What was striking about the reaction to Mark Zuckerberg’s latest missive about the future of Facebook, A Privacy-Focused Vision for Social Networking, were the two very distinct reactions that, in my estimation, made the same mistake, but in opposite directions; one set of folks didn’t take Zuckerberg seriously at all:

Another set took Zuckerberg entirely too seriously:

In fact, what Zuckerberg announced is quite believable, precisely because it makes perfect sense for Facebook: this is a privacy cake that Facebook can have — and eat it too.

The Social-Communications Map

Zuckerberg began by describing two distinct kinds of social networks:

Over the last 15 years, Facebook and Instagram have helped people connect with friends, communities, and interests in the digital equivalent of a town square. But people increasingly also want to connect privately in the digital equivalent of the living room. As I think about the future of the internet, I believe a privacy-focused communications platform will become even more important than today’s open platforms. Privacy gives people the freedom to be themselves and connect more naturally, which is why we build social networks.

Today we already see that private messaging, ephemeral stories, and small groups are by far the fastest growing areas of online communication. There are a number of reasons for this. Many people prefer the intimacy of communicating one-on-one or with just a few friends. People are more cautious of having a permanent record of what they’ve shared. And we all expect to be able to do things like payments privately and securely.

Public social networks will continue to be very important in people’s lives — for connecting with everyone you know, discovering new people, ideas and content, and giving people a voice more broadly. People find these valuable every day, and there are still a lot of useful services to build on top of them. But now, with all the ways people also want to interact privately, there’s also an opportunity to build a simpler platform that’s focused on privacy first.

I first explored the idea of there being different types of social networks in 2013 when I created The Social/Communications Map:

Keep in mind, this image is from 2013, but there are still some important points worth calling out:

• First, the axes are about user perception, not technical implementations; back then tweets were very much experienced as being ephemeral; now they have more permanence, leading to people both being called-out for old tweets and/or deleting their archives.
• That Twitter and Instagram should have perhaps been on the “permanent” side of the axis is further emphasized by the success of Instagram Stories, which is much more ephemeral than Instagram posts, along with the rise of tweet threads replacing blogging.
• I noted in the post that LINE was representative of multiple chat networks, including WeChat and WhatsApp; obviously I should have illustrated both instead.

The most important thing to note, though, are the relative positions of Facebook and Snapchat (it was Facebook’s attempted acquisition of Snapchat that inspired the map in the first place).

Facebook Versus Snapchat

Perhaps the most important moment in Facebook’s history was its shift from the private to public space on the Social/Communications Map with the introduction of the News Feed. Again, to be clear, this map is about public perception, not technical reality, and this is a perfect example: data on Facebook was public to everyone in your network from day one. What the News Feed did, though, was change Facebook data from a pull to a push model: instead of needing to seek out your friends’ profiles Facebook would push their updates to you directly.

This inspired a strong backlash amongst users, who not only complained online but actually organized rallies in person; ultimately, though, it turned out that people loved the News Feed, and once Facebook embraced mobile, it turned out the News Feed was perfect for advertising.

Still, that transition exposed a soft underbelly in Facebook’s product: private ephemeral communication that allowed users to be their true selves. This was the premise undergirding Snapchat, which I described in Facebook, Phones, and Phonebooks:

It is increasingly clear that there are two types of social apps: one is the phone book, and one is the phone. The phone book is incredibly valuable: it connects you to anyone, whether they be a personal friend, an acquaintance, or a business. The social phone book, though, goes much further: it allows the creation of ad hoc groups for an event or network, it is continually updated with the status of anyone you may know or wish to know, and it even provides an unlimited supply of entertaining professionally produced content whenever you feel the slightest bit bored.

The phone, on the other hand, is personal: it is about communication between you and someone you purposely reach out to. True, telemarketing calls can happen, but they are annoying and often dismissed. The phone is simply about the conversation that is happening right now, one that will be gone the moment you hang up.

In the U.S. the phone book is Facebook and the phone is Snapchat; in Taiwan, where I live, the phone book is Facebook and the phone is LINE. Japan and Thailand are the same, with a dash of Twitter in the former. In China WeChat handles it all, while Kakao is the phone in South Korea. For much of the rest of the world the phone is WhatsApp, but for everywhere but China the phone book is Facebook.

Make no mistake, the phonebook has been more valuable: it lends itself better to both data collection and advertising. Snapchat, though, threatened to break out of the phone space into the phonebook space with Stories — a product that shifted Snapchat out of the private space into the public one.

To that end, it is instructive that it is Stories where Facebook finally mounted its Snapchat defense: I wrote in The Audacity of Copying Well:

Instagram and Facebook are smart enough to know that Instagram Stories are not going to displace Snapchat’s place in its users lives. What Instagram Stories can do, though, is remove the motivation for the hundreds of millions of users on Instagram to even give Snapchat a shot.

That is exactly what happened: Snap retained its place as the core of 1×1 communication for young people, but the segments more removed from Snapchat’s core use case of chat were suddenly far less likely to even give the service a try, thanks to Instagram’s intelligent leveraging of its network.

By the same token, though, just because Facebook capped Snapchat’s growth doesn’t mean that Snapchat’s core insight about the desire for private, ephemeral communication was wrong: what Zuckerberg wrote yesterday is basically Snapchat’s reason-for-existing. In other words, while Instagram Stories built a wall around Snapchat by copying Snapchat’s secondary feature, this “Privacy-Focused Vision for Social Networking” is a clear attempt to build the core of Snapchat for everyone else.

Zuckerberg’s Vision

Look again at what Zuckerberg outlined:

• Private interactions
• Encryption
• Reducing Permanence
• Safety
• Interoperability
• Secure data storage

The first three are all about owning the 1×1 private ephemeral space; critically, none of them have anything to do with Facebook’s core feed-based products. Facebook is going to continue to exist as it has to date, as will Instagram, including all of the data collection and ad targeting that currently exist. The “Privacy-Focused Vision for Social Networking” is in addition to Facebook’s current products, not in place of. This is the mistake made by those that took Zuckerberg too seriously.

As for those who didn’t take Zuckerberg seriously enough, why wouldn’t Facebook want to move in this direction? There are multiple benefits:

• First, this is a valuable space to own for all of the reasons that Snapchat succeeded in the first place. People want a place to communicate freely without fear of snooping or a historical record.
• Second, to the extent the rise of 1×1 networking is inexorable, it is better for Facebook that it happen on their properties. Not only does Facebook preserve the ability to advertise on privacy-focused platforms — the company can leverage data from Facebook to advertise in its messaging products (although I am skeptical that messaging products are well-suited to advertising) — it also prevents would-be competitors from capturing leverageable attention.
• Third, as we have seen over the last 24 hours, there are tremendous PR benefits from a privacy-focused service. Facebook has changed nothing about its core service or data collection policies, yet the assumption is that the company is pivoting and the only debate is whether to believe them or not.

Perhaps most compelling, though, is the degree to which this move locks in Facebook’s competitive position. As I noted above, Snapchat already showed that Facebook is vulnerable in the realm of private ephemeral communications, but soon that will no longer be the case. Moreover, given Facebook’s focus on end-to-end encryption, the company has made it that much harder to even get off the ground: not even Snapchat is fully end-to-end encrypted (pictures are, but not text messages).

There is an even more important benefit to Facebook voluntarily forgoing the data within messages and limiting the time it keeps surrounding metadata (make no mistake, end-to-end encryption is a real thing — Facebook will not be able to see encrypted messages); as Zuckerberg told Wired:

Certainly, ad targeting can benefit from having access to as much content or signal as possible. You know, I’m more optimistic about this for a few reasons. One is that we aren’t really using the content of messages to target ads today anyway. So we weren’t planning on doing that. So it’s not like building a system and making it end-to-end encrypted and now we can’t see the messages is really going to hurt ads that much because of the way we were already thinking about that. Keeping metadata around for less time will have some impact, although I’m optimistic that we’ll build systems that can basically deliver most of the value with a fraction of the amount of data.

Why can Facebook deliver most of the value? Because they are still Facebook! They still have the core Facebook app, Instagram, ‘Like’-buttons scattered across the web — none of that is going away with this announcement. They can very much afford a privacy-centric messaging offering in a way that any would-be challenger could not. Privacy, it turns out, is a competitive advantage for Facebook, not the cudgel the company’s critics hoped it might be.

Safety, Interoperability, and Strategy Credits

The last three items in Zuckerberg’s list are interesting in their own right; to take them one-by-one:

Safety: This is about the very real trade-offs that come with end-to-end encryption. One obvious issue is law-enforcement: Apple has already been down this road with the FBI when it comes to phone security; end-to-end encryption is both more challenging and yet simpler, simply because it is, properly implemented, truly unbreakable.

Another issue is misinformation: for all of the issues surrounding misinformation on Facebook, at least misinformation is traceable; that is not the case if messages are encrypted, which has already been an issue with WhatsApp in India. One could certainly make the cynical argument that, in the process of cloaking itself in privacy, Facebook is washing its hands of misinformation.

To be sure, Facebook is confident it can leverage its ability to analyze metadata to stop bad actors; that the exact same sort of audience analysis is perfectly portable to advertising is a rather happy benefit as far as Facebook is concerned.

Interoperability: This is perhaps the feature that is easiest to be cynical about; while it can certainly be frustrating to have to balance multiple messaging apps, for much of the world consolidating Facebook-owned messaging will not fully address the problem, thanks to alternatives like Messages, LINE, Kakao, etc. Moreover, even in areas where Facebook owns both the Phone (via WhatsApp) and the phonebook (via Facebook and Instagram), exactly how much consumer demand is there for integration?

There is, to be sure, a business argument: Facebook has already unified much of the ad infrastructure underlying its services, and unifying messaging is, to the extent Facebook wants to build a business platform on messaging, a natural next step. There is also a regulatory argument: while it is difficult to make the argument that Facebook has broken antitrust laws, the remedy, should that be accomplished, is obvious — split off Instagram and WhatsApp. That will be harder to do if they are fully integrated with Facebook, not simply on the advertising side but also the user side.

Secure Data Storage: This is an interesting addition to this piece, as it has little to do with messaging in the communications sense, but a lot to do with messaging in the political sense. This is what Zuckerberg wrote:

There’s an important difference between providing a service in a country and storing people’s data there. As we build our infrastructure around the world, we’ve chosen not to build data centers in countries that have a track record of violating human rights like privacy or freedom of expression. If we build data centers and store sensitive data in these countries, rather than just caching non-sensitive data, it could make it easier for those governments to take people’s information.

Upholding this principle may mean that our services will get blocked in some countries, or that we won’t be able to enter others anytime soon. That’s a tradeoff we’re willing to make. We do not believe storing people’s data in some countries is a secure enough foundation to build such important internet infrastructure on.

The most obvious country worth avoiding is China, which means this is clearly a Strategy Credit:

A strategy credit is an uncomplicated decision that makes a company look good relative to other companies who face much more significant trade-offs.

Facebook is already banned in China, so not putting data centers in China costs the company nothing (it may soon cost the company in Russia; one imagines Facebook will not mind being banned there of all places). This is in sharp contrast to Facebook’s most vociferous critic in tech, Tim Cook and Apple; the latter absolutely stores customer data in China along with encryption keys, because that is the law for companies that wish to operate in the country.

To be clear, this is understandable, but that is what makes that Strategy Credit article rather ironic; I coined the term in response to Apple’s posturing about user data in the wake of the Snowden revelations, noting that forgoing data wasn’t really a tradeoff given Apple’s business model. Now Apple is on the other side of the coin.

Privacy Moats

Ultimately there are three broad takeaways from Zuckerberg’s article:

• Stop expecting companies to act against their interests. Facebook isn’t killing their core business anymore than Apple, to take a pertinent example, is willing to go to the mat to protect user data in China.
• Facebook doing something that benefits itself is not inherently bad for end users. It is perfectly reasonable that the company can be instituting genuinely user-friendly changes like end-to-end encryption even as it furthers its own self-interests.
• Relatedly, and most importantly, there needs to be much more appreciation for the anti-competitive trade-offs inherent in an absolutist approach to privacy. Facebook is doing what its fiercest critics supposedly want, and enhancing its competitive position as a result.

This was a point I made last year in Open, Closed, and Privacy:

If an emphasis on privacy and the non-leakage of data is a priority, it follows that the platforms that already exist will be increasingly entrenched. And, if those platforms will be increasingly entrenched, then the more valuable might regulation be that ensures an equal playing field on top of those platforms. The reality is that an emphasis on privacy will only increase the walls on those gardens; it may be fruitful to rule out the possibility of unfair expansion.

This is a debate that is woefully lacking. The reality is that the only user-friendly way to enforce privacy — which is another way of saying the only scalable way in a demand-driven world — is to severely limit inter-operability and over-burden would-be challengers. Regulators need to be far more aware of this and either choose another approach to privacy — i.e. entrust it to individuals — or regulate data-platforms, at least in terms of competition on top of their platforms, even more severely.