So yesterday, Mark “FinkD” Zuckerberg’s little Californian social network called “Facebook” (you might have heard of it) announced a new feature called “Graph Search”. Graph Search lets you not only search for People and Pages, like the site currently allows, but also lets you throw much more complex queries at the Facebook database, such as “show me dentists in London recommended by my friends who live in Stockholm”. Or something less insane. But something is missing. Something absolutely HUGE: The Open Graph.
Open Graph
I’ve covered the Open Graph in a few posts recently, it basically lets you integrate the things you specialise in with Facebook’s own specialisms (posts, relationship statuses, photos, events, etc.). Let’s say you’re a travel agent. You could create a “Holiday” object, which has information on it such as the departure and return dates, the destination (always useful to know), and maybe even the price. And then you “publish” this holiday into the Facebook graph by posting a link to a page on your local website which has the correct OpenGraph information in its header (the code behind that you don’t see, but your browser, and services like Facebook use to find out what your page is all about).
“Bob’s Holidays now offering a 2 week stay in Orlando, Florida for £300.”
Let’s say somebody likes this offer. And then somebody else comments on it. This object is now part of the social graph. People have become “connected” to this “holiday” object and through meaningful connections. To “like” something is very deliberate (and that is very valuable information to advertisers, which is why Facebook is such a potential gold mine for advertisers) and associates a user with an object.
But apparently this Open Graph is a 2nd class citizen in Facebook’s all-encompassing Social Graph…
The Elephant NOT in the Room
Yesterday’s presentation said that the Graph Search feature would be limited to:
- People
- Places
- Photos
And that’s your lot. No holidays from Bob.
But it’s the holidays from Bob that you might be really interested in. You might want to know, “show my friends who have had a great time on a holiday from Bob’s Holidays”, or, “show me pictures taken on a holiday from Bob’s Holidays”.
Until these queries can be answered, the Graph Search is only a small step forward.
But there is a much more worrying thing about the way they are releasing this. As a software engineer, I know exactly how I would build this Graph Search, and I know exactly how I would MapReduce the crap out of the interconnected graph nodes. But I would find it difficult to limit it to just People, Places and Photos. That would involve extra programming to test if a graph node is a particular type (like “Place”) and discard it if it isn’t (like “Holiday”).
This limitation concerns me because it reveals a flaw in the way Facebook stores its data and (most importantly) how it connects privacy information to that data. Everything should be equal in the Graph, whether it is something Facebook own (people, places, etc.) or a holiday that Bob has posted. They should have the same privacy model attached to them (“Only Me”, “Friends”, “Everyone”, etc.).
But they don’t.
Open Graph Objects are ALWAYS Public
“[Open Graph] Objects are public entities that reside on the internet and must be available to Facebook’s “scraper”. All information defined in an object should be considered as public. You should anticipate that all information is easily accessible to anyone on the internet and therefore, no sensitive information or information that is exclusive for a user or set of users is stored.”
And this makes sense, of course. To create an object, you write a webpage, host it somewhere, and then you tell Facebook about it by posting it on Facebook. Facebook’s servers then look at the page, read the Open Graph information in the header, and then incorporate it into its own Graph so it can be liked, commented on and stuff.
In order for Facebook to gain access to your page, it must be on the public Internet, and thus is inherently “always public”. Everybody can always see every time you Like an Open Graph object. But what if you don’t want that “Like” to be public?
Fixing Graph Search
The only option available to Facebook is to allow the creation of Open Graph objects entirely within, and hosted by, Facebook. That way they can control the security model around the object, while also giving their servers full blown access to it, to figure out what it is and how to best make use of the data stored within.
Unfortunately, this has its own set of problems. It would turn Facebook into a walled garden, and that’s bad.
That’s bad for sharing, integration, connectivity, and allowing authors of Open Graph objects to be flexible with their implementations.
Back to Square One
So now we understand why Open Graph objects are a 2nd class citizen – i.e. no security model around them – it suggests why Facebook may want to treat them differently.
But I still don’t get it.
From a technical perspective, you just treat them as things that DO have the same security model attached to them – but assume it’s always set to “Public”.
Gah. There’s something amiss here that I can’t grasp. And the time it’s taken (“3 years” says Graph Search lead, Lars Rasmussen of Google Maps and Google Wave (RIP) fame) is indicative that the way data is structured in their data centres may not be as formal as one might imagine. And that the objects within the system (both software object and the data objects) are separate, somehow. #
Perhaps Facebook’s “hacker” mentality is coming back to bite it.
Apologies for the narrative runaround, although it has helped me to formulate a theory: Facebook’s graph is broken. I can’t wait to get my hands on the developer API for Graph Search and either prove my theory, or be proven wrong. Time will tell.
Hopefully the latter. I actually quite like Zuck’s big blue company…