How many of the services you use do you allow to "connect" to your Facebook or Twitter account? If you're like me, not many. Too many times a web service has given itself extraordinary freedom to act on my behalf and 'sharing' my activity on Facebook. I've felt betrayed. But I believe this can be avoided if we just formalize expected etiquette through 'social contracts'.
My experiences with services that have posted things to my FB timeline without prior permission make me very reluctant to trust any service that asks for Facebook integration. Luckily no app has ever posted personal sensitive information but several have polluted the timeline with information I don't want there. Irrelevant stuff like that time Slideshare posted about me downloading my own presentations as PDF. Or when I followed a question on Quora. Permissions I would never have given had I been asked by the websites in question.
We have a right to choose what to share and what to see. I prune my social timelines when people start posting information I neither want nor need. Similarly, I try to avoid posting information those who follow me aren't interested in.
Using Twitter and Facebook to authorize ourselves is meant to save time. But I go to great lengths to avoid it as it's not a convenience to me – quite the opposite. Every such authorization I make means I need to ensure the app only does what it should. The reason is that developers are lazy. Using Facebook's API it's so easy to ask for more permissions than you need. And users don't seem to mind, or realize what permissions they grant the services they use.
This mutual sloppiness leads to frustration and trust being abused.
Worst of all, some marketing people seem to believe its in their right to abuse users' social network to spew marketing material. I've seen this kind statement repeated over and over. Sometimes marketing people express surprise over people feeling betrayed when Facebook apps have gone too far (!).
But honestly, is this behavior a surprise after all? Just consider how often the "no advertising please" sign on your front door gets ignored. And think about the phone sales people who call you even when you have explicitly listed your number as "don't hassle me." Many marketers seem to think they don't have to follow any code and have the opportunistic right to push their messages wherever they can. Sadly, this attitude is prevalent online as well.
As users, we need to stop being lazy and don't just play along. And we must ensure our personal information is used responsibly and in our interest. When we use social accounts to create accounts and to log in, we need to make sure the other party explains why it needs to post to your timeline or access your photos.
One way to achieve this would be to write social contracts stipulating the expectations we have upon each other and what we feel is OK and what isn't. In all cases when we hand over personal information in trade for a service or for convenience, we need to know how that information, and that access to our personal social networks, are being used. Violations of social contracts, cases when they've been dishonest about their reasons for requesting access to certain information or requested permission to post information on the user's behalf, can be tracked. These violations can also be reported to an independent party who can rule in either party's favor and issue warnings about companies that violate the contracts they've signed with their users.
User agreements aren't new on the web but they're so far mostly one-side monsters of legalese no one reads. Let's make them beneficial for all sides, useful and a foundation of trust by adding a social component and make expectations clear and explicit.