Microsoft offers way to share data with social networks

March 25, 2008 (IDG News Service) Microsoft is opening up its Windows Live platform to allow users to share their contact lists with five social-networking sites, some of which until now have been accessing such data through the back door.

The move is intended to give users control of their data and to remove the need for the kind of work-arounds used to share such data today. The current arrangement "unduly puts customers at risk for phishing attacks, identity fraud, and spam," wrote John Richards, director of Microsoft's Windows Live Platform, on the official developers' blog for the platform.

Facebook and Bebo members can now invite friends on their Windows Live contacts lists to join their online social networks, without having to hand over their Windows Live password. Members of the Hi5, LinkedIn and Tagged communities will be able to do so "in the coming months," Microsoft said.

In return, Windows Live users will be able to invite friends using the five social-networking sites to join them on Windows Live Messenger in a similarly secure fashion through the Invite2Messenger Web site, Microsoft said.

Yahoo Inc. already operates a similar service with LinkedIn: A page on the LinkedIn site takes members wishing to import their Yahoo Mail contacts list to a Yahoo log-in page in order to authorize the data exchange.

Some social-networking sites already help their members import their contacts lists from Web-based e-mail services and send invitations to people on those lists -- but to do this, the sites typically ask their members to hand over the username and password for their Web-mail account to gain access to the contact data.

That's the case, for example, with LinkedIn's functions for importing contacts lists from Google Inc.'s Gmail and AOL LLC's Web-mail service, which require that members trust LinkedIn with their username and password for the other services. LinkedIn does not yet have a link with Windows Live.

Internet users are becoming increasingly suspicious of such requests for credentials because of the prevalence of phishing attacks and other attempts at identity theft.

To enable the exchange of contacts data, Microsoft has created a new API that allows social-networking sites to request access to the Windows Live contacts lists of their members by sending the members to a Microsoft-controlled log-in page, where the members can enter their Windows Live credentials without giving them to a third party. Microsoft then notes that the user has granted permission to the social-networking site to access the contact data.

Opening up the interfaces is a way of acknowledging that ownership of contacts lists rests with the sites' users, not with their operators, according to Richards. "We firmly believe that we are simply stewards of customers' data and that customers should be able to choose how they control and share their data," he wrote.

Reprinted with permission from

IDG.net
Story copyright 2008 International Data Group. All rights reserved.