What Facebook Could Have Been

Let me tell you about the time I invented Facebook.

It was 2002, after my second child was born. It had been difficult to keep friends and family up to date with my first, and in the short time between them almost everyone had gone online—friends, parents, even grandparents. I was working professionally as a web developer, so I did what came naturally: I built a website.

I didn’t really invent Facebook, of course. That would come two years later, in Mark Zuckerberg’s Harvard dorm room, an origin story repeated so often that it has become mythological. But the family-album website I built had all the trappings of the service, at least in its early days. You could post updates in the form of text and photos. You could invite friends and family so that they could see those updates. They could leave comments on the posts and pictures. It was much easier, more efficient, and less annoying than printing photos, mailing letters, or sending bulk emails.

I was hardly alone in this insight. The web had commercialized thanks to advertisers and retailers, but then it began to offer new ways to do daily life. E-commerce had made buying things easier, and email had made correspondence faster. Life was the same, more or less, just more convenient. Everything was going online; a site for seeing and sharing personal updates was an obvious idea by then.

My prefiguration of Facebook never got off the ground—at least not beyond a few private uses of it. But now that the baby I made it for is almost an adult, it strikes me that the difference between the online community we actually got, and the ones alternate timelines might have offered instead, tell us a lot about Facebook’s creators—what they found important, and why, and toward what ends.

The myth of the lone genius perpetuates the false idea that Facebook (or Google, or Slack, or any other successful technology startup) arose in the solitary minds of their founders. But the stage was already set for these ideas. By the time I made my Facebook cousin in 2002, Pyra Labs and Movable Type had made blogging ubiquitous. Friendster, an early social network, launched that year, and MySpaceand LinkedIn appeared the next. Personal publishing and online networking were fusing before Zuckerberg came on the scene. Even Zuck basically stole the idea for Facebook from his Harvard classmates, the Winklevoss twins.

For more than a decade, nobody thought about the alternatives that didn’t get pursued thanks to Facebook’s rise. Then the scandals began, and all those unspoken assumptions came home to roost. The thing we’d all just allowed into our lives started feeling menacing, and the companies that made it started damage control.

Sick from the fallout of two years of scandal around leaking massive troves of personal data and accelerating the spread of misinformation on its services, Facebook has been forced to change tacks. Mark Zuckerberg spent the first decade of his company’s life advocating for increased “openness” and “sharing” thanks to the service. More people sharing more things were supposed to “bring the world together.” But after Cambridge Analytica, after Russian interference in election ads on its platform, and after a series of breaches that exposed the personal information of hundreds of millions of users, more sharing starts to seem like a great way to tear the world apart instead.

So last week, at Facebook’s annual conference, Zuckerberg promised to put privacy first in a new redesign of its website and app, focusing on making intimate, personal conversations more central to the service. On a screen behind Zuckerberg, large text heralded the shift: “The future is private.”

Critics have rightly retorted that this promise runs skin deep, at best. Facebook is not going to change what it does with the data gleaned from your posts in the “privacy” of its own servers—a capacity central to its ad-driven business model. But even so, Zuck’s new tagline offers a surprising insight by contrast: The future might or might not be private. But the past certainly was.

In 2002, when I built my family album service, it was very unlikely that you’d post pictures or stories about your kids on the public internet. In part that was a matter of custom more than concern: Digital cameras were scarce and the images they produced weren’t very good. Nobody yet cared to see the details of other people’s personal lives.

I was obsessive about privacy, even though thousands rather than billions of people would ever interact with the software. Every member had to be explicitly invited. There was no option to post publicly—an idea that seemed nonsensical at the time, before news feeds and timelines were a thing.

At first it was just a personal site. I invited my family and friends to see my own kids’ pictures and stories. Some of my friends in the tech sector thought it had legs, and urged me to turn it into a service. As I thought about how to do that, I became profoundly concerned about sharing photographs online. I bit my nails over exposing even a single image in a way that someone might not have wanted or expected.

It’s easy to control access to a webpage. That’s why links to non-public posts on Facebook won’t work for a user who isn’t logged in and also friends with the user who posted it. But images work differently; they get embedded in the page as URLs to the picture file, and anyone can copy that URL and share it via email, on a forum, or even embed it in their own web page. You can try this with any photograph you’ve uploaded to Facebook: Copy the image location and text it to someone; they’ll be able to see it immediately. It’s just one tiny example of how the web’s plumbing encourages disclosure by default.

So I wrote some software to handle every image request, to make sure the person requesting it was authorized to see it. Of course, it would still be possible to copy/paste and save text or pictures on the page, but at least I was doing everything in my power to limit access on the service I controlled. Effectiveness might have been less important than intention: Privacy, in the sense of creating a match between intended and actual disclosure of personal information, was a first-principle design value to maintain and enhance, rather than an outmoded idea to rebuff.

That’s a different approach than Facebook ever took. As my colleague Alexis Madrigal explained, Facebook’s spread across Harvard, and then colleges, and then the globe. It invited compulsion from the start. That usage pattern necessitated a growth-at-all-costs mentality that made keeping people coming back to the site (and then the app) the service’s principle use, rather than an activity pursued by means of the service, like keeping up with friends and family. Facebook grew because that’s what Facebook did. It was never conceived to do anything else.

I shopped my family-album website prototype around for funding a bit, without success. The economics of software businesses were different back then. A successful internet startup was a lot less successful then compared to today. Flickr, the popular image-sharing site, was acquired by Yahoo! for a modest $20 million or so in 2005. The ceiling was much lower. Even the relatively simple technical design I’d developed had commercialization consequences. Today, it’s become standard practice to deliver an entire website via encrypted connections (indicated by a URL starting with “https” instead of “http”). This is done to prevent site operators from guessing what might be sensitive. Passwords and credit cards are obvious, but in some places, even just the fact that you accessed a website can be a fact you might want to keep private. Encryption makes that possible. It also requires more computational power to operate, which means more servers, which means more costs. Today, startups cost almost nothing to launch. They scale their infrastructure as needed on cloud services. Those didn’t exist back then; delivering a whole service via encryption had computational and therefore financial costs.

It also wasn’t an urgent, life-driving passion that I pursue the project.  An online family album was a tool, something that might help extended families stay in touch with one another more effectively. It was not a calling nor a manifesto. I didn’t have a koan like make the world more open and connected to justify its existence. I wasn’t prepared to steamroll anyone who got in my way in order to…allow people to share some photos of their kids. It also never would have occurred to me to collate the data people posted and sell against it to advertisers, rather than charging a fee for service from the start. This revenue model just wasn’t a part of the online economy; not yet, anyway. Google AdWords had launched in 2000, just two years earlier. Even online subscription services weren’t really a thing. The web was still just an information kiosk or a storefront. Facebook itself had no real business model until years later either, using free access as a catalyst for growth. That kind of long-term runway to revenue wasn’t the way of things in the early aughts, when the dot-com crash was still a fresh memory.

Almost two decades later, looking back at these parallel projects with similar aims but very different outcomes, a striking difference has to do with the disposition of the creator and the context for its use. A college student—even a less driven and opinionated one than Zuckerberg, the Harvard sophomore—has a very different idea of openness and connection than a young parent does.

The metaphors for the projects also betray their different moral priorities. A generic, lower-case facebook, in case you’ve forgotten, used to be a directory to help college kids get to know one another. In that context and life stage, the more people you meet and the less inhibited you are, the better. A family album, by contrast, is an intimate matter, one developed at a time when social ties are more stable.

Privacy means different things at different times. Zuckerberg’s aspiration toward openness was less a vision for a future society than it was a small-minded assumption that all contexts were, or should be, like his. Maybe “invented in a college dorm room” should be a sneer rather than a tribute.

Other contexts, from other creators, would be different. Even the version of a social network the Winklevosses might have rolled out would have been different. For me, privacy was a matter of ethos as much as action. Writing today, 17 years later, it’s remarkably difficult to remember why that was. These were my kids I was publishing, and that was strange to do at the time. I imagined, rightly I think, that others would find it strange as well. That was just the ethos of the time.

And to its credit, I suppose, Facebook has changed that ethos. Now people think of information differently. But to call that change progress, in the way Zuckerberg touts, is to forget how things might have been different. Had I succeeded at launching and scaling the thing even toward Friendster-level success, a commitment to privacy would have guided the product. My take on a service akin to Facebook suffered for being less ideological. The world as it was was fine for us, more or less. The tenor of information privacy in particular. We saw no need to change it. That was a losing bet, it turns out, but it’s one I’d rather have made and been wrong about.

The differences were about more than just privacy, too. A chasm also separates the viable businesses of these two eras. It’s easy to laugh at the dotcom age, with its bespoke web stores for pet kibble or Tickle-me Elmos, but the first age of the web embraced a deep respect for the existing world. Global triumph achieved by “moving fast and breaking things,” as the infamous Facebook slogan goes, wasn’t really on the table. The web wasn’t meant to disrupt bricks and mortar, but to bring them into the future, and most of its services were trying to solve problems for established economic sectors via run-of-the-mill IT consulting. “Solutions,” rather than disruption, was the keyword. Buy pet food, but online. Make auto-repair appointments, but online. Pay your cable bill, but online. The web was a connection to the rest of life, rather a replacement for it.

Companies of the sort that thrive today died dramatic deaths back then: Webvan, an early online grocer, for example, or Kozmo, the delivery convenience-store. These were implausible, hubristic efforts to overwhelm the offline world with the online one. Now that’s the explicit aim of most technology companies. With a goal like that, we should have anticipated how it would feel to live in the world that would achieve it.