Nathaniel Borenstein
by

Goodbye Facebook! We Barely Noticed You Were There!

A bit less than four years ago, Facebook decided to get into the email business. I wrote a blog entry at the time, warning it a bit about what it was getting into.

Facebook announced the closure of its email service earlier this year. Facebook emails will automatically be forwarded to whatever email address Facebook users have listed as their primary one.

Facebook announced the closure of its email service earlier this year. Facebook emails will automatically be forwarded to whatever email address Facebook users have listed as their primary one.

I warned it about the technical complexities of email, and the pitfalls that required email veterans on the team to avoid repeating. I really thought the biggest problem it faced might be technical. I figured that with its brand, it certainly had ‘market permission’ to enter the email space.

But we never got a chance, really, to find out how good Facebook mail was, because almost nobody used it. I didn’t see that coming, because I thought that there was potential value in integrating Facebook messaging with email. I should have known better, though, because I made a similar mistake back around 1982.

In 1982, I was developing and maintaining email clients for a couple of timesharing systems of the day, when I discovered that two future friends were developing a bulletin board system and a calendaring system for the same environment. We decided that what was really needed was to integrate all three into a single user interface that streamlined everyone’s communication.

We called the system BAGS, after our last names – the Borenstein Anderson Garlan System. It was modestly successful, and was maintained for many years after I moved on. But people didn’t use it as a single user interface. Some used it for both email and bulletin boards, but separately, as if the fact that they were all one program was something they needed to work around. Like Facebook, we found that users just weren’t drawn to the kind of ‘universal interface’ that draws computer scientists like moths to a flame.

It turns out there are good reasons why people have always had multiple communication mechanisms. The characteristics of a communication technology, coupled with the community rules, standards, and customs that develop around that technology, inevitably result in a mechanism that’s better for some things than others.

If you need to send me a message, what’s the difference between email and instant messaging? It’s not just a matter of whether you’re using a laptop or a phone, because either can be used either way. But when you’re using a laptop, you’re likely to be in a more relaxed or serious environment, so it’s natural to compose an email, which is likely to be longer, more nuanced, funnier, or otherwise more complicated than seems right for an instant message. On the other hand, if you’re running across an airport, dashing off an instant message will be rather more appealing. And if you’re like me, you’ll sometimes dash off an instant message to yourself, reminding you about a more complex email you need to send.

Facebook was one of the pioneers of social networking, which as a communication medium is radically different than email. People use it to communicate with whole groups of friends or relatives at once, and they think of themselves, generally, as operating in a semi-public forum. Email feels (rightly or wrongly) more closely controlled and limited in distribution. Combining two media that differ in important aspects is a recipe for confusion, and users intuitively resist it.

The email world and the Facebook world often leak into each other, but that doesn’t mean users want them to merge. The best email programs have user interfaces that are highly evolved to what users expect from an email medium – features that make it well suited to complex threads of discussion, but less well suited to ad hoc group discussions with your friends’ friends. Merging the two doesn’t necessarily make things simpler – the features of one can actually get in the way of the other.

The bottom line is simple: email is very, very important to a lot of people, and they are wary of anything that might weaken its usefulness. If Facebook had set up its email service to be entirely independent of the social networking system, it might have been able to attract users, and then gradually introduce carefully selected features that connect the two in useful ways. Perhaps that’s how it’s planning to approach its acquisition of WhatsApp; if it’s sufficiently cautious in how it integrates the two services, it might well succeed.

So, while we are saying goodbye to Facebook mail, perhaps it’s not forever. There’s still plenty of room for innovation in email, in social networking and in the spaces in between. But it’ll take a more open, incremental and modest design to succeed.

by

Three Predictions for the Future of the Web

The World Wide Web (WWW) celebrated its 25th anniversary on March 12th. This event got me thinking: the Internet and the WWW have already transformed the world in many ways – some predictable, some not – but what’s in store for the next 25 years as Internet capabilities continue to grow? From my perspective, the future could bring either a better Internet or a worse Internet than what exists today.

The future could bring either a better Internet or a worse Internet than what exists today.

The future could bring either a better Internet or a worse Internet than what exists today.

As it stands, we’re lacking in cooperative international efforts when it comes to Internet governance. Such governance will be crucial, as the Web continues to evolve, if we want to maximize its benefits and minimize its unwanted side effects, particularly in three key areas that could have a big impact on society:

  1. Healthcare: The ever-growing power of our computing devices will have profound implications for healthcare. For instance, we could see implantable networked devices become commonplace. These devices will offer great benefits, such as detecting and preventing diseases by alerting individuals and their medical professionals of vitamin deficiencies, irregular cell counts, degrading organ functions, or even early-stage cancer. These same devices, however, could do more harm than good – from revealing personal medical information to triggering a heart attack – if they fall under the control of malicious actors.
  2. Crime Prevention: Surveillance technology and its regulation are already a hot topic today. But we’ll have much more to contend with in another quarter century, as Internet capabilities continue to advance. Continuing miniaturization will probably mean that we’ll have effectively invisible cameras nearly everywhere – even embedded in our clothing. On the one hand, recording the daily actions of citizens worldwide may bring a major decrease in crime, as visible crime becomes less likely to succeed. But on the other hand, uncontrolled surveillance may bring forth a flood of intrusive snooping from government agencies, corporations, and other entities. As such, we’ll need to continually and carefully consider how such surveillance technologies should be used, and to consider measures such as mandated transparency to allow us to ‘watch the watchers.’
  3. Technology’s Impact on Manufacturing: Technological advances over the next 25 years are likely to result in widespread adoption of 3D printing, allowing people to print things at home that would otherwise require whole industries. This could result in a boom for home invention, with things like new design innovations coming more quickly to market. It’s possible that the Internet will once again rewrite supply chains, likely to the detriment of traditional manufacturing. We could experience a further shift to an economy based not on the supply of physical objects, but digital ones.

Each new application of Internet technology seems to offer us the choice between a dream and a nightmare. Recent developments, notably the internationalization of ICANN, appear to be steps in the right direction, toward an Internet governed for the good of the many rather than the few and powerful. But the fight for a better Internet will continue, and constant vigilance is required.

by

Happy 25th Birthday World Wide Web. The Next 25 Years Are Looking Good – Mostly

The World Wide Web turns 25 today, and since its invention by Tim Berners-Lee, we have experienced tremendous social, personal and cultural shifts in how we share, access and consume information.

These changes will be dwarfed by what the next 25 years will likely bring. Nearly every part of our work and personal lives will be changed, including how we communicate, socialize and work, as well as our healthcare, travel and public services. Some of these changes will be obvious to us, others not so as the technology continues its assimilation into the invisible fabric of our lives.

Today is the 25th anniversary of the world's most powerful communication engine - The World Wide Web.

Today is the 25th anniversary of the world’s most powerful communication engine – The World Wide Web.

The web and Internet will be a key enabling infrastructure for wearable and embedded computing, robotics and more. The enormous role of this technology in our lives raises critical questions not just for technologists, but for policy makers and ordinary citizens as well.

Any anniversary like this is a good time for reflection. I’ve been thinking about some of these changes, and how they will impact the next 25 years, despite how tough it is to ever predict the future of technology.

While we can look forward to positive changes brought on by the Internet, the web, and technology in general – things like a reduction in crime due to tiny networked cameras nearly everywhere, and medical advancements – it is also clear that without a coordinated international effort, these same technologies could be used by criminals, result in social isolation, or cause a rise in privacy-destroying surveillance.

As we consider the future of the web, I thought I would take the time to create, in partnership with colleagues at Mimecast, a series of posts exploring some personal views on the future we can expect from the Internet – looking at both the good and the bad.

So, Happy Birthday World Wide Web, and thanks for inspiring our attempts to look deeply into the future! Check back later this month for my first blog post in this series.

by

Business and Personal Email: Not the Same Privacy Game

I was delighted to be asked this week to contribute to TechRadar – in case you didn’t see the article, you can find it here. In it, I explored the differences between privacy of work and personal emails. Conscious that some of our blog readers might not have seen it on TechRadar, I thought it would be useful to repost it for you all…

Organizations carry a serious responsibility for reporting, governance and legal or regulatory compliance.

Organizations carry a serious responsibility for reporting, governance and legal or regulatory compliance.

…I love email. I use email every day for communication and collaboration in every aspect of my work and private life. It has been a feature of my life for decades. A personal email between me and someone else is just that, personal and therefore private – sacrosanct. No ifs or buts. But my work email is a different matter. I appreciate that my business and personal email don’t operate within the same standards of privacy. More to the point – I shouldn’t expect them to. That’s why I have two different email addresses.

Organizations carry a serious responsibility for reporting, governance and legal or regulatory compliance. Every communication is part of a chain of evidence an organisation is expected to be able to report on if needed, and email is the archive where the majority of this information exists. It’s where we all do business.

But all too often we bring expectations of freedom and privacy from our private lives into the workplace. We’re uncomfortable about the idea that our employer can enforce ‘appropriate use’ policies or archive email with the right to review it if needs be. Well, we shouldn’t need to be concerned about this, because our employer should help ensure that we don’t need to put anything personal in corporate email.

Understanding the Inside and the Outside

First of all, business email is nearly always operated by or for the business, as a dedicated domain with a clearly defined “inside” and “outside,” bounded by a gateway. Inside the boundary, the company has rights and expectations of control over the information, while anything can happen outside. Consumer email, for example, may be viewed as “always outside” in this formulation. Business email that crosses the gateway, in either direction, can be subject to a variety of checks, restrictions, and other processing, which is not the case for consumer email.

In theory, a company has complete control over any information that passes through its gateway. Among the likely jobs of this gateway are:

  • Spam filtering. This is usually done in both directions: to prevent outside spam from getting in and to prevent internal machines (perhaps hijacked by a virus) from sending out spam and tarnishing the company’s reputation.
  • Data Loss Prevention (DLP). Whatever the business, it’s not uncommon for employees to send sensitive information outside the company, whether intentionally or by accident. However, if a company can define the characteristics of sensitive information, which could be as simple as the words “Do Not Redistribute”, then the gateway can automatically enforce restrictions against sending such information outside the company.
  • Large file modification. Internet email operates with size limitations that seem small by today’s standards and, vary from site to site. Email messages that total more than ten megabytes are highly likely not to be delivered. As an alternative, gateways can replace large file attachments with simple links and make the files available from a web server, with or without some kind of user authentication requirement.

 Internal Complications

While these external gateways may seem complicated, business email is further enriched with more complexities inside the gateway, none of which are concerns for consumer email.

  • Security. Most computer security failures come from within the company, most often because an employee has unintentionally allowed malware to infect their machine. This can happen even with the most secure gateway in the world, as users can be tricked into downloading the malware, most often via the web or a USB storage device. Once a machine is weakened, it can easily be used to disrupt all communication-related security. While consumer email can also be compromised, the consumer depends on a service provider to deal with the problem, while a business, and especially the IT manager, needs to worry about it for its internal network.  Such disruptions can wholly or partially shut down a company’s email system, or can even cause critical information leaks.
  • Privacy. Although all corporate email characteristically belongs to the corporation, it is generally considered important to isolate the mail for each user, so that they can’t all read email to Human Resources or the CEO. This requires a certain amount of effort for account maintenance and administration.

Legal and Regulatory Issues

Finally, most businesses operate under legal and regulatory restraints that are simply not relevant to consumers. Here are a few examples:

  • Archiving. There is a strong and highly specific business need for archiving. Some companies want to keep all their information forever, while others want assurance that it’s completely removed after a certain amount of time. (Legal requirements can strongly constrain such policies.) Both of these are tricky to do right; keeping information forever requires disaster-proof practices, while complete purging has to account for such pitfalls as back-up tapes.
  • Compliance. In many industries, legal or regulatory requirements place considerable burdens on corporate communication. Beyond archiving, which is often mandated, there are often regulations (such as HIPAA in healthcare in the USA) regarding the treatment of sensitive information. For a company that is not in the communication or compliance business, it can be hard to know what regulations apply, let alone how to comply with them all.

So when all is said and done, if we want to continue to benefit from the power of email in our business life we need to recognize it is a different tool at work than home. Our business email has to operate under different standards of privacy, much like other forms of business communication. Once we take these concerns into account, we might even find we use email more effectively and create less risk or problems for our businesses in the process.

Of course, all of this depends on employers maintaining reasonable policies about occasional use of personal email while at work. If you expect me to accept the rules about corporate email, you should give me a way to occasionally access my personal email from work when it really matters. Otherwise, you’re forcing me to use corporate email to talk to my kids’ doctor, and I’m far less likely to view the privacy limitations of corporate email so benignly.