By Claude Almansi
Editor, Accessibility Issues
On September 14, 2010, after Ning had postponed the deadline for shutting nonpaying networks for the umpteenth time, I wrote:
I will not write another full post about Ning until the non paying groups have been deleted, or Ning gets bought by a more efficient firm, or disappears. But I’ve opened a Ning page on the wiki of ETC Journal where I shall attempt to keep track of what happens at Ning.
And now I am writing one, even though nonpaying groups have not been deleted and no one — to my knowledge — has shown any interest in buying Ning. Motive: a discussion entitled “Deletion of Free Ning Networks?” started by Alex on September 18 in the Ning Creators network. Though it disappeared very quickly, there is a copy archived with WebCite® on the same day: http://webcitation.org/5sq785FZF.
Eric Suesz — senior community manager at Ning — participated in this discussion, stating that “All free Ning Networks are now locked and can’t be accessed.” This is simply untrue.
The Ning “lock”
To illustrate how the Ning lock works, let’s use http://piusplacenow.ning.com, which is the network created by Alex, about whose nondeletion he wondered academically — he successfully migrated it to http://piusplacenow.spruz.com — in the above mentioned discussion. In fact, it is now greyed, with most of the content covered overlaid by a Ning form:
The page can be scrolled, but its links cannot be clicked.
How the lock works
The source of the “locked” page shows that its table layout is done by using the <DIV> tag combined with CSS instructions (clear explanation by Jonathan Snook in Getting your DIVs to behave like TABLEs 2004-07-15), and that the grey film and the overlaid form that prevent normal use is created by the following DIVs:
<div class="xg_overlay" id="xj_temporary_overlay"></div> <input type="hidden" id="xj_migration_lightbox_title" value="The Pius Place Now currently unavailable" /> <div id="xj_migration_lightbox_body" style="display:none"> <div class="xj_contactnc"> <form method="post" action="http://piusplacenow.ning.com/main/embed/contactNC"> <input type="hidden" name="xg_token" value="599e5cc9669c9a70b035eac4981a5a62" /><input type="hidden" name="t" value="70dGsRxpkqvMKMmQrrqk8g==,Kz28sffaiWTMe+Quyl5OtPAgbfvTMJC/ztXevaFdc/KJ8bIGQ551WoFeV5oqa0i0" /> <div class="xj_top"> <p> Sorry, this network is currently unavailable. If you are the Network Creator, <a href="http://piusplacenow.ning.com/main/authorization/signIn">click here to sign in</a>.</p><p>If you have questions, please contact the The Pius Place Now administrators by filling out the form below:</p> </div> <fieldset class="noborder clear dy-form-1"> <dl> <dt class="nobr"><label for="name">Your Name</label></dt> <dd><input type="text" class="textfield dy-input-wide" id="name" name="name" /></dd> </dl> <dl> <dt class="nobr"><label for="email">Your Email Address</label></dt><dd><input type="email" class="textfield dy-input-wide" id="email" name="emailAddress" /></dd> </dl> <dl> <dt class="nobr"><label for="question">Your Question</label></dt> <dd><textarea id="question" class="textarea dy-input-wide" name="description"></textarea></dd> </dl> <dl> <div id="xj_recaptcha_div" data-key="6LehigcAAAAAADjv-vta_dpH1AoOrTX_-KszqcNb"></div></dl> <dl> <dd><input type="submit" class="button" value="Send" /></dd> </dl> </fieldset> </form> </div>
This means that anyone can make a working version of any page in any “locked” Ning network by copy-pasting its source in a web editor and removing the above-quoted DIVs.
But it also means that linearized versions of these pages are not affected by the lock.
Screen reader and Web Developer users can read and navigate “locked” networks
As screen readers used by people who are blind or have other print disabilities linearize table layouts, these people are not affected by this crude “locking” trick, which is a nice reversal of the usual situation where they get locked out by insensitive web designers.
Maybe Ning deciders thought these people were just a minority they could ignore? True, few people who do not need a screen reader have one. Nevertheless, there is a very popular Firefox addon called Web Developer (16,794,847 downloads as I write this) whose “Linearize Page” feature also disables the Ning lock. About this feature, see Ann Smarty’s excellent How to Use “Linearize Page” Option of Web Developer Addon. And if we apply it to http://piusplacenow.ning.com, the grey film disappears and the masking form gets shoved to the very bottom of the page. See screenshot in http://etcjournal.files.wordpress.com/2010/09/pp_main_linearized_bottom.jpg.
The rest of the linearized page (see screenshot for its top http://etcjournal.files.wordpress.com/2010/09/pp_main_linearized_top.jpg) works normally, i.e., all links to other pages of the network can be opened. Of course, the linearizing process will have to be repeated in the new page if you use Web Developer, but this should not be an issue if you use a screen reader.
Anybody can use a “locked” network actively via its mobile version
As explained by Ning in View your social network on an iPhone:
If you would like to access the mobile version of your social network, you can find it by adding ”/m” to the end of your social network’s address. For example, the address for the mobile version of “http://examplenetwork.ning.com/” is “http://examplenetwork.ning.com/m”
Thus, via http://piusplacenow.ning.com/m, I have been able to join, reply to a discussion and add a video — see http://piusplacenow.ning.com/video/blocked-ning-video-autostarts?xg_browser=iphone — to the network on Sept 23, 2010, as shown by its activity page http://piusplacenow.ning.com/m/activity/log/list.
Even though anybody can use the linearizing solutions described above to bypass the Ning lock, it does not follow that everybody does. In fact, Ning Creators discussions between people angered by the repeated extensions of the paying deadline for free networks suggest that most of them accepted Ning’s statement that “All free Ning Networks are now locked and can’t be accessed” without looking further into that lock. For instance, Ash Ketchum , after starting the free ning sites…..?? discussion on Sept. 8, 2010, where he and others irritatedly counted the days during which the free sites were still readable, wrote “victory! yeeei” on Sept. 15, after the free sites were apparently locked.
And while it is possible to join and add content to a “locked” network via its mobile phone version, you cannot manage it this way. And in turn, this means that its creator and administrators have no way to delete law-infringing content added via this version.
Moreover, the lock creates legal issues on existing content, too.
Videos uploaded to the Ning server via a network start automatically. They keep doing so in formerly free networks where the Ning lock is implemented. Therefore if the user has not linearized the viewing page as above, the Ning form hides more than half of the player and the text description of the video: in other words, the Ning lock hides copyright and attribution indications given in the video and/or in the description, even though the video is being played.
In all countries that have a copyright law, preventing access to this information is illegal. And in countries where copyright law protects the moral rights of authors, defacing the performance of a video by partially hiding it is illegal, too.
You may, at any time, update, correct, or delete certain categories of Personal Information that you have provided to us by signing in to your network or the Ning Platform and updating the Personal Information. Additionally, you may update, correct, or delete certain categories of Personal Information within your My Pages by following the directions here.
The Deactivate your account on a Ning Network page linked to in the second sentence states:
If you ever decide you don’t want to be a part of a Ning Network, you can leave it and delete your content (or choose to keep it on the Ning Network). For security reasons, we are not able to delete any of the content that you have added to the Ning Networks you belong to. You will need to delete your own content. You can do this by leaving each Ning Network you belong to. Repeat this process for all Ning Networks you’ve joined.
- Sign in to the Ning Network.
- Click on the “Settings” link in the right hand column of the Main page.
- On the My Settings page, you’ll see a link to remove yourself and all of your content from the Ning Network on the bottom of that page.
- When you click this link, you’ll have the option to tell administrators why you’re leaving by clicking the arrow on the left to open the comment field. By default, the box to delete your content from the Ning Network you are leaving will be selected, but if you wish to leave your content, deselect this box.
- When you’re finished, click “Leave” and confirm that you want to leave the Ning Network, and whether you will be deleting your content.
People who take the Ning lock at face value, as Ning intends, can do none of these things. Therefore, by imposing this lock Ning violates its own privacy declaration and the data protection laws at the origin of this declaration.
True, the overlaid form offers the possibility to contact the network creator. However while network creators can sign in, once they do, they cannot suspend members in order to hide their profile information. They only have three possibilities:Archive my content,” “Take my network offline.” But these options do not help at all:
- If a network has been locked, it means by now that its creator does not want to select — and pay for — a Ning plan.
- “Archive my content” is a misnomer, inasmuch as it comprises also content provided by other members of a network, not only by its creator.
- “Take my network offline” would not solve the issue of members who want to modify or delete some or all of their personal data: it would only hide these data from the public, but they would still be kept in the Ning server.
Why the paltry tricks and untruths?
In view of the otherwise technically competent interventions by Eric Suesz in other discussions at Ning Creators, it seems highly improbable that he believed that “[a]ll free Ning Networks are now locked and can’t be accessed,” as he wrote in the already quoted “Deletion of Free Ning Networks?” discussion. It seems more likely that, as senior community manager at Ning, he had to apply a policy decided by Ning powers-that-be.
But why this policy of paltry tricks and untruths?
“I think the natives are getting restless,” Brian quipped in another Ning Creators discussion entitled When Will I See Better Design Control, Better everything?
As we have seen, some of the “restless natives” who had already opted for a Ning plan and were irritated by seeing nonpaying networks being granted extension after extension by Ning were assuaged by this very flimsy lock.
But the restless natives Brian had in mind — the ones who participate in the When Will I See Better Design Control, Better everything? thread — are not going to be taken in by a trick that cannot even fool a screen reader or a few lines of CSS in software. They are people who agreed to pay because they hoped that this would bring back the experience of 2007, when Ning was an open project where people experimented with code at their own risk and loved it.
As they are not getting that, for the time being, they are concentrating their ferocious analyses on the structural problems due to Ning’s attempt to make self-contained networks from what was a network of networks. But what if JP or some other restless natives, who participated in the When Will I See Better Design Control, Better everything? thread, turn their analytic attention to the source code or to the mobile version of one of these allegedly locked networks?
Mightn’t they decide that a platform whose managers resort to such idiotically inefficient tricks and untruths is hopelessly unreliable?
Privacy: Ning and EU countries (update)
In NING is NOT a “SAFE Harbor” (2010-10-07 – archived in http://webcitation.org/5tIoWwEG1), a discussion on Ning Creators, AngelBCN raises a very important implication of Ning’s change from being a network of networks to being a platform hosting networks. Now that network creators “own” their networks, they are also responsible for their legality. And data protection laws in EU countries say that you cannot move EU people’s personal data to a server in the US unless this server complies with the criteria of a “safe harbor”, described in the European Commission’s decision 2000/520/EC.
Therefore, as Ning is not among the hosting services complying with these criteria that are listed in https://safeharbor.export.gov/list.aspx, creators of European Ning networks might be violating their countries’ data protection laws.
In her reply to AngelBCN, Jenny wrote, apparently in the name of Ning: “… please know that we’d already begun exploring the idea of joining this Safe Harbor. We’ll keep you updated on this front.”
Being recognized as a safe harbor may not be simple for Ning. True, they are working on completely erasing the traces of the global Ning ID which users had when Ning was a network of networks, and which should have disappeared on July 20 – see Addressing Sign-in/Sign-up issues (2010-09-21) by Sridatta Viswanath, who foresees that the issue will be solved by the end of October.
However, other aspects of Ning’s handling users’ data seem hardly compatible with being a safe harbor. For instance, decision 2000/520/EC states that:
Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate…
And Ning blocked this possibility for users of unpaid networks, while still hoarding their personal data.
Decision 2000/520/EC also states that:
An organization must offer individuals the opportunity to choose (opt out) whether their personal information is (a) to be disclosed to a third party(2) or (b) to be used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual. Individuals must be provided with clear and conspicuous, readily available, and affordable mechanisms to exercise choice.
And on July 20, Ning gave network creators
- access to their members’ data, including the e-mail address used to sign in, with the capacity to download these data as a .csv file,
- the possibility change their members’ passwords
Maybe these serious data protection issues (there might be other ones: I haven’t done a thorough check) will be corrected together with those pertaining to the lingering Ning ID by the end of October. Otherwise, Europeans who created Ning networks should seriously think of moving them to another platform, where they won’t be liable for the way their members’ data are hosted, lest they violate their country’s privacy laws.
This is why I created the Ning and Privacy Facebook group, where people can share and discuss information about these issues in a more democratic way than in comments to this blog post. They actually concern all Ning users, even if less acutely than the European network creators.