Could web3 open social protocols change the landscape of social media platforms?
Clue: Privacy is still a missing piece in the infrastructure for portable user-owned data
Web2 social media platforms such as Facebook and YouTube typically require users to create and maintain a profile (submitting personal information in the process) which the platform then builds upon (by tracking the actions the user takes on the platform - what content the user views or engages with) into a view of the user’s personal (e.g. demographic) characteristics and preferences. The platform then uses these detailed user profiles to sell targeted advertising inventory (user views and engagement) to advertisers. Another type of user data is the content that users create on these platforms - posts, photos, videos etc. shared with other users, which generally serve the purpose of keeping other users (e.g. friends of the user or followers of the creator) engaged on the platform so that they can continue to be served ads across the platform or embedded in those pieces of content. Because of this interwoven use of user data, the concept of who owns the user data and how ad revenue is attributed and shared is sometimes muddled.
Ostensibly, these platforms correctly state that users own the content that they create and share, and are merely granting the platform a license to use their content. Users who create video content that exceeds a (high) threshold of views may receive between 20-50% share of revenue generated by ads embedded in the video, but the vast majority of content creators who don’t hit those thresholds aren’t rewarded (and so are creating that content for free), and advertising can also appear across the platform outside of users’ content. In any case, what makes the advertising inventory valuable is the detailed user profile data used for targeting ads (which is what the platforms are really monetising), and it’s the revenue attributed to this data, provided by users, most of whom aren’t content creators in the explicit sense, that isn’t shared with users who provide it. In addition, unlike user-generated content, this data isn’t owned or controlled by users (even though it pertains to them and their behaviour/preferences).
In this sense, web2 platforms continue to own and control the most valuable data provided by users, which they monetise, keeping the revenue. It’s hard to disagree that platforms deserve a chunk of that revenue for developing both the targeted advertising products that effectively extract value from the data and attract advertisers, as well as the utility of the platform that attracts users (the free use of which might be considered as fair compensation to users for their data). But web3 provides an opportunity to shift that balance of ownership, control and sharing of value of user data.
Enter web3 open social protocols like Lens, Farcaster and DeSo, which provide the infrastructure for developers to create apps (essentially front-end experiences that read/write user data on a blockchain) which, in addition to the social network/social media-related utility central to their value proposition, also enable users to own their data (including their detailed profiles), since this data is recorded on the blockchain and is verifiably linked to the user instead of being stored centrally by the platform.
Recording user profile and interaction data on a public blockchain (visible to everyone) allows users to share their data with (or use their data in) multiple apps of different types (e.g. a social media app, a finance app, and a game) using a single account (e.g. their wallet address), with each of these apps contributing more data to the user’s profile on the blockchain as the user interacts with it.1 To be clear, this flavour of data portability rests on the data being public and therefore usable anywhere (and by anyone), instead of being locked to a single platform (which have traditionally resulted in the huge network effects that have become extremely difficult for new entrants, who might create more value with the users’ data, to overcome). This is enabled by the architectural shift from apps having their own proprietary database and compute servers, with account authentication via proprietary passwords, to apps utilising an open, decentralised database and compute layer, with authentication via public key cryptography to prove ownership of an account (or the associated data). Under this architecture, users will need to reorient their thinking, from creating a new account for every app to a “bring-your-own-account” structure and one wallet, or passport, for navigating the web.
But while this is an improvement in terms of data ownership and portability (your data is no longer siloed within a single platform), how meaningful is this idea of ownership without control over access to your data?2 To put it plainly, in the web2 scenario, platforms own and control your most valuable user profile data, and no one has access to it except the platform, with the caveat that you can delete your account which supposedly should erase all of your data from the platform and prevent further use. In the above web3 scenario, you own your data but don’t control it because anyone has access to view it on the blockchain and you can’t erase (some, most, or all of) it because the blockchain is immutable and other forms of decentralised storage might not enforce deletion. Furthermore, anyone can use and monetise the data with or without the user’s consent. Neither of the above two scenarios seems ideal given the initial problem was control over user data.
What’s missing is a privacy model for users to control access to the personal (user profile) data that they verifiably own in web3, which could then be coupled with an incentive (token) model to reward users for bringing their account/data to an app and “renting” their data to that app in order to share financial value extracted from said user data back to the users who provide it. Also important is a way to revoke access to the data when the user decides to no longer make it accessible to a specific app. This combination of data portability with a privacy model would enable common cross-app creation of user profile data that all apps in the ecosystem can access and share, provided that user grants access to that data for that application. At the time of writing, most open social protocols haven’t yet incorporated such a privacy model, and from an investment perspective, it would be interesting to look out for web3 social propositions that concurrently address privacy and data permissions.
One theoretical approach (or part of the puzzle) that maintains decentralisation is the use of Zero-Knowledge (ZK) Proofs on private user data to utilise the data without seeing or storing the data. A potential example of this is where a user grants an app temporary access to their private data, and the app does ZK computations on it to provide the user with some utility in return (e.g. recommendations based on their preferences) while using the app. In this case, no personally identifiable user data would be stored or viewed by the app. ZK computations on such data could also enable the user to earn passive income by providing their data to apps (for purposes including advertising) without affecting their own privacy, all the while with the user in control.3
In this third scenario, by logging into a social app (connecting their wallet), users can choose to bring their data to the app and enable the app to utilise that data (to add value to the community of users, to be monetised, etc.), essentially “renting” their data to the app in exchange for what they perceive as fair utility or rewards. In turn, apps must provide sufficient utility/reward to incentivise users to continue providing their data, which can be in form of experiential value to the user, a share of the advertising revenue, transactional revenue or other financial value generated by their user data.
With this shift in portability, ownership and control of user profile data enabled by open social protocols, tokenisation of user data and a privacy/permission-based solution, we may start to see new models and opportunities for apps in the social space while potentially enabling users to get a greater share of value (including financial value) from the social apps that they use.
Postscript: Bear in mind that old habits are hard to break, and web2 social platforms are the masters of habit formation (to put it politely). Adoption of web3 social platforms depends on them offering compelling enough use cases to win over users from web2 social platforms, and that’s something we have yet to see emerge, despite the interesting possibilities enabled by the protocol infrastructure being developed so far. An open (and somewhat heretical) question also remains, which is, “Do privacy and control over user data really matter to users?” Web2 has trained the (vast?) majority of users not to care about this. If they do matter, ZK proofs offer a possible answer. If they don’t, and users are happy for some of their data to become public, then the concept of data portability (or more specifically interoperability) may open up interesting opportunities for new user experiences in the social space, particularly if combined with a use case or mechanic in which it becomes meaningful and valuable for a user to verify their ownership of said data (which blockchain enables, with or without ZK proofs).
If you liked this article and are reading it on the web or received it from a friend, please consider subscribing to my regular newsletter (so you’ll get articles like this delivered fresh to your inbox) by clicking the subscribe button below.
As Reed McGinley-Stempel, CEO of Stytch describes in this article: “Data flows freely and is publicly verifiable. Companies no longer need to build user authentication using things like passwords into their applications. Instead, users can have a single account for the internet in their Web3 wallet: think of this as a “bring-your-own-account” architecture where the user verifies their account as they browse different websites, without the need to create a unique username and password for every site. … Recording data on a public ledger means that this data can be used in inventive ways by companies that aren’t the first-party application where the user generates that data. When incentivised, users can verify their ownership over this data with virtually zero friction. All you need to do is click a button to connect your crypto wallet.”
And from a value creation perspective, what does ownership of an account and the public data associated with that account confer? Is it the taking of interactions that’s valuable and can be incentivised, even though the result of the interaction is recorded publicly for all services to enjoy (which might generate a free-rider problem)?
Admittedly, this may only be a part of the puzzle, since aggregate user data might still need to be publicly accessible on the blockchain (even if not identified with specific users) in order to generate recommendations, and there’s a separate question of where/how private user data will be stored (would it be centralised?) if not recorded publicly on the blockchain.
A very interesting read, Shannon!