Josie Fraser has given her views on the recent squabbles over data portability standards for social networks. She has observed that the language of ‘the data wars’ and ‘guns blazing’ can be characterised as “boys clubs and bun fights”. As Josie describes:

The last couple of weeks has seen MySpace, Facebook and Google make announcements about their variously not-that-portable data portability initiatives. MySpace announced the Data Availability Project, Facebook announced Facebook Connect, Google announced FriendConnect, and Facebook then announced FriendConnectwouldn’t be welcome in the Facebook valley.

I would agree with Josie’s comments on the “general agreement that the new initiatives have more to do with Empire building than with empowering users“. Josie goes on to suggest that, rather than the current focus on applications and widgets to facilitate sharing “users should be the ones controlling and determining their data“.

While I would be in broad agreement with that sentiment, I think the individual’s perspective is only a part (albeit an important part) of the role that social networking software (SNS) can provide. Many of us make use of social networking tools to support our professional activities.  This gives rise to interesting issues over ownership (I try to make use of a Creative Commons licence when I use SNS to ensure that others – including my organisation – can reuse my content). But what happens to the content which I may have hosted on a social networking services if I’m knocked down by a bus, leave my organisation or fall out with by boss? Do I have the right to ‘control’ and ‘determine’ what happens to this data?

An approach I have taken when I make use of SNS to provide access to my data is to keep a master copy in a managed environment (the UKOLN Web site) – with Slideshare, for example, the title slide and the metadata give a link back to the managed copy of the slides. But in other cases (such as my use of I’ve not done this.

One answer to such concerns would be to avoid use of social networking services, and make use of managed services hosted within the organisation. But this, I feel, has many disadvantages and is not an approach I would recommend. But what approaches, then, should the professional academic or researcher take to manage data or behalf not only of the individual but also the organisation?

In 2006 UKOLN made use of a range of externally hosted services to support its IWMW 2006 event. The use of a variety of third party services was complemented with a risk assessment statement which summarised the services which were being used, justified their use and outlined potential risks and how such risks would be addressed.

I feel that it is now timely to build on this approach to risk assessement and to begin to address the risks associated with use of social networking tools in a work capacity.  As I suggested in a recent JISC Emerge online conference, perhaps we should start by providing a personal audit of the social networking tools we use at work and document the risks that our organisations and our colleagues could face if we chose to exercise our individual rights to delete such data!  And once we’ve got a better picture of the risks we can start to address the risk management issues.

What do you think?