JD on EP

From other spotchecks I've made I see that Dave Winer is asking a similar question, but doesn't cite the answer either. Marc Canter replies that Google will let anyone store such shared social data (which immediately brings up data-integrity questions), but Marc C doesn't cite source info either.

My first thought, when I heard of this initiative, was "If Dick Cheney proposed the same thing, would it receive the same reception?" Without answers to the "proprietary data" question, it's hard to tell what the actual long-term issues might be.

(People often talk about "proprietary code", without realizing that it's pretty much a non-issue when you're trying to use code running on Other Peoples Machines. With Apache or Firefox you can tweak your own installation, but you can't adjust the Firefox on someone else's machine... matter of fact, you can't even prevent the Greasemonkeying of your own pages, at least not that I've heard discussed. What I think is more important is whether the digital bits you create -- whether media, or pure data such as your surfing habits -- is under your control, or under the control of strangers. I'd like to know what data Google, Yahoo and the rest store about me... such proprietary data silos are a far more significant issue than whether application code is included with an application capability.)

Anyway, I'm not sure what the actual score is on this "Open Social" initiative, and the fact that I couldn't quickly determine the core reality worries me a little. If you can cut through the excess talk and lead me to the meat I'd appreciate it, thanks.

John, if you're not sure, why are you leaving FUD comments all over the web? [jd sez: WTF !?!]
The OpenSocial APIs are a way for Gadget authors to use the social network data from the Container in a lightweight way. Neither the Gadget or the Container is necessarily anything to do with Google. In addition to the People APIs, there is a Persistence API that lets Gadgets store per-user data in the container, but Gadgets may prefer to keep this on their own servers. Finally there is the Activities API that allows Gadgets to post updates to a users Activity stream.
So, the short answer to 'where does the data live' is 'wherever the Gadget decides', for data created with that Gadget; for the People and Friends data it lives where it is now, in the Social Network's databases.
If you want to read about the APIs in detail there is plenty of information at:
http://code.google.com/apis/opensocial/docs/

Kevin didn't appropriately disclose his affiliation, but he works at Google.

I persist in asking in order to receive an answer, of course.

You have not replied. In this proposal, where does the data live? ("Not in the Container but in the Gadget" is not a meaningful reply.) And how can we consumers prevent Google from adding our relationship data to its proprietary and opaque databases on us?

I don't think Kevin needed to disclose that he is affiliated with Google.

[jd sez: Yes, you do need to make clear to even the most casual reader your self-interest in a discussion. This is very clearcut with employment; less clearcut with other forms of self-interest.... (In fact, an inadvertent confusion on this very subject later prompted the origination of the phrase "corporate blogging".)]

The simple fact is that did you John go straight to the source and read the documentation on the OpenSocial API? I can't see CNET having the answer that you are looking for since they are not the ones who developed OpenSocial.

[jd sez: Read what I wrote. This blogpost was written before the Google docs were available, after spending significant time reading the best available materials of the time. That's why I asked for help. When the Google docs did appear, I did read them, but they did not address the core and central issues of consumer privacy and private, proprietary databases. If I were in Google marketing, that would be the *first* issue I'd address. It's their biggest vulnerability. They need to responsibly disclose.]

I do indeed work at Google; sorry for not making that clearer. How have I not replied? Can you clarify the question, please. What data are you referring to?

The 'people and friends' data lives in the Container, but some of it is revealed to Gadgets. The data you tell the Gadget could be stored in the Container or on a server belonging to the Gadget's implementer. If either the Container or the Gadget is a Google one, it will be on Google servers; otherwise it won't.

John, the Flash Player can digitize video and audio of me and send it to a remote website. If the Government proposed adding this capability to web browsers, what would you say? How can I prevent Adobe adding video and audio of me to its proprietary and opaque audio and video surveillance databases?

If that sounds inflammatory, step back and re-read your comments and think about it.

Core question: Where does the data live, who can access it, and how can we public citizens opt out from exposing our lives to Google's private, opaque, and proprietary databases on our lives? It's all up there in the original paragraph.

(Player riposte is a red herring, on which I've already attempted to help Kevin in the past. Whenever the Player activates your mic or cam you explicitly grant access to that particular domain, on a per-session basis, with an option for perpetual access for that particular domain you trust. Rephrased: Adobe has zero access to your cam, unless you happen to visit an Adobe site which requests it and to which you give your explicit and knowing consent. Yet NONE of us knows what data Google holds on us, and it's extremely obfuscated to even opt out of AdSense IP tracking, on third-party sites no less! The use of this digression is a complete red herring, the employment of which may be quite informative in itself.)

jd/adobe (speaking for myelf, no corporate connection on this issue)