i use the word uncover appropriately here since because i have a webpage, a blog, and a facebook account, and you may have linked to any one of these three "documents" but have decided against making yourself explicitly known to me; what API's like Social Graph does is remove the documents so that i can now see that you and i, and some of your friends who are linked to you, are indeed connected.
in the initial reactions to Google's Social Graph API some* have raised concerns about privacy. the debate can be over-simplified into two camps: a) it's all public information anyway, and privacy by obscurity is dead already, so why not? And b) even if a) is true, just because we can mine this data without requesting user permission, ethically speaking should we?
i want to point out a fundamental flaw in the way privacy as a socio-legal construct is interpreted. in north america the legal doctrine considers what our "reasonable expectation of privacy" is in public. with the exception of Quebec**, case law says that our houses (the brick and mortar ones versus "home" pages) is the place where we should expect to be protected from the prying eyes of the state and others. however, once we step outside of the home this expectation rapidly diminishes. according to the laws of our lands there is a geographical delineation of where we can expect that our actions are private. this falls apart in online communities where there is no geography of bits. where when we post something, like a revealing photo to our Facebook friends, we may not expect that only our fb friends are watching. yet, there is nothing equivalent in the physical world to applications like the Social Graph API. short of having a way for armies of private investigators to very quickly amass the data on everything and everyone we connect to in public spaces, and the friends of their friends too. for this reason and many others, the way that privacy as a legal doctrine is currently used is not valid when we look at these api's. there is a growing gap here between what privacy means ethically and what our recourse will be legally.
my second, thought on this is that there is a troubling and, depending on who is using these api's, dangerous underlying assumption at work; that the identities that we construct in these different online spaces, connecting to very different groups of people, may be summed up to equal a coherent representation of a person. if you strip out the context of the interactions - which is what these api's do - is the resulting data on the social connections even sensible anymore? for a good read on this see David Phillips' paper on the use of pseudonyms as identity masks online and the implications for software designers (***reference below). because the word surveillance is coming far to quickly to my mind and i wonder if what is being interpreted is anything worth having at all. then again, it always is...
(ne1 can undRst if th will is thR, IMO. nuf Z)
***Phillips, David J. (2002). "Negotiating the Digital Closet: Online pseudonymity and the politics of sexual identity", Information, Communication & Society, Vol 5, No. 3, pp. 406–424.