Last week we began talking with a independent programmer who ran into a bit of trouble with Facebook over a snippet of code he developed and published that allowed users to update their Facebook status without visiting the site.
Christian Flickinger, who runs the blog Technologist for Hire, posted some PHP code here last April that took advantage of Facebook’s mobile service to perform this simple task. While Facebook offers an RSS feed to export status updates, unlike Twitter it fails to provide a way to import status updates. Christian’s code was meant to fix this shortcoming and consequently help others innovate with the way Facebook status updates are handled. He did not use the code to create a website for updating Facebook statuses; he simply made it available for others to modify or run as is on their own servers.
One such way to use Christian’s code was to incorporate it into a program that takes status updates and pushes them out to multiple status handlers such as Facebook, Twitter, Skype, Adium, and Quicksilver. Another use could be to take information from a music player, instant messaging program, or blogging platform and automatically make Facebook status updates from any activity (such as newly played songs, away messages, or post headlines). After publishing the code, Christian indeed found that several other developers used his code to create programs around the idea of “federated status”.
This past Thursday, however, Christian received an email from a Facebook engineer that requested he take down the code from his blog. While recognizing that Christian was simply trying to provide something useful, the engineer insisted that the code was, and had always been, against Facebook’s terms of service (see “User Conduct” section, bullet #3). As a way of explanation, he suggested that allowing people to automate against Facebook from outside of the site would create a “slippery slope”. The engineer backed up his request by insinuating that he would disable Christian’s Facebook account and/or take legal action if he refused to remove the code.
After Christian stood by his post, Facebook demonstrated on September 4th that it wasn’t bluffing and shut down his account. Christian soon realized that Facebook meant more to him than fighting this out and took down the code; Facebook has since reactivated his account. Several others who had used his code also caved and took down their enhancements.
While Facebook certainly has the right to contact users about violations of their terms of service, I must ask myself “what is Facebook so worried about?”. The company has made great strides in opening up the network with the developer platform, data feeds, and people search. These developments suggest that Facebook wants to make the components of the Social Graph available for wider consumption and utilization.
And yet, it has quite aggressively quelled certain developers that have built Facebook-integrated services. Last fall, the same Facebook engineer involved in this case sent the creator of UnFaced, a compatibility calculator, a similar cease and desist request. Facebook declined to provide a substantive reason for their actions in either of these cases.
Changes to Facebook’s terms of service over the last half year may also suggest that the company has become increasingly cautious about how and when they open things up. Their terms currently prohibit the “use [of] automated scripts to collect information from or otherwise interact with the Service or the Site.” However, archives show that this line was added sometime after February 10, 2007. So, instead of slackening their policies for independent developers, they seem to be tightening them.
What do you think? Was Facebook overbearing or reasonable in the way it handled Christian’s code? Generally speaking, is Facebook “developer-friendly”? If you have developed for Facebook, please share your experiences below.
See all
Post
Thanks for the notice here. They threatened to close my account also but I gave in before they actually did it. I definitely agree. Facebook is way to overbearing about controlling their development. From my stance with the Twitter/Facebook script, it only benefits Facebook to support this type of development.
Why did Facebook decided to open up and provide an API to developers? I think that’s the real question. I have some ideas as to the why but the reasons are less then chivalrous I must say. Facebook users are not as loyal as they want everyone to believe. As a matter of fact, I think Facebook is having trouble straddling both sides of the fence (Facebook is for college kids/Facebook is for professionals). Facebook wants other companies to spend their own money and time developing features for Facebook – This allows Facebook to sit back and let all these potential competitors stop building out their own social services and products and concentrate on developing more features and products for Facebook. Most of these Facebook widgets wont get anymore then a few hundred users but the few widgets that are successful will be taken down by Facebook as they can simply emulate and kick the original creator off the site for “Violating its terms of service”. This has already started to happen with the most successful widgets. So how did Facebook ensure that people got excited about this widget building scam? First they got one of their VC’s to publicly state that they would like to make investments in widgets that seemed promising. (C’mon…what widgets have been funded and if you were a VC, would you fund a facebook widget when Facebook could change their terms of service tomorrow…of course you wouldn’t). This was another announcement that got a lot of naïve people very excited. Then they used one example of a widget (called I Like) to demonstrate how a widget could become wildly popular. But they failed to mention that they won’t promote the other 2000 widgets like they promoted the “I Like” widget”. This whole thing was designed to distract the competition, get free products so facebook could see what’s popular and create a whole lot of free PR….and it worked. What everyone still needs to understand, Internet users do not want to view the Web through Facebook’s monocles.
Facebook is open… to an extent. They’ve opened up their pages and user accounts to be pillaged by appspam, but those apps keep the users ON Facebook. If people develop apps that let them leverage FB without having to visit the site; well that’s when you have an issue, and that’s where you get the “slippery slope”.
we’ve been extremely happy with our experience so far—of course it helps that Karel Baloun (former senior engineer of FB) built our app and it also helps that we are the only commodity futures trading app but it has been a great experience and we’re happy with the level of interest generated so far off our first efforts! we’re adding everyday and its also helping us to determine which features our users want etc etc—we love it! pk
I think this is largely an issue of being cautious in HOW they’re opening things up. As they create more freedom to interact with the platform, they need to simultaneously define the appropriate and allowed set of interactions more clearly.
I do not see the point the the Facebook reaction. Everybody can create such a script now that the idea for it is out.
I will take me less then an hour to write a iMacros script that extracts the status from twitter (”web scraping”), logs into facebook and changes the status (”form filling”).
The advantate of using something like iMacros instead of PHP/ASP is that this kind of script runs inside the Firefox web browser. There is no way for Facebook to know if I update my profile manually or let the robot do it (unless, of course, you overdo it and update your account every 2 minutes).
I don’t know about Facebook but I do know this– people that update ‘multiple status handlers’ are deluding themselves thinking anyone cares. Talk about screwing with people’s signal-to-noise ratios.
I think I’ll have to make a pseudo-meta-twitter, it’ll flip a coin in Second Life, and then licensing Like.com’s image processing tech to read the result I’ll set up a feeder into every Twitter, Tumblr, FeedBurner style of service there is. Heads - I’m working. Tails - I’m not (possibly using the toilet).
Last week I used Christian’s code as an example to write a desktop client for updating my FB status when I post to Twitter - http://www.standingmobile.com/twitter-to-facebook/. Kinda like Stefan suggests but w/o any “scraping”… twitter has a nice API.
I never update my status on Facebook but I do quite a bit on Twitter… seems like this would be a good thing for all involved. Twitter gets more action, FB get fresh status updates from me, and I only need to update from one place.
Omar is right, I think he summarized pretty well the real reason behind it.
Too bad at the same time they let “official” “approved” applications (those using the API) potentially store and do what they want with people’s USAGE data. Sure, that’s also not allowed by the TOS, by how do they think to figure it out ?
I have written about this here after I also had to pull down my port of Christian’s code.
I don’t see a problem with sending information TO facebook without visiting the site, since that information is intended to be viewed on Facebook. The slippery slope comes into play when someone writes code to strip information FROM facebook to be displayed externally; an aggregated “friends’ status” page, for instance.
Why would FaceCrook want to do this? You know, they are so upstanding and would not make threats…..i think….
This is EXACTLY why we created a Bill of Rights for Users of the Social Web!
They don’t seem to have noticed my Ruby port of Christian’s script. Yet.
My code is in the public domain. Anyone wishing to post a copy anywhere they like should feel free to do so.
Allowing users to extend the service beyond the current offerings only promotes the use of the service. Sure, it removes actual pageviews, but it adds to service usage and popularity.
The majority of the people who thanked me for this method were people outside of the US. Non-US Facebook users cannot update their status from any of the ‘extended’ methods that ARE allowed by Facebook, except for using the standard status update box (facebook’s SMS, for instance, is US-only). So foreign users found this method very useful.
Thank you TechCrunch
Very good observations, Mark.
I believe it’s a case of opening an API to be hip and capture developer mindshare, and then clamping down on the successful outside ideas, because they get new ideas about opportunities further down the road.
I don’t think they planned this as it is, but they sure are weary that outsiders can provide additional services of value.
In my opinion, this defeats the purpose of providing APIs in the first place.
Facebook is not really open. If you look at their API closely and compare to Flickr API, you’ll see that Facebook API is more for building widgets than anything. This is why most of the Facebook apps are about throwing foods, sending zombies, and better walls.
If you look at their external web app gallery, the number and the popularity of the Facebook external web apps is pitiful. This is not because Facebook developers are all stupid and unoriginal; rather, this is because Facebook’s API is too restricting to build anything meaningful.
Facebook’s API is more like a widget API from Netvibes.
If FaceBook is so concerned about the reduced number of pageloads from people not visiting the site, then why are they using ajax popup layers for confirming friend details / poking / etc. instead of driving users to a separate page. Isn’t the purpose of their News Feed to consume more content quickly without having to hit more pages? All of the aforementioned features are done to convenience their users - this type of status sync is (should be) no different. Things don’t add up here, and its apparent that FaceBook doesn’t want to open up.
Me, again (see #6)
Here is an iMacros script that updates the facebook status. When you run it, it prompts you for your current status, logs in, updates the status and logs out.
Click here to run the script
You need to have the iMacros Firefox extension installed for this to work.
https://addons.mozilla.org/en-US/firefox/addon/3863
I think Facebook is doing things the right way, by opening things up slowly.
I think Facebook must be careful as they open things up. The problem with Facebook is that right now they are like America Online–they have a closed system with millions of users that can make a pretty good amount of money. Opening up the platform a lot more could be huge. If America Online had opened up their platform to the internet years ago, they would probably be dominating right now. Instead they tried to control everything, peaked and have had steady attrition since.
The multi-billion dollar question is, how do you open up your platform all the way and yet still make a business out of it? Facebook is trying to figure this out. As a user, I think the more open the better. If I was an investor, I would want to do it piecemeal–but hurry so as not to go down the same path as AOL. But say they opened it up all the way, someone could come along and create something (I haven’t spent time imagining what) that could greatly benefit users but greatly throttle the business potential of FB.
Facebook is no better than Myspace, despite all the cheer leading going on about it on this blog.
They’ll tweak their terms of service and will ride the back of any successful widget esp if it makes money. Next day, the competing widget will be disable for “violating their terms.”
Smart move by Facebook. “Social Darwinism” app development at work. they’ll cherry pick the money making ones and snuff out the competition.
anyone who thinks otherwise is seriously delusional.
The “honeymoon” period is coming to an end for Facebook, and big brother will soon rear it’s ugly head.
The real worry (to me) is the combination of corporate control and detailed social network. If platforms like Facebook become *the* platform for the future, then we’re in a position where more or less any employee of that company can shut you down based on their own interpretation of their own terms of use.
Consider if MSFT in the previous generation of monopoly platform had been able to say “oh, you just installed Netscape, you’re not allowed to do that according to the EULA that we wrote, so we will disable your Windows unless you remove it.”
So yes, Marc’s comment on a need for a widely accepted bill of rights is spot-on.
Me, again (see #6)
I posted code for an iMacros script that updates the facebook status. While this comment awaits moderation at TechCrunch, here is a link to the iMacros forum where I posted the same code http://forum.iopus.com/viewtopic.php?p=9340#9340
The problem with APIs is that malicious developers can use them for unpredictable purposes. The challenge is how to open up an API and not either bring down the system or cause other users extraordinary pain. I am sure that Facebook is not as resilient as the internet as a whole, and denial of service attacks and other automated attacks can be launched much more easily from an API. Whether its damaging the system or faking inaccurate or inappropriate user behavior, APIs can be very dangerous. So while it is great to open up a system, from a management perspective, figuring out how to do it safely is a significant challenge for something like facebook. Its fine to say you want unrestricted programming access but when it begins to effect real users the backlash will be much worse than a few annoyed API programming geeks.
Good story and well told
I understand and echo the previous commenters that recognize that Facebook wants to be careful how much they open things up and how they go about it, but limiting external status updates is really a detriment to users. Facebook wants to be a “platform” in the strongest sense of the word: that you go to facebook.com to do everything. But FB is a powerful tool that developers could leverage to create all sorts of interesting mashups, which would in turn make FB an even more powerful tool, which would increase its importance. Like Breck, I’m having trouble thinking of an application that would throttle the business potential of FB.
One possible example could be what we are doing to MySpace. A friend and I wrote a FB app that scrapes MySpace and displays the profile in Facebook profile format. The application is called SpaceLift and from what I read in this post about Facebook’s terms of service, making an app like this that scraped and redisplayed Facebook profiles would *definitely* be a violation of FB’s terms of service.
FB was nice. Now they suck. I hope they will go down. Along with their closed source. I will be laughing at it like that: “HAHA!”.
I had a similar encounter over a year ago about a Greasemonkey script which I detailed on my blog: http://martindavidsson.blogspo.....ds-ii.html
facebook should have left him alone
Sweet, this got picked up by the NY Times: http://bits.blogs.nytimes.com/.....-facebook/
In my opinion, FB has always sucked. CWOT. Beyond that, the reason they are opening up is because of the flattening in their growth. I’m sure they’ll begin building lots of subdomains similar to MySpace (their only avenue of monetization). I think it’s pretty apparent that user profile pages are for the most part unmonetizable. They don’t want you to know that though.
get a life.. stop using this facecrap site and STOP promoting this social network junk.
It is pretty clear that FB is just making everyone know what is acceptable. Perhaps they should hire someone for quality control and not have programmers sending off threats against users.
I’m glad to see that I’m not the only one who is frustrated by the closed doors that Facebook hides behind. They will open them a little, but not enough to reduce their page views. This is so frustrating. I would love to use Twitter to update my status, but I can’t.
I even live in the United States, but I can’t update from mobile because Facebook allows everyone except T-Mobile to use its mobile services. Arrrghhh!!
I use Facebook because that’s where my friends are, but I can’t stand not having some of the comforts that an API should allow.
All social networks are inherently retarded. Even the smartest social network has a bit of retard in it.
I’m still annoyed that they got rid of the contact exporter. I finally have a phone that can accept vCards and no way to get them in there.
I’ve been considering using the same mobile Facebook site to build my own vCard exporter.
I myself have developed a tool that allows me to update my Facebook status with Twitter, using an XML parser and the cURL code that this article relates to. It’s good because I just run a feed aggregator on my server that grabs my Twitter feed and posts to Facebook. I’m tempted to post my script for all to download on my website, maybe get a bit of a Digg effect going to make sure Facebook can’t stop it spreading. Thing is, they might still just ban my account.
I can’t comment on the development aspect of this post, but from a business perspective, they are doing what they can to protect the security of their members. One of the reasons I like facebook is that it is a closed environment where I can connect and re-connect with people that I have met through the years. Outside a few of the social media “rockstars”, I know all of my friends from either high school, college, after college, and etc. I have more personal information listed on my facebook profile than I do on other websites, because it is isn’t getting mashed up and strewn about the web.
While I understand that many of you want an open social web, there are a lot of people that want to control what can and cannot be seen by others. I grew up on closed, automotive webforums because privacy is important to me. Also, I believe that not every conversation is meant to be seen because it can upset the balance of the community. Think about the “mods corner” on the old webforums.
I use twitter, ma.gnolia, viddler, and etc but I also use facebook because it gives me that “closed door”.
FaceBook is obsolete!
Look for MS ProfileScroll, coming soon
http://fakesteveballmer.blogspot.com
Here is the 36 lines fb doesn’t want you to see… this code is definately dangerous to their business….
‘.ucfirst($first_name).’/', $page, $form_id);
curl_setopt($ch, CURLOPT_POSTFIELDS,’post_form_id=’.$form_id[1].’&status=’.urlencode($status).’&update=Update’);
curl_setopt($ch, CURLOPT_URL, ‘http://m.facebook.com/home.php’);
curl_exec($ch);
?>
Whoops… I knew that wouldn’t work…
Here is a link http://utilitybase.com/paste/4934
@Bob the Builder
Why does everyone want facebook to be so open? With all the open social networks, isn’t there room for one that leaves its doors closed to the outside world? Yes it is one of the biggest, but maybe that’s the reason…
There is only one effective way to respond to this - organise a boycott of FaceBook.com.
People should boycott FaceBook by deleting their profiles and pledging never to use their service again.
We, the users, need to establish the balance of power firmly in our favour so that no online organisation EVER acts in an undemocratic dictatorial manner.
We need to send a message that ANY online web site that seeks our support and participation needs to listen to US, not dictate terms to us.
Stupid me. I thought when Facebook opened up, I was gonna be able to write my own terms for their API.
I once heard about this place where you could build any app you wanted to and you didn’t have to worry about any of this stuff. No one could tell you what you could and couldn’t do. If the app was valuable, people would come use it, simple as that.
I forget, I think maybe it was called…um…”The Internet” or something.
I think they should close facebook down cause its only trouble
Facebook has added a users.setStatus() API method, more here: http://www.nexdot.net/blog/200.....pi-method/
Hey Update: Feb. 18, 2009 from Facebook
A couple of weeks ago, we posted an update to our Terms of Use that we hoped would clarify some parts of it for our users. Over the past couple of days, we have received a lot of questions and comments about these updated terms and what they mean for people and their information. Because of the feedback we received, we have decided to return to our previous Terms of Use while we resolve the issues that people have raised. For more information, visit the Facebook Blog.