This post is partially a response to Steve Gillmor's article Facebook's Glass Jaw and partially a response to Cody's earlier post on the same subject. I firmly believe that Facebook should allow users to export their friends data elsewhere as well as many other pieces of PII. Of course the legal ramifications of such a decision would have to be investigated in depth, but in reality I own my friendships, I own my personal information, and if I want to share said data Facebook really shouldn't try to stop me.

And yes users and user information is core to Facebook's revenue stream, but friends, events, photos, etc. aren't. Facebook makes money - it does make some money - from targeted advertising based on, I'm assuming, usage patterns and Facebook-specific information, e.g., your networks, your groups, your activity. Now I'm not talking about exporting any of that. I'm not saying Facebook should share "Here's Dary. He's 24. He's a male. Oh and he likes movies and lives in Los Angeles so serve him ads for NetFlix and Fandango movie listings." Nor am I saying Facebook should create a Twitter-like API for friends' Facebook activity. I'm talking about Facebook distributing information that I have taken time to put in myself, information that is mine. I'm friends with Jorge Mir. What's the harm in letting Google and MySpace now that? If I can have my Jorge friendship show up elsewhere do I stop using Facebook altogether? Definitely not as I mostly use Facebook for viewing friends' activity, photos, and using applications, which leads me to my next point.

The privacy argument is, to put it bluntly, a joke. There is no difference between clicking a box that says "Share some of my information with other sites" and clicking the one that says "Know who I am and access my information" when adding an application on Facebook. This BBC article brought to light just how much personal information you get from a user adding your application. And as Facebook raises worries about Google or someone else sending PII to a completely random, potentially malicious, recipient all I have to say is, "That's exactly what you're doing!!!" There's no real oversight of Facebook applications. If a user adds it and chooses to share PII with it, then it's pretty much fair game to store as much user data as you want in a db somewhere (obviously against the TOS, but I'm pretty sure ne'er-do-wells couldn't care less). It clearly ain't that hard to collect massive amounts of PII using Facebook.

So why won't Facebook let me take my information elsewhere? Because it hurts the business? Not really. I'm sure most people would spend just as much time on Facebook, it'd just save them from having to find their friends all over again on a new site. Because of the privacy issue? Please. Checking a box to share some of my PII is no different than what they're doing right now with applications. As Facebook becomes more and more of a walled garden and the adoption of OpenId and Friend Connect becomes more widespread, I actually will consider leaving Facebook because I'll just get too frustrated re-entering the exact same information and re-finding friends over and over again.

In Conclusion,

Give 'em my data!

UPDATE: Further evidence of PII leaking from facebook: Facebook’s Friends Data Has Already Left the Barn