It depends on the level of security you want, but OpenID would be a good way of providing users with a single authentication for multiple sites (and Flickr/Yahoo IDs are now going to be OpenIDs) - perhaps something for LibraryThing, and other SNs to look at?
Owen
________________________________
From: Next generation catalogs for libraries on behalf of Tim Spalding
Sent: Fri 1/25/2008 7:15 PM
To: NGC4LIB_at_listserv.nd.edu
Subject: Re: [NGC4LIB] pandora [privacy]
You can, of course, embed the sign-in within another site. But you would
need a separate sign in.
How can we ask users to do that? By making a service that's interesting
enough to use. The average teenager today has dozens of accounts at dozens
of sites. Want a widget on your blog? Sign in here. It's unfortunate in some
sense, but separation is also a good thing insofar as it embeds privacy by
default. This is why drivers licenses no longer use social security numbers.
It's also not always necessary to require sign-in immediately. Lots of
social sites allow you to things before you make a commitment to join.
You can think of that as a pointless extra step, or as the thing that keeps
somebody in library administration or, as I suspect it will go, SirsiDynix,
from having the addresses of everyone at your school who reviews gay
literature. Think social networking in libraries is hard sell now? Just wait
until someone abuses the data.
T
On 1/25/08, Chris Barr <christopher.barr_at_villanova.edu> wrote:
>
> This is way too much to ask from our users. How can we practically say
> to our users:
>
> "Okay, here is our website. If you want to use this cool widget you need
> to go over to this site and sign up for a screen name with your email
> address, etc. And if you want this other feature you need to go over
> here..."
>
> Now maybe I am not quite understanding what you are saying, but how many
> ways can we ask our users to login? Quite seriously, at most
> universities asking them to login with their ldap account is enough. If
> we need to create screen names to protect anonymity we don't need to
> send them offsite to an external company to do so, surely it can be
> separated intelligently within our own system.
>
> For example, with Flickr I have a screen name, but to login I use a
> Yahoo ID. I use the same Yahoo ID to login to Yahoo Answers for which I
> have a different screen name.
>
> I'm sorry, I love Library Thing, del.icio.us, last.fm, etc, but I don't
> want to require users of my website to register with them in order to
> fully access features on my site.
>
> --chris
>
>
>
> Tim Spalding wrote:
> > That's why you want LibraryThing to run your SN for you!
> > No, seriously, whether it's LibraryThing, another company or a separate
> > non-profit library thing, I believe in security through separation, not
> > trust. If the data can be connected, it will. If you don't have the
> data,
> > you can't use it.
> >
> >
> > Tim
> >
> > On 1/25/08, B.G. Sloan <bgsloan2_at_yahoo.com> wrote:
> >
> >> Interesting idea. But I think that as long as libraries run social
> >> networking systems there will be concerns about privacy, even if the SN
> is
> >> decoupled from the library systems.
> >>
> >> Bernie
> >>
> >> Tim Spalding <tim_at_LIBRARYTHING.COM> wrote:
> >> Here's a solution I want: Completely decouple library systems from
> >> social
> >> networking systems.
> >>
> >> This is, of course, what LibraryThing for Libraries has to do as we
> move
> >> in
> >> this direction, since we don't connect directly to the ILS, but I also
> >> think
> >> it makes sense ethically.
> >>
> >> Libraries know "real" stuff about their patrons-addresses, for example.
> If
> >> the SN is decoupled and asks no personal questions, you're left with
> >> screen
> >> names or whatever, with no way to get to the other stuff.
> >>
> >> Tim
> >>
> >> On 1/25/08, Eric Lease Morgan wrote:
> >>
> >>> On Jan 25, 2008, at 12:19 PM, Chris Barr wrote:
> >>>
> >>>
> >>>> My question that I keep coming back to is: How do we
> >>>> provide feature-rich social networking functionality
> >>>> in our applications without undermining privacy?
> >>>>
> >>>
> >>> I can think of a few of solutions to the privacy issue:
> >>>
> >>> 1) Let people opt in; alert people that social networking
> >>> practices reduce a person's privacy. Allow people to choose, "Yes,
> >>> others can see my stuff."
> >>>
> >>> 2) Never associate things like tags with individuals other than
> >>> the authenticated user. "Here are my tags. Here are other people's
> >>> tags, but I don't know whose."
> >>>
> >>> 3) Ask ourselves, "To what degree is it the librarian's job to
> >>> protect people's privacy versus educating people about privacy?" In
> >>> some way our professional ethics are in impediment to creating
> >>> services our users increasingly expect.
> >>>
> >>> --
> >>> Eric Lease Morgan
> >>> University Libraries of Notre Dame
> >>>
> >>>
> >>
> >> --
> >> Check out my library at http://www.librarything.com/profile/timspalding
> >>
> >>
> >>
> >> ---------------------------------
> >> Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try
> it
> >> now.
> >>
> >>
> >
> >
> >
> > --
> > Check out my library at http://www.librarything.com/profile/timspalding
> >
> >
>
--
Check out my library at http://www.librarything.com/profile/timspalding
Received on Fri Jan 25 2008 - 15:34:31 EST