I've been itching to get something written about Scoble's antics over on Facebook when he used the Plaxo script to scrape data as a way of pointing up what he believes is an issue around openness and data ownership. Way too much has been written but one aspect that was never surfaced was the question of legality.That was until now.
Fellow Irregular and soon to be minted Gartner analyst Thomas Otter nails it. In a post that provdes plenty of detail about European law, Thomas concludes:
Robert Scoble’s actions may be perceived as noble in some quarters, but they don’t impress me. He single-handedly bashed through most of the basic principles of privacy with his scraping exercise, never mind Facebook’s terms of service. Facebook was right to take Robert on here. Facebook is subject to the provisions of European Data Protection Law. Facebook is part of the safe harbor....
Robert, no doubt, had good intentions, but he was breaking the law, both in terms of the Facebook terms and conditions, and for those Europeans lurking in his 5000 “Friends”, a good bit of data protection law too. Processing 5000 records moves one beyond the realms of Dunbar’s law into data controller mode.
Thomas knows way more than I do on this topic and is sufficiently cautious to be sure of his facts before making such a statement. I also know Thomas well from my dealings with his current employer, SAP. In other words, I trust his judgment.
At the time, I felt that Scoble - for all his supposedly good intentions - behaved appallingly. You simply don't sign up for a service, decide the terms of service are not to your liking, cry foul and become a law unto yourself. That's irresponsible. And under EU law, it's also illegal.
Over and above this, I believe that in raising the issue in the manner in which he did, Scoble sent a clear signal to anyone in enterprise land looking at media like Facebook and Plaxo as a way of putting a toe into the social graph. Any renegade can run roughshod over the service when they're given the right tools and a convergence in motivation.
How much comfort is that supposed to give for those who are already concerned about security?
As an aside, the one area Thomas didn't explore was whether, in providing the tools, Plaxo was aiding and abetting in the commission of this illegal activity.
PS - it is with a sense of irony that Dutch reader Marjolein Hoekstra points me to an article from Particls.org which says that certain named individuals from Facebook, Plaxo, Google and...Robert Scoble have joined DataPortability.org Workgroup. As I said to Marjolein - it means nothing. Look at what happened between OLPC and Intel.