Twitter
• enables interaction with Twitter: create & post tweets back to
Twitter, reply to tweets, favorite certain tweets, retweet other
tweets, etc.
REST API

• a set of tweets with specific keywords,
• tweets referencing a specific user,
• tweets from a particular user
• access to data around Trends
• it’s limited, e.g. index of only recent tweets (6-9 days);
no authentication: all queries are made anonymously;
some tweets & users may be missing from search
results (focus on relevance)
Search API

• real-time sample of the Twitter Firehose
• for data intensive needs, e.g. data mining, analytics research
• allows for large quantities of keywords to be specified and tracked,
retrieving geo-tagged tweets, or have the public statuses of a user set
returned
• Connecting to the streaming API requires keeping a persistent HTTP
connection open (different than the REST API)
Streaming API

REST vs.
Streaming

Twitter for Websites

Twitter Cards
Summary
Photo
App
GallerySocial Web 2016, Davide Ceolin

Twitter Cards
App Installs & Deep Linking

Issues related to
User Profiles &
Networks

• Legal still in its infancy, but courts do rule on new behavior
• 4th amendt. to U.S. Constitution - not equipped to address SNS
• e.g., is content on Facebook accessible without a warrant?
• Truthfulness of personal proﬁles - subject of debate
• Privacy hard to understand (few read Terms) & misinterpret
‘Friends’
Privacy Concerns
Burkholder, M. and Greenstadt, R. Privacy in Online Revie
w Sites. IEEE CS Security and Privacy Workshops, 2012.

http://mic.com/articles/119602/in-one-quote-edward-snowden-
summed-up-why-our-privacy-is-worth-fighting-for#.0Y3IH2w7J

Fundamental aspects to consider for users of Social Web:
• Ownership of their own personal information, including:
• their own profile data
• the list of people they are connected to
• the activity stream of content they create
• Control of whether & how personal information is shared with
others
• Freedom to grant persistent access to their personal
information to trusted external sites
http://opensocialweb.org/2007/09/05/bill-of-rights/
Bill of Rights

http://www.economist.com/blogs/babbage/2012/01/online-privacy
Issues:
• burden on companies: it is next
to impossible to rid the web
completely of a piece of
information: some digital ripples
will inevitably remain
• where one man’s data end and
another’s begin
• crooks may try to invoke it to have
their name struck from
unfavorable online coverage
• it is not always clear what counts
as reporting on the internet
“Having figured out how to
remember nearly everything, it is
about time people relearned
how to forget”
27-01-2012
“Personal data is the new oil of
the internet and the new
currency of the digital world.”
Meglena Kuneva, European
Consumer Commissioner, 2009

• "privacy paradox" = lack of awareness of the public nature of Internet
• flexibility to handle friends with different conceptions of privacy
• ability to control data flow inside and outside network
• realize that sensitive information can be reconstructed
Privacy:
Awareness not Paranoia
http://www.independent.co.uk/news/world/australasi
a/paedophile-websites-steal-half-their-photos-from-
social-media-sites-like-facebook-a6673191.html

http://edition.cnn.com/2014/01/15/tech/web/net-neutrality-explained/
Net Neutrality
http://www.truth-out.org/news/item/21659-democrats-introduce-bill-to-restore-fccs-net-
neutrality-rules

Initiatives
SOPA, PIPA, ACTA
• By media industry:
• AHRA 1992 - soft
• DMCA 1998 - surgical
• SOPA/PIPA 2011 - nuclear
• By non representatives
• ACTA - 39 countries

http://thenextweb.com/twitter/2012/01/27/twitter-isnt-censoring-you-your-government-is/

Follow-up: CISPA
http://www.theguardian.com/technology/2015/jul/06/hacking-team-
hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claim

http://tacma.net/

image source:
http://www.flickr.com/photos/bionicteaching/1375254387/
Assignment 1

Provide analysis of privacy issues on the (Social) Web
• three articles <--> three mind maps <--> main Social Web privacy issues
• write for people who didn’t attend the course
• Use the concept maps from the lectures  Attempt to make one merged concept
map (from all the concept maps) on the issue of Privacy on the Social Web by
indicating which parts of it come from which papers or other material
Provide analysis of current privacy-related public initiatives
• legal contexts for privacy and ownership
• compare the intentions of both initiatives (advantages & disadvantages)
• your own vision on how this impacts the future of the social web
• your own advise to policy makers with regards to privacy on the web.
• links to Net Neutrality & the right to be forgotten
Link to Hands-on session:
• what would change if any of the initiative mentioned in the lecture were active, e.g.
SOPA, getting documents out of search index – would you still have access to the
information you pulled in for the assignments?
• Illustrate your answer showing what changes could appear in the graph from
exercise 4 (Hands-on session 2) and explain why.
• Do the same exercise with thinking about the formats and the ‘the right to be
forgotten’, what does need to be altered or added in order to support such an act
from technology point of view.
Deadline: 19 February 23:59

Installations
• Python 2.7
• Python packages: json, facebook, uurllib2
• JavaScript Info Vis Toolkit (jit.zip)
• Facebook Developers app
Experience OAuth
Query the Facebook Open Graph
Visualize your FB social network in various ways
image source:
http://www.flickr.com/photos/bionicteaching/1375254387/
Hands-on Teaser

VU University Amsterdam - The Social Web 2016 - Lecture 2

More Related Content

What's hot

Viewers also liked

Similar to VU University Amsterdam - The Social Web 2016 - Lecture 2

More from Davide Ceolin

Recently uploaded

VU University Amsterdam - The Social Web 2016 - Lecture 2

Editor's Notes