Plaxo is now fully integrated with FriendConnect--Google's widget-based tool for socially enabling any web site. This means on any site running FriendConnect, you can now securely connect your Plaxo account, see which of your contacts are also on that site, and invite any of your contacts to join that site. And, perhaps coolest of all, you can choose to have any activities you share on that site flow back into Pulse, so your Plaxo connections can keep in touch with you across the web and discover new sites you've found.

This is a truly useful and exciting integration--it's the closest we've come yet to a seamless social web ecosystem, in which users can take their identity and relationships with them across the web, find the people they know at a new site, and share activity back with their existing contacts, creating a virtuous cycle of more social discovery and sharing. This is how the social web should work--rather than having to start from scratch every time you try a new social site (which is still the norm for most sites today), each new experience you have should enrich the others.

This only works when services give their users control over their data and provide them with secure access using open standards. And that's exactly what Plaxo is doing with FriendConnect. When you connect your Plaxo account, we're using OAuth so you don't have to give out your Plaxo password, and you can always choose to revoke access later. And when you share activity from FriendConnect back into Pulse, we're using the OpenSocial 0.8 RESTful Activites API. The only custom integration right now is with our address book API, and we're already working with the community to develop an open standard for that piece of the puzzle too. We firmly believe that acting as an Identity Provider, Social Graph Provider, and Content Aggregator--that is, letting our users take their data and relationships with them across the web and share data back from anywhere--is good for users, good for Plaxo, and good for the Web. And we're just getting started--stay tuned for additional enhancements, including more fine-grained control over which of your family, friends, and business network you want to connect with on other sites, and who you want to see your shared activity from FriendConnect sites!

Here are some screen shots of Plaxo's integration with Google FriendConnect--or you can experience it for yourself on any FriendConnect-powered site.

With the recent announcement that Plaxo has signed an agreement to be acquired by Comcast, I've been receiving a few emails from members asking, “What will happen to my data?” So I thought I’d address that with a quick blogpost.

The short answer is that the same privacy protections that you have now will remain in place after the acquisition closes. Plaxo will remain as an independent subsidiary of Comcast, with all of the current management team (I will continue to serve as Plaxo’s Chief Privacy Officer). The Plaxo privacy policy is a legally-binding document which limits how your data may be used; it is also legally binding upon anyone who acquires Plaxo. This policy will remain in force following the acquisition and any data you have provided Plaxo will continue to be covered.

The privacy policy explicitly states that following a business transition (e.g. an acquisition) your information will continue to only be used in the manner specified by the privacy policy in effect at the time when that data was collected. If Plaxo wants to use your data in a different manner we are required to notify you as to the change; you will have a choice as to whether your data may be used in this manner. You will continue to have the ability to control your communications preferences (i.e. you can opt-out of receiving any promotional offers) and you will retain the ownership of your data, as well as the ability to delete your data at any time.

Many of us take for granted the words written in the privacy policies of the websites we visit. But I do encourage you to read ours here so that you can see the choices and empowerment we provide our users. You can also read more about what this acquisition means to you, as written by an independent watchdog group, TRUSTe. For the past several years, both Plaxo and Comcast have voluntarily agreed to have TrustE review their privacy practices for compliance. TRUSTe also provides a free service to our users to mediate any disputes involving their privacy rights and data.

Although Plaxo will be a Comcast subsidiary, we will remain independent - having our own privacy policy, keeping the same management and employees, and continuing the evolution of the address book. The acquisition does not change the Plaxo you already know, except that we look forward to providing more services and features for our users. By becoming a part of Comcast, we believe that we can make our services significantly better for all of our users.

We hope that you will continue to enjoy the services you’re getting from Plaxo, and we intend to keep making them better. But if at any time you no longer wish to be a member of the Plaxo network, you can delete your account at any time – and delete the personal data you have entrusted to us.

If you have any questions, concerns or feedbacks, please feel free to contact me at redgee @t plaxo.com or visit the Privacy and Security section in our community forums and join a public discussion – I’ll see you there.

Redgee Capili
Sr. Director Client Services &
Chief Privacy Officer

For users and developers that care about opening up the social web, one of the key building blocks for establishing a durable and portable online identity is OpenID. Recently the excitement and adoption of OpenID has skyrocketed, with Yahoo! providing OpenIDs for their entire userbase, Google's Blogger both providing and consuming OpenIDs, and several large organizations joining the OpenID foundation. Coupled with the security and usability enhancements added to the OpenID 2.0 spec late last year, it seems that OpenID is really going mainstream.

With the great progress made on the technical (privacy and security) aspects of OpenID and the increased adoption by mass-consumer companies, the user experience of OpenID is increasingly a topic of focus. There's a user-education hurdle to get used to the idea of logging into a site using an account you already have elsewhere, and the experience of bouncing between sites and attaching an OpenID can be jarring. An exciting aspect of Yahoo's approach to OpenID was trying to push the technology itself "under the hood" so users just see a friendly "Sign in with your Yahoo! ID" button and are taken to a familiar Yahoo login page. Now a new startup called clickpass, which is launching today, is taking things even further with their magic one-click signin button that removes the back-and-forth dance entirely, and integrates with a number of popular OpenID providers and consumers--now including Plaxo.

When you go to sign into Plaxo, you'll now see the distinctive orange clickpass button under the "Other ways to sign in" section (alongside our other OpenID integration points). The first time you click it, it will take you to a setup screen on clickpass's site that asks you to log into Plaxo if you already have a Plaxo account, or if you're new to Plaxo, you can sign up for a Plaxo account using your clickpass OpenID (no need to create a separate Plaxo password). Thereafter, when you come to Plaxo and click on the clickpass button, you're immediately signed into Plaxo. That's it, just one click.

It's now definitely the quickest and easiest way to sign into Plaxo, especially when you're on a different computer that doesn't remember your saved passwords. And what's cool is that you can hook up clickpass to a bunch of the sites you use, so you just log into clickpass and get one-click access to all the sites you've attached. And that first-time merge/signup page you get when using a new site is always the same, since it's hosted by clickpass. So the idea is that users should quickly learn how to sign into any site that supports clickpass, since the button is recognizable, the user flow is always the same, and the whole process is designed by a company that's primary focus is OpenID usability. Hopefully this will also encourage more sites to start consuming OpenIDs, since now there's a stronger case to be made that it's something mainstream users can understand and benefit from. There's still more work to be done on OpenID technology and usability of course, but this is a major step forward.

Today marks a tremendously important milestone for believers of an Open Web. Yahoo! has announced it will provide OpenIDs for its nearly 250 Million users, meaning they will all be able to carry their digital identity with them in a secure way and use it to interact richly and securely with sites across the web. In parallel, Plaxo has also just released full support for consuming OpenID 2.0, which means among other things that all those Yahoo! users will be able to join Plaxo and use it to synchronize their data without having to create and manage yet-another-login-and-password. And of course so will the users of any other site that supports OpenID. That’s the great thing about open standards—the more people use them, the better they get.

Having a company as big and important as Yahoo! embrace a grass-roots, open-web standard like OpenID is a major accomplishment and validation. OpenID is now officially a mainstream technology, and the proof is that millions of users will now be able to take advantage of it, without ever knowing what OpenID is, how it works, or that they’re even using it. That’s because OpenID 2.0 (which was finalized late last year) includes a number of security and usability enhancements that will make it “just work” for mainstream users. In addition to the current “sign in with your OpenID” functionality on Plaxo, you will soon see a simple button that says “Sign in with your Yahoo! ID”. When you click this button, you’ll be taken to Yahoo!, where you sign in as you normally do, and you’ll be asked if you trust Plaxo to know who you are. Once you consent, you’ll be taken back to Plaxo, and presto! We create an account for you that’s tied to your Yahoo! account via OpenID. When you want to log into Plaxo, you log in via Yahoo, and Plaxo knows who you are and that you’re logged in, thanks to some cryptographic magic on the backend that you never have to worry about. All you know is “I use Yahoo, and now I can use it with Plaxo too.” That’s what it feels like when open social web technology really works.

And that’s just the start. The reason people are excited about OpenID—and the reason Yahoo! has chosen to embrace it—goes far beyond the convenience of single sign-on. The real power of OpenID is that it’s a key building block for giving users a durable and meaningful digital identity that they can use across the entire web. In an OpenID world, the services you use will really know who you are (because you can prove it with OpenID), and they’ll be able to talk to each other in a rich and secure manner (because you are now the same person to both sites). So, you’ll be able to consolidate your online identity (to the extent you want to, of course) and present a unified view of who you really are. And your friends will do the same. So when we talk about an “open social web” where you can stay in touch with the people you care about even though you’re all using different tools and services, this is what we mean. And this is how it’s going to happen. And today it just got real. If you can’t tell, we’re pretty excited.

=joseph.smarr, chief platform architect

At this week's Internet Identity Workshop, all the pieces finally came together. We now have the tools we need as a community to really make friends-list portability work--a way to give users back the control and power they deserve to take their local piece of the social graph with them wherever they go. And most importantly, a way to do this all securely, with respect and control for privacy and also the ability to find people that want to be found. There's no more need to wait. Game on.

The three missing pieces that came together at IIW were OpenID (version 2.0 is now final), OAuth (version 1.0 is now final), and clarity on the roles and responsibilities of users, social networks, and social applications in an open social web. IIW brings together an incredible community of people, and it's a major accomplishment for the web that all these technologies are now ready for prime-time.

I hosted a session at IIW in which I sketched a vision for how these pieces could come together to enable practical friends-list portability, and everyone was enthusiastic and supportive. And this included people from Google, Yahoo, AOL, JanRain, claimID, and members of the grass-roots community. In fact, I couldn't get anyone to pick a fight with me over any of technical or privacy details, and this is a group that prides itself on picking fights over technical and privacy details! So I think we're on to something big.

Here are the slides from my session (PPT, 408K), as well as detailed session notes from Chris Messina. If anyone has any further or feedback, please leave a comment here. Several people have also asked how they can help move this project forward more quickly. I think the next step is basically to do some strawman implementations of the various specs and glue code, and then to try and get it built into social networks and applications that "get it". Let me know if you'd like to get involved in this community effort to open up the social web (this complements ongoing work from fellow Open Social Web trailblazers like Brad Fitzpatrick, David Recordon, Tantek Çelik, and others).

And as far as Plaxo goes, the fact that these technologies now have final specs and the IIW community has blessed the vision for friends-list portability, you can expect us to step on the gas here in a big way. This is what Plaxo does best: we help you get your data out of sites and services that don't otherwise make it easy, and we make it work for you everywhere you go. There are a lot of sites that know who-you-know and a lot of social applications where you want to find people you already know. These open standards provide the foundation for solving this current inefficiency, and Plaxo is going to help put the solution in the hands of millions of users, sooner not later. This will be a major focus for us in 2008, and you should expect to see a lot more happening here very soon. It's going to be a good year for the Social Web!

--Joseph Smarr, Chief Platform Architect

In June we introduced the public beta of an all-new Plaxo, and we’ve been working hard ever since to get it ready for a full migration for all users. Plaxo 3.0 bridges the gap between the most popular communications tools and services across the web. This "sync and share" vision allows our users to synchronize their address book, calendars, tasks and notes to more sync points than ever before - like Hotmail, Google Mail, Yahoo! Mail and LinkedIn - with more on the way. These will now join the familiar sync points we've supported in the past (Outlook, Outlook Express, Macintosh Address Book, Thunderbird, AOL and AIM).

In addition to more support of third party web applications, we're also launching the next generation social network, Pulse. Unlike other social networks, Pulse is built from your own address book, a true social network where you can selectively share and converse with people you really know and care about. Pulse feeds you information about your contacts from a growing list of social web sites they use. This aggregation of life news about the people you truly know builds on the idea of keeping you connected.

And with the introduction of these new features of Plaxo 3.0, we remain faithful to our Privacy Principles because it's what you would continue to expect when sharing your personal information. Simply put, these principles comprise of:

• Control over your information,


• Freedom from unwanted communications, and


• Trust that your information will not be shared or sold.

Having already one of the strongest privacy polices in the industry, we continue the effort to keep the policy simple, easy to understand and clear on in its intent. And of course, our privacy practices will continue to be validated and certified by one of the most trusted third party privacy watchdog, TRUSTe.

In the spirit of openness, we’d like to explain some minor changes we’ve made to the Privacy Policy with the launch of Plaxo 3.0.

Expanded Synchronization Functionality
Because we've expanded the Plaxo service's sync capabilities to include sync with third party web applications like GMail, Yahoo! Mail, Hotmail and a growing list of additional end points, we now need to maintain your credentials to those third party web services. As a result, the definition of "Your Account Information" has been expanded to cover these passwords for third party services; it has also been expanded to cover profile information such as photos and physical location.

Lost Password and Password Reset
One of the big changes we made was our Password Renewal Process. In the old process, a user attempting to reset their lost password would have to answer a security question (set by the user during registration) before we would send an email to user's registered email address. This email would contain a link to a secure page where the user can reset their password. This 2-stage approach required that the user remembered their security answer as well as have access to their registered email address. The failure rate, and user complaints, on the renewal process was very high because users would often forget their security answer.

As we studied how the industry handled the lost-password problem, we soon realized that many of the big ISPs and ecommerce sites used a much simpler email round-trip confirmation approach. It's essentially like our previous approach, but without asking a security answer. And because the password renewal process on partner sites used this same round-trip confirmation method, we decided to adopt it. Through a lengthy beta test, user complaints are non-existent and password reset requests have a high success rate.

Other Clarifications
Finally, different sections of the Privacy Policy have been expanded to further clarify their intent, based on questions, feedbacks and suggestions from members, enterprise partners and privacy advocates.

• We clarified the use of aggregated and anonymous demographic information with our business partners for purposes such as spam and fraud prevention. However, no such information will be linked directly to your personally identifiable information. You may elect not to have Your Information used for such purposes.


• We may use Your Information (which is, collectively, your account information, your contact list and PIM information) to better provide you with personalized content programming, instructions and services, for license reporting, to better understand our product usage on an aggregated basis, to verify access rights, to provide you with information about Plaxo and to allow you to purchase and use Plaxo.


• We clarified that our Privacy Policy also applies to data from people using our services through third parties integrating Plaxo functionality through our application programmer interfaces ("APIs") or otherwise.


• We clarified the Rights of Others (Your Contact List) who may fail to recognize you as a known contact and what actions Plaxo may take.

As our company continues to grow and provide compelling new features, it’s imperative that we uphold the same values and principles that got us here. You can find out more about our privacy pledge by visiting our Privacy page. This page contains anything and everything that you need to know about our Privacy Policy, a history of changes to the policy and other resources to help you better understand our position on data ownership and security safeguards, as well as helpful frequently asked questions specific to the matter.

If you have any questions, concerns or feedbacks, please feel free to contact me at redgee @t plaxo.com or visit the Privacy and Security section in our community forums and join a public discussion – I’ll see you there. Finally, I hope that you give the new Plaxo 3.0 a test drive. It’s our best one yet.

Redgee Capili
Sr. Director Client Services &
Chief Privacy Officer

Ever since I started working on the "open social web", I’ve wanted to co-author some kind of crisp and clean manifesto or "bill of rights" to explain to all the social sites what their users will increasingly ask of them, and what specifically these sites can do to "be open". While there's plenty of room for discussion about various implementation details, it's become increasingly clear to me that if sites just do a few things right for their users in terms of openness--both technically and by having the right spirit--the rest can be layered and tweaked and otherwise made to "just work" for users.

Last week, I met with Marc Canter, and we found that our notions for how the open social web should come about were very much aligned. Over the course of several hours, we developed a lengthy, bulleted list of thoughts, philosophies, and pragmatic approaches. As we reviewed that outline, a set of core ideas stood out to us, which we could succinctly frame as a "Bill of Rights for Users of the Social Web." In the following days, we circulated a draft with a number of thought leaders in the community, and were pleased to have Robert Scoble and Michael Arrington offer their support and sign-on as co-authors of the document.

That Bill of Rights has now just been published at http://OpenSocialWeb.org. The document lays out the basic rights that users should demand from any social site they use, with respect to ownership, control, and freedom of movement of their personal information. It also describes four things that sites need to do if they want to be truly supportive of those fundamental rights.

I realize that not every company that operates a socially-enabled web app will readily agree with the ideas put forth in this Bill of Rights. Handing over ownership and control to the users might even seem crazy to some. But from our own experience at Plaxo, as the custodian of millions of our users's personal address books, such user-centric policies are good for business as well as good for users. For years, Plaxo's privacy policy has included these core principles:

• Your Information is your own and you decide who will have access to it.
• You maintain ownership rights to Your Information, even if there is a business transition or policy change.
• You may add, delete, or modify Your Information at any time.

And to be clear, "open" doesn't necessarily mean "public". Plaxo users generally consider their address book data to be extremely private, but they still want the ability to get it in and out of the trusted tools and sites they use (such as Outlook, Mac address book, Yahoo!, etc.). And "open" also doesn't mean "less control over who can see what"--each site will decide what user experience works best for their users. What matters is that whatever data your users can see, they should also be able to syndicate and use with other services they trust.

We think it’s time for socially-enabled web sites to stop competing over who can build a higher wall to trap their users' data. Instead, we are actively working to make sure that the "social web" is as open and vibrant as the Internet itself. We also firmly believe that the space of social apps is not a zero-sum game--as it becomes easier to find out what other sites your friends are using and to consume that content in novel ways, everyone will end up with more traffic and more satisfied users. We've already seen a bit of this with Plaxo Pulse users discovering and using new social sites by seeing what else the people they know are creating online, but the impact will be far larger when it's distributed across the entire web.

Lastly, this Bill of Rights is part of a larger conversation that has been going on for some time and with many important voices. It echoes earlier work like DigitalConsumer.org's Bill of Rights, follows earlier work in open data portability within the FOAF and microformats communities, and more recently, builds upon the conversations I've had with people like Brad Fitzpatrick, Tantek Çelik, Chris Messina, Dick Hardt, and others about practical ways to bootstrap the solution we all want. I hope the conversation continues to grow, and I hope this helps both sites and their users clarify how they want the social web to work, so that they can collectively make it so.

It’s very exciting to see Brad Fitzpatrick and David Recordon’s thoughts on the Social Graph make it into the public discourse. I’ve been talking off and on with them about the open social web for most of the year, and it’s impressive to see how quickly things are materializing. It also echoes the growing desire that both users and developers have for freeing their data from walled gardens and putting users back in control of who they know. This is something we’re actively working on at Plaxo, and there’s still a lot more to do!

First of all, we agree emphatically with several of the points Brad and David make:

• Users are frustrated that they have to re-build their friends list on every new site they go to, and this also impedes the development of new socially-enabled applications.


• The answer is NOT to have one company own the social graph and require all apps to be re-built on top of a proprietary platform in order to gain access to it.


• We have to help users regain control now, and we can’t assume that all social sites will be cooperative (at least right away), nor can we wait for everyone to agree on a single interop spec.


• Users care about enhanced functionality and convenience being delivered, not about any particular standards or data formats (per se).


• Users won’t generally want all the same friends on all the sites they use, but they do want to know when anyone they know on a given site is also using other sites they also use. In other words, the goal is to aggregate who you know across all the sites you use and then let you choose who to connect to where in what capacity.

Looking at things through the lens of Plaxo, which helps 15+ million people around the world keep track of who they know by syncing their existing address books across the many tools they use, there are also a few additional points we think are important to make:

• While having an open-source, non-profit entity collecting and serving the entire social graph may be better than a single proprietary company or a mess of disconnected companies, we think the ultimate solution has to be that each user owns and controls their own profile and list of friends. Different people will trust different companies to act on their behalf as stewards of their online identity and relationships, but no single entity should ever have to be the gatekeeper for the entire world.


• Our users tell us that the contents of their address book are private and that preserving their privacy is very important. So while some users are happy to declare their list of friends in an open and public way, we feel that dealing with private data is essential, and certainly much more than “10% of the problem”. I think there are ways to separate the details of authentication from the exchange of info, but it’s worth noting that wanting your data to be portable doesn’t mean you want (or need) it to be public—it is sufficient that you can move your data between two trusted parties without those parties needing to agree explicitly a priori to inter-operate.


• Linking and crawling the graph of URLs that describe your profile on different sites to aggregate your profile and friends lists is a great idea (and one we intend to support in Plaxo Pulse). But for many users, e-mail addresses in address books is still the de facto standard for representing their relationships, and we believe supporting linking by e-mail address in the open social web will still be important for the foreseeable future. These are complementary techniques of course, and they can be partially unified by using mbox_sha1sum and similar tricks, but the basic process that most social networks use today of “give me your e-mail address book, and I’ll tell you who you know on this site based on their e-mail address” should not be overlooked. Sites will differ on how much access they give you to other users’ e-mail addresses, but I think there are ways to make it work that may actually be simpler than assuming that profile URLs are the main identifiers to deal with.

These are exciting times and I’m thrilled to see so many people getting involved in these important discussions. You can count on Plaxo to stay involved, both in the discussion and as a service that will support emerging open standards and best practices for keeping users in control. It’s hard to say yet how this will all turn out, but it’s great to see the momentum building for the opening up of the social web.

If you've been following some of the postings here on this Blog as well as elsewhere on the blogosphere, you know there's been much discussion regarding 'acquaintance spam' and abusive use of the Plaxo service. Much of this abuse can be traced to the once-prominent Update Contact Wizard (UCW) feature. The UCW allows members to select individuals from their address book and send them an email asking for updated contact information.

Todd Masonis already wrote about some of the steps we are taking to prevent potential abuse. All of these changes are now in place. I believe the most significant change is the removal of the UCW from the new registration flow. Previously, when someone would join Plaxo, a new user was encouraged to update their address book by running the UCW. As a result, new users accounted for the vast majority of update request emails sent. Today, the UCW has been removed from the new user registration flow. New or existing users are no longer encouraged to run the UCW and the UCW button has been removed from the Plaxo Toolbar. Furthermore, newer Plaxo clients such as Thunderbird, Mac, and AIM do not include the UCW.

For members who may continue to run the UCW, perhaps because they have an older Plaxo Outlook client or they launch the UCW manually, we have also added additional service controls which limit the number of update requests a member can send. Additional throttling controls are also in the works, and we are actively moving away from using update request emails entirely. We hope and believe these changes will make a big difference, but we intend to remain vigilant in our efforts to eliminate any abusive use of the service. To that end, we would appreciate your help in the effort by reporting to us any inappropriate or suspicious use of the Plaxo service.

Reporting Abuse:

If you feel your privacy has been violated or that a member is abusing the Plaxo system, we ask for your assistance in reporting the abuse to our Plaxo Abuse Department (abuse @plaxo.com). We take every report of abuse very seriously, and each report is investigated and followed up on.

One of the coolest aspects of Plaxo is that your address book is self-updating. When Plaxo members in your address book change their contact information, it also gets automatically updated in your address book. Vice versa, when you change your contact info on Plaxo, people who have you in their address book can get your latest info. The importance and value of this feature is increasing rapidly as the Plaxo network continues to grow and the percentage of Plaxo members in your address book continues to rise.

Today we are enhancing this core feature by giving Plaxo members greater control over how they notify others and receive notification of such changes.

Receiving Member-to-Member Notifications

New choices, now available from your communication preferences, include:

• Daily or weekly digest. Instead of getting individual member-to-member e-mail notifications each time someone changes their contact info, you can choose to get a single weekly message.
• Silent update. You have the option to suppress member-to-member notification e-mails globally, or for specific individuals in your address book.

Communicating Your Own Changes

When you’re updating your own contact information online you also have a new “silent mode” option, which still automatically updates Plaxo members who have permission to see your contact info, but withholds sending them an e-mail notification. This option is particularly useful when making small changes to your contact info.

As always, you continue to have control over who gets your home or work contact info via your sharing options .

We hope these changes improve the Plaxo experience even more and as always, we want to hear what you think.

--Dassi Shusterman, Plaxo Product Manager

I came across the following blog today titled: Outted by Plaxo. In his article, the author warns people of blowing the news of an upcoming job or acquisition by prematurely updating your Plaxo cards.

I think this is good advice, and something I'd like to echo here.

The great thing about Plaxo is that it works to keep you updated and connected at all times. When you modify your details, Plaxo automatically updates the address books of other connected members, and these updates occur in near-real time. We certainly want to encourage you to keep your details updated and accurate, but you should also be careful not to inadvertently update others of change events sooner than intended.

To assist in this, a soon-to-be released version of Plaxo will bring some welcomed improvements to the process of updating your Plaxo cards. Prior to saving your updated details, Plaxo will remind you connected members will be automatically updated with your new details. You will also have greater control over the member alert normally generated by your update. You'll soon be able to keep your friends and family members updated with your new details, but if you would prefer the update to be silent (ie: no alert generated), you'll now have that cability. We'll blog more about these features once they are released.

PS: Here are a couple of blogs that highlight how Plaxo alerts have been useful in notifying members of changes in their network. I guess this makes Plaxo an early indicator of job market activity :-)

We try to keep up to speed on what the blogosphere can tell us about how people are using Plaxo. Lately we've seen a few examples of people finding out about important news through their Plaxo network before hearing it through other channels.

First, it looks like Plaxo can help people keep up on employment trends. Dave Evans of Corante blogged about the flight of top people at match.com, which he found out about through Plaxo.

Plaxo also tipped off Derrick Oien that something was happening with SplashBlog, a mobile blogging software company that recently got acquired by Six Apart.

We think it's cool that Plaxo is keeping people updated about what's going on with their friends. Just remember: if your Plaxo cards are public, people you have you in their address book will see the changes you make... but that's the whole point, right? :)

I've spoken with many people who love Plaxo and it's ability to help them stay in touch with friends, family, and co-workers. Most of these people were first introduced to Plaxo when they received a Plaxo Update Request email sent to them by a Plaxo member. The Update Request led them to responding to the member and then optionally trying the Plaxo service for themselves. The rest as they say, is history. But what's most interesting is, as useful as they can be, Update Requests are arguably the single most controversial feature of Plaxo.

I wanted to examine this topic in greater detail by answering some of the common questions I'm often asked about Update Request emails.

Q: What is an Update Request email?

A: Quite simply, an Update Request is a way to stay in touch through the use of email. It is the most effective way for Plaxo members to stay in touch with non-Plaxo members. With the Update Request email, the Plaxo member sends their updated contact info as a vCard attachment to a selected contact. The recipient can easily add the Plaxo member's information to their own address book with a single click. The recipient can also respond to the Update Request with their own contact details. Any updated info the recipient provides is inserted back into the Plaxo member's address book automatically.

But once two people are both Plaxo members and connected to each other, Update Request emails become a thing of the past. Two connected Plaxo members can automatically stay in touch with other without the use of emails or manual updating.

Q: What makes Update Request emails so controversial?

A: Update Request are delivered via email to the selected contact. Unfortunately, spam and other junk email has made people very protective about what arrives into their Inboxes. For some, they may feel update request emails are an unwanted intrusion on their privacy and they would prefer not to receive Update Request emails sent to them by Plaxo members. It is beyond our service to determine how a member may have acquired a person's email information or why they wish to stay in touch, but I have found there is typically some reasonable explanation.

Nonetheless, Plaxo does provide a mechanism for people to instruct us to block further update requests sent to their email address through Plaxo. An opt-out link is included within each Update Request email processed through Plaxo. While we can not stop someone who maintains a person's email addreses from attempting to send an update request, as the service provider, we can block the message as it is processed through our service.

Q: Who sends Update Request emails?

A: Plaxo members send Update Request emails. Plaxo members control when, to whom, and the personalized message content of each Update Request message sent to a contact. Plaxo members send Update Requests to selected contacts within their own address book that they wish to stay in touch with.

Plaxo does not send Update Request messages. We act as a service provider for the processing of Update Requests messages and any responses the Plaxo member may receive. This is similar to sending an email through Yahoo! The user selects when, to whom, and the personalize message content of the message and Yahoo! processes their message and attempts to deliver the message to the specified recipients.

Q: Then why do some people believe Plaxo is the sender of Update Requests emails?

A: There may be a variety of reasons why some people incorrectly believe Plaxo is the sender of Update Request emails:

• Messages are delivered from Plaxo servers: Each message is processed through our service and therefore originate from our servers. The FROM: identifies the Plaxo member's email address which we feel properly identifies the true sender of the message. But it may appear suspicious that a friend's message is originating from a different domain.
  
• Plaxo branding and formatting included within Update Request: Plaxo formats each Update Request message into a standard HTML template. The layout includes the member's personalized message along with an easy to read "card view" of the recipient's contact details the Plaxo member currently maintains. It is obvious the sender did not format the message themselves, which may lead people to incorrectly believe the message was sent by Plaxo.
  
• Other services: Other Internet services utilize email to send "invitations" to a person's contacts. Unfortunately, some of these services DO send out "invitations" automatically, and people may mistake Update Request for these other automated "invitations".
  
• Impersonal messages: For each Update Request, Plaxo provides default message text which the member can personalize to their own liking. But if the message is left with the default text, people may not recognize with the sender and feel the message was generated automatically.
  
• Excess Update Requests: if multiple people with common friends join Plaxo, this may result in multiple Update Requests being sent from these different members to the same recipient. The recipient may feel Plaxo is sending them multiple requests on behalf of their friends.
  

Q: Do I need to be a Plaxo member to respond to an Update Request email?

A: No.

Q: Are Update Request emails spam messages?

A: Absolutely not! Update Request emails are exactly the same type of emails a person might send when they are changing jobs or moving addresses in order to update their friends and family. The only difference is, the member has chosen to use Plaxo to simplify and improve the overall process.

Plaxo does not send spam, nor support the activities of spammers. Plaxo's Terms of Service specifically prohibits Plaxo members from using Plaxo to send spam. Spamming may include:

• sending an Update Request that is commercial in nature
  
• sending an Update Request to someone the member does not truly know, or who is unlikely to recognize the member as a known contact
  
• failing to respect the privacy of another by continuing to send them update request messages even after requesting the member stop.
  

If someone believes a Plaxo member to be in violation of our Terms of Service, they may report the potential abuse to our Privacy and Abuse Department (abuse @t plaxo.com), where the report will be investigated and followed up on, including the possible removal of the member from the Plaxo Service.

Q: Is it necessary to send Update Requests emails in order to be a Plaxo member?

A: No. There are many Plaxo members who never send an Update Request message or only send Update Requests to a few selected individual contacts. These people primarily use Plaxo for the other provided contact management features and benefits. The choice is left to the Plaxo member.

Q: What is the proper Etiquette when sending Update Request emails?

A: I'm so glad you asked! Please see our Plaxo Etiquette Guideline.

I noticed the Anti-Spyware Coalition (ASC) recently released their final working report of Spyware definitions. They offer the following definition for Spyware and Other Potentially Unwanted Technologies:

Technologies deployed without appropriate user consent and/or implemented in ways that impair user control over:
- Material changes that affect their user experience, privacy, or system security;
- Use of their system resources, including what programs are installed on their computers; and/or
- Collection, use, and distribution of their personal or other sensitive information.

I think the coalition has done a great job in trying to define what spyware and malware are and I hope their efforts prove beneficial in fighting these types of unwanted technologies. We fully support their efforts and you can/should too!.

I recall back in the early days of Plaxo (yes - all of two and half years ago), the occasional claim that Plaxo was spyware. Many of these claims were traced back to an erroneous article that stated Plaxo hacked Outlook profile passwords as we collected personal information. The reporter of the article later retracted his statement, saying he was misinformed and apologized for passing along erroneous information. Unfortunately, this was well after his misinformation was widely distributed and repeated by others.

But this incident underscored the need to better educate people about spyware, which is part of what the ASC is designed to do. The ASC is committed to improving anti-spyware tools, users' understanding of their options, and communication among all stakeholders about how the technology works. They are certainly not alone in the fight against spyware, so by helping to define what spyware is, anti-spyware vendors can focus their attention on improving their anti-spyware tools. What I really like about the work the ASC has done so far is how it focuses the definition on unwanted behavior, while leaving the door open to continually modify the definition over time.

From Plaxo's perspective, thankfully as we've has grown over the past few years, I feel we've overcome many of the early misperceptions. There's certainly more work to be done, but I do feel people recognize Plaxo as a trusted service and software.

Most people understand that Plaxo is an online contact management service with an optional software component. We provide proper notice and require explicit member consent prior to joining Plaxo and installing the software. Plaxo includes no additional software components, and does nothing to impair a member's control over their own system. We've made great effort to ensure our Terms of Service and Privacy Policy are written in plain and simple language, and should someone wish to remove Plaxo, the software can easily be uninstalled. These are the proper behaviors of legitimate software, which I'm sure the ASC would agree.

If you want to learn more about the Anti-Spyware Coalition, be sure to check out their web site: http://www.antispywarecoalition.org/.

To my knowledge, Plaxo has never been the target of a phishing attack. Unfortunately, in today's world, phishing attacks are a concern for EVERY company.

The best defense against these types of attacks is user education. We have published our Plaxo Anti-phishing Guidelines to help educate users about phishing and guard against possible phishing messages. By learning more about Plaxo’s web and e-mail practices, Plaxo members can avoid becoming unwitting phishing victims.

Our guidelines can be found here: http://www.plaxo.com/privacy/antiphishing

Recall my earlier post about receiving an IM from Peter L. When AIM first popped up, I didn't initially recognize Peter as a known contact so I was understandably wary of responding back. Peter was able to IM me because he detected my AIM presence through Plaxo. He could see my AIM presence through Plaxo based on my AIM privacy settings which allowed him to look up my AIM Screen Name based on my email address.

It occurs to me that as AIM presence becomes more prevalent, I suspect others may find themselves in a similar situation. I started to wonder if there was a proper etiquette when communicating with someone through IM, in particular with someone who may not recognize you as a known contact.

We face a similar problem with Plaxo, so we've published our Plaxo Etiquette guide that all members are encouraged to follow. I thought for sure there must exist some type of etiquette for IM. To my surprise, I wasn't able to find any specific etiquette guidelines available on any of the major IM services (AOL, MSN, YIM) (actually, Microsoft did have an Instant Messaging Etiquette Guide that had some very good suggestions, but I felt this was slightly different than what I was looking for). I was able Google a number of helpful articles on IM etiquette, but here are a few of my own IM Etiquette suggestions:

- Don't use IM for initial introductions. Try to establish some type of relationship prior to using IM.
- Introduce yourself, especially if you are contacting someone unexpectedly. Make sure they know who you are and how you know each other.
- Be brief and on topic.
- Ask if it's OK to "talk" before jumping into the conversation.
- Use, don't abuse. Respect your contact's privacy. Just because you can see their AIM presence, doesn't mean you should use it.

In my case, I was fortunate because Peter did follow proper IM etiquette. He reminded me how we know each other, and we were able to quickly address his questions.

'til next time.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

A member asked me today, "Is AOL buying Plaxo?"

He had read the press release about how Plaxo and America Online have formed an agreement to help AOL members and AIM users to better manage contact information. He had also read AOL's Release of the Preview Edition of New AIM Triton Software that features a Plaxo-enabled AIM Address Book.

My answer to him was, No - these announcements do not mean AOL is purchasing Plaxo. They simply mean that Plaxo is powering and enabling the AIM Address book with the AIM Triton release, which in itself is very exciting news. More information on the Plaxo/AOL agreement is available on our web site.

Certainly I can't speak to the future, but the question also reminded me of what would happen if a business transition did occur for Plaxo. What would happen to a Plaxo member's information? Fortunately, we detail this in our Plaxo Privacy Policy, under the "Change of Ownership or Other Business Transition" section:

In the event Plaxo goes through a business transition, such as a merger, acquisition or the sale of all or substantially all of its assets (a ?Business Transition?), your membership in the Plaxo Network? and the Plaxo servers containing Your Information will, in most instances, be part of the assets transferred. In such event, you will be notified via e-mail and/or through a notice on our Web site and any other appropriate methods prior to the Business Transition, and Plaxo?s custody of Your Information will be transferred subject to all the terms and restrictions in this Privacy Policy.

Following a Business Transition, Plaxo or its successors will continue to use Your Information in accordance with the Privacy Policy under which the information was collected. If, however, we plan to use Your Information in a manner different from that stated at the time of collection we will notify you via e-mail and/or through a notice on our Web site and any other appropriate methods. You will have a choice as to whether or not we use Your Information in this different manner. Whether or not you wish to have Your Information used in this different manner, you will retain ownership rights to Your Information and the ability to delete Your Information at any time. Please note, if you have deleted or deactivated your account with the Services or are an opt-out User, then you will not be contacted, nor will Your Information be used in this different manner.

I've found most services do not outline what happens should a business transition occurs, but I wish more would do so. We've found that it adds to the transparency of our company, as well as our privacy practices. It allows people considering our service to better understand how their information is used and stays protected. And that I feel only helps them to make a better and more informed decision.

'till next time.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

I had previously corresponded with Peter only through email on some privacy questions he had on Plaxo. He wanted to thank me for my previous response (and of course, ask another question :-).

Peter was able to contact me through IM by noting my AIM presense in Plaxo Online. What was interesting though (at least to Peter), he was able to detect my AIM presense, even though he did not know my AIM Screen Name.

But how is this possible??? Was this a breach of my privacy or security?

Of course, the answer is No - my information is safe and secure as always. But then how was Peter able to contact me through my AIM Screen Name that he did not know? The answer lies in how I have set for my Privacy Settings for my AIM account and how AIM presense works.

My AIM Account Settings

When I registered for AIM, I validated my email address to my AIM account. I also configured my AIM Privacy settings to allow others to look up my AIM Screen Name based on my email address. Basically, I am allowing others to type in my email address and be returned my AIM Screen Name.

Because Peter knows my email address, Plaxo was able to utilize AOL's API, and based on my AIM Privacy Settings, look up my AIM Screen Name associated with my validated email address. Plaxo then shows my AIM presense next to my email address in Peter's address book. I can always change my AIM privacy settings to disable this look up if I do not wish others to see my AIM presense.

Fortunately, I understand what's going on here. But I suspect that as AIM presense becomes more widely available to Plaxo members, there may be confusion by some members on this new feature. Both our Support and Privacy teams are ready to answer any questions on the matter. But hopefully, there won't be too much confusion, and members will be very excited by this new way to stay connected.

Peter was able to use AIM presense to easily connect with me again, and effectively communicate with me quickly and easily.

'till next time.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

A member asked me today, "What happens when I change my Plaxo card information?".

I get this question from time to time, and each time I hear it, it makes me realize it's not always clear to people exactly how Plaxo works and how we solve the problem of staying in touch. After all, when it comes to staying in touch, there are really two sides to the problem.

On one side, you want to stay in touch with people you know by being updated each time they change their information. Preferably, this updating occurs automatically, so you don't have to bother with manually updating entries in your own address book when your contacts change their information.

On the other side, you want to update people who know you each time YOU change own information. Presumably, you'd want to update these people automatically whenever your information changes so as to NOT require manually informing and updating these people.

The two sides work hand-in-hand, and in the case of Plaxo, are highly dependent upon your Plaxo card Privacy settings. Your address book gets updated automatically when another member changes their information because that other member has allowed you to be automatically updated. Plaxo can only update entries in your address book if that respective contact (who is also a Plaxo member) grants you access to their updated Plaxo card information. We refer to this as "Card Sharing".

I find that people generally understand that Plaxo helps solve the first part of staying in touch. People often say to me, "It's great - Plaxo helps me to keep entries in my address book updated automatically!!!". But perhaps it's less evident that Plaxo also keeps others updated automatically when you change your own information. This takes us back to the original question, "What happens when I change my Plaxo card information?".

When you update your Plaxo card information, those other Plaxo members that you have permissioned to view your Plaxo card will be automatically updated with your new information. Before Plaxo will automatically update another member:

• The person must be a Plaxo member,


• They must have permission to your Plaxo card(s) based on your Privacy settings,


• and they must know you (ie: have you in their address book)

The final thing to understand is how your Privacy settings affect who will be automatically updated.

• If your Privacy Setting is set to "Members", you will automatically update any other Plaxo members who know you (ie: have you in their own Plaxo address book). The Plaxo member being updated does not need to be in your own address book
  
• If your Privacy Setting is set to "Contacts", you will automatically update other Plaxo members who know you (ie: also have you in their own Plaxo address book) if the member is ALSO in your own Plaxo address book.
  
• If your Privacy Setting is set to "Private", you will only automatically update those Plaxo members who you have previously sent your Plaxo card to directly (ie: you sent them an update request message).
  

Note: a greater explanation of Plaxo Privacy settings is available here:

Hopefully this sheds greater light on how Plaxo works and how we help solve the problem of staying in touch. If you have any further questions, please let me know.

'till next time,

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

One of the most important aspects of Plaxo is how members share their own Plaxo card information with other Plaxo members. By sharing their Plaxo cards, Plaxo members are able to automatically update other Plaxo members each time they change their information. Plaxo provides a very robust and flexible permissioning scheme which allows the Plaxo member to determine how and with whom they wish to share their information.

One way members share their information is by explicitly sending a contact their information as part of a Plaxo Update Request message. For example: when Alice sends Bob an Update Request message and includes her Plaxo Business Card, she has permissioned Bob to view and access her Plaxo Business Card. Should Alice change her Plaxo Business Card information in the future, Bob will be automatically updated (assuming Bob is also a Plaxo member, and maintains an entry for Alice in his own Plaxo managed address book).

The other way Plaxo members share their information is through the Privacy Options of their Plaxo cards (configured at installation time or by editing your Plaxo cards). Plaxo has always supported two Privacy options: Private and Members. We recently introduced a 3rd Privacy option: Contacts.

Here's a brief explanation of each:

Option 1: Members (formerly called Public)

Any Plaxo member who has your e-mail address or screen name in their address book will be able to access your Members permissioned card.

Option 2: Contacts

Only other Plaxo members in your own address book will be able to access your Contacts card.

Option 3: Private

By default, no one will be able to access your Private card except for those people you explicitly send your cards to or individually permission.

Each Plaxo member has two Plaxo cards - a Plaxo Business Card and Plaxo Personal Card. By default, the Privacy Option is Members for the Plaxo Business Card, and Private for the Plaxo Personal Card.

Many members prefer the Members privacy option for at least one of their Plaxo cards due to its ability to automatically update other Plaxo members who already know them. If these friends, family, or associates already maintain the member's email address within their own Plaxo-managed address book, Plaxo will automatically update these members. The member does not need to manually send these other Plaxo members his Plaxo card information.

For example:

Alice permissions her Plaxo Business Card for Members. Carl has Alice in his Plaxo address book and gets automatically updated each time Alice changes her Plaxo Business Card. Alice does not need to have Carl in her own address book, nor does she need to send Carl a message when she changes her business information.

Other members prefer to maintain complete control over their Plaxo card information by marking both Plaxo cards as Private. Under this configuration, no automated updating occurs until the Plaxo member establishes a connection with another Plaxo member by explicitly sending his Plaxo card to the other Plaxo member in an Update Request. Once a connection has been established, Plaxo automatically updates the other Plaxo member anytime the member's Private Plaxo card information changes.

For example:

Alice permissions her Plaxo Personal Card as Private. Alice sends her Plaxo Personal Card to Dan. Dan's Plaxo Address Book continues to be updated automatically each time Alice changes her Personal Card. Alice does NOT send her Personal Card to Carl, so Carl is not updated automatically when she changes her Personal Card.

The Contacts privacy option offers a nice middle ground between the Members and Private privacy options. This option allows the member to control which other Plaxo members they share their information with to the contacts they maintain within their own address book. If any of these contacts are also Plaxo members, Plaxo will automatically update the entry they maintain for the member.

For example:

Alice permissions her Plaxo Personal Card as Contacts. Edward is in Alice's address book and also a Plaxo member. Plaxo automatically updates the entry for Alice in Edward's address book each time Alice changes her Personal Card information.

Greg is also in Alice's address book and a Plaxo member, but does not have Alice in his own address book. Though he has permission to Alice's Personal Card, there is nothing for Plaxo to automatically update.

The Contacts privacy option is currently only configurable through Plaxo Online. It will also be available through the Plaxo Toolbar for Outlook and Outlook Express with an upcoming client release, but for people who wish to take advantage of this new Privacy Option today, they can do so by editing their cards through Plaxo Online.

Till next time.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

From the desk of the Privacy Officer...

Much has been written and discussed regarding Plaxo Update Request messages, the messages that Plaxo members chose to send to selected contacts within their address book. Update Request messages serve to update the recipient with a member's latest contact information and to optionally request the recipient update their information with the member. Update Request messages continue to be one of the most fundamental methods Plaxo members use to stay in touch with contacts who are not Plaxo members. But Update Request messages have not been without their own controversy, often as a result of improper usage by Plaxo members.

Whenever a new technology is introduced, there always seems to be a "breaking-in" period during which people start to establish what is proper usage behavior. After all, remember when it was common to hear a handful of cell phones going off during a movie or play? Or in responding to e-mail, some people ALWAYS SEEMED TO USE CAPS?

Thankfully over time, it became apparent to most people what is the conventional norm and a proper etiquette has been established. Sure you still hear the occasional cell phone ringing in the theater, and my Uncle Ted still hasn't figured out how to turn off his CAPS LOCK key, but fortunately these occurrences are more the exception than the rule. It's clear that as users adopt a proper etiquette, the technology becomes more useful and accepted by everyone.

And I believe these same rules apply to Plaxo. So to help people understand the proper netiquette when using Plaxo, we've published our own set of Plaxo manners. Plaxo Etiquette includes 5 common sense tips that should help Plaxo members to be better net-citizens and make Plaxo more useful and beneficial to everyone.

• Keep it to the facts.


• Know who you want to know.


• Use the personal touch.


• Tell them who you are.


• Respect others� privacy.

The complete Plaxo Etiquette is published under the Security and Privacy section of our web site. I invite everyone to take a read, let us know your feedback, and as Brad Hamilton once told Jeff Spicoli in Fast Times at Richmond High, "Learn it. Know it. Live it".

Till next time.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

It has been a little more than two months since I joined the talented team at Plaxo as their new CEO. Not surprisingly, it�s been something of a whirlwind. I feel as if I�m already at least two years behind on my e-mail.

Before I started the job, my wife gave me a book written specifically for new CEOs. I forget the exact title (the book itself is now in the seat pocket of an airplane somewhere over the Midwest), but it was something like, �How to Avoid Screwing Up in Your First 90 Days.� One of the book�s primary recommendations was to spend as much of the first few months as possible listening. In particular, the authors recommended that new leaders exploit the temporary luxury of uncluttered calendars and unbiased ears to speak with as many customers, employees, fans, and critics as possible.

I have tried to take that lesson to heart. Here�s what I�ve learned after two months of listening:

• Plaxo�s members are an incredibly diverse group. They represent over 85 countries, and they span the gamut from college students to senior citizens.


• While we have a heavy concentration of subscribers in �client-centric� positions (e.g. sales executives, small business people, financial planners, and real estate agents), we�ve also attracted loyal followings among brides-to-be, administrative assistants, ministers, and large numbers of non-profit organizations. Our members have�not surprisingly�quite different requirements for the service.


• People who have been using Plaxo for a month or more tend to be happy with the product. Our mean customers satisfaction ratings are above 4.2�out of a maximum score of 5.0�on all major criteria.


• However, we have a long way to go to make the initial experience better for our users. In particular, we need to do a better job of explaining the service to first time users.


• Die-hard Mac users want a Mac version. Die-hard Mozilla fans want a Thunderbird Version. (We�re working on it�more in a subsequent posting.)


• About 40% of Plaxo subscribers leverage the service to access their address books and calendars from multiple different e-mail accounts, and now want to use Plaxo to access their address books and calendars on their mobile phones.


• We haven�t done a particularly good job of letting our subscribers know about some of our newer features (e.g. calendar synchronization, Plaxo signatures, "Click-to-Connect," etc.) Over 25% of our subscribers were unaware that these capabilities existed.


• Our birthday reminder service has been extremely useful in promoting domestic tranquility. Every day, we get a number of e-mails from people who say that we have �helped them stay out of hot water� by reminding them of a colleague, friend, significant other, mother-in-law, etc. who was about to have a birthday.


• An increasing number of people who are not Plaxo members are frustrated by the volume of Update Requests that they are receiving from Plaxo members. Rightly or wrongly, they perceive these requests as spam or�at best�an unwanted intrusion. We need to do a better job in enhancing their experience.


• In relation to the point above, we need to establish �Plaxo Manners.� Some of our members have gotten especially enthusiastic about using our product�to the point that they will send update requests to everyone for whom they have an e-mail address, including people that they met three years ago at a conference and haven�t spoken to since. We need to do a better job of encouraging our subscribers to be thoughtful about their update requests.


• In relation to the point above, there are certain categories of people (celebrities, well-known journalists) who already feel too connected, and are not looking to let even more people connect to them. For those people, we offer the ability to block Plaxo requests, but could probably do more. While I know that we could keep Paris Hilton�s address book secure, she might nevertheless find herself receiving lots of requests from people who want to be in her address book and/or felt offended that they didn�t rate as high as Ashlee Simpson or Eminem.

Beyond the practical applications of Plaxo, it appears to serve some very basic social needs as well. One subscriber wrote that Plaxo �helped fulfill a New Year�s Resolution to stay organized and do a better job of staying in touch with the people [they] cared about.� We�re thrilled about this. On the other hand, this same person wanted us to come up with a solution to help with their other New Year�s Resolution�to lose 5 pounds. We�re not quite sure how to help with that.

In short, we�ve made some great progress. However, we still have a lot of work to do. Whether you are a satisfied customer, a skeptical non-user, or something in between�I�d love to hear from you and get your suggestions.

The final two things that I�ve learned in the past two months:

• I owe an enormous debt of gratitude to the three people who ran the company before I got here (Rikk Carey, Todd Masonis, and Cameron Ring). They�and the whole team�got the foundations of the company right.


• It takes far fewer than 90 days for a new CEO to mess up.

Ben Golub
CEO
Plaxo, Inc.

Discuss this post on our forums

From the desk of the Privacy Officer....

With over 5M Plaxo members, we�ve seen tremendous growth and acceptance of Plaxo over the past few years. But we also acknowledge there are administrators who do not feel Plaxo is appropriate for their userbase and some have taken steps to block messages sent by Plaxo members through our service. We respect an organization�s right to determine what is most appropriate for their users.

We�d like to inform these administrators, effective 03/16/05, Plaxo has changed it�s network service provider to Internap to handle all outbound mail messages sent by Plaxo members through our service.

Internap Network Services Corporation (AMEX: IIP), provides high-performance connectivity to more than 1,800 customers worldwide including Nasdaq, Travelocity.com, and TicketMaster. We�ve actually been using Internap for some time now to provide network connectivity for the Plaxo web-site and Plaxo Online (my.plaxo.com), but with this move Internap will now be providing network connectivity for the entire Plaxo service.

All outbound mail traffic now comes from the new IP addresses of: 66.151.128.12 (mx.plaxo.com) and 66.151.150.148 (mx01.plaxo.com). If you are a network administrator, and have determined that the use of Plaxo is inappropriate within your organization, you may need to update your block list with the addresses above. However, before you do so, we would certainly welcome the opportunity to speak with you and address any concerns that you might have.

People might be wondering why we might blog something like this. Our business is based upon trust, and we feel operating in an open and transparent fashion is the best way to earn and maintain that trust.

Open communications is another way we look to build trust and we'd like to invite you to share your thoughts and comments with us. Does your domain block Plaxo Update Requests or do you know of another domain that does? How do you feel Plaxo can improve? Voice your comments to our public User Forum or feel free to contact me directly.

'til next time.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

From the desk of the Privacy Officer�

Given the recent discussion on Plaxo�s Yahoo! Group, I'd like to take the opportunity to reiterate Plaxo's approach for identifying and handling potential abusers of the Plaxo Service. We've found our current approach to be successful in the past and we continue to refine and improve the process as time goes along.

I'd also like to provide a few comments to Plaxo members on proper Plaxo etiquette and usage. And finally, I'd like to provide a few suggestions on how you can help us to ensure the integrity of the Plaxo Service.

Plaxo Terms of Service:
Plaxo is intended for the personal usage of Plaxo members to update and maintain their address book information with known contacts and business associates. When a member joins Plaxo, they agree to the Plaxo Terms of Service, which in part states:

• You may not use the Software, Site or Services to send unsolicited, promotional mass electronic e-mail messages or notifications to one or more recipients or systems (known as "spamming"). Any promotional electronic messages, which are sent in an unsolicited manner to 10 or more recipients, or any series of unsolicited promotional electronic messages to a single user, will be considered as spamming. Spamming also includes (i) sending messages to distribution lists, newsgroup aliases, or group aliases, and (ii) sending messages to recipients who do not know you or who are unlikely to recognize you as a known contact.
• You may not use the Software, Site or Services to upload, post, e-mail, otherwise transmit, or post links to: (i) any unsolicited or unauthorized advertising or promotional materials; or (ii) content which is harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, pornographic, libelous, invasive of privacy or publicity rights, hateful, or racially, sexually, ethnically or otherwise objectionable.

Identifying and Handling Abuse:
Our Abuse Department monitors and investigates the Plaxo activity of accounts that show characteristics of potential abuse, including aspects such as:

• exceptionally large number of contacts being managed,


• excessive number of Update Requests messages being sent,


• and significant number of abuse reports and/or opt-out responses being received.

When our Abuse Department receives an abuse report, we may temporarily disable the member's account while we further investigate. We may also attempt to contact the member in order to better determine the circumstances surrounding the abuse report. In many cases the abuse is unintentional or the result of the recipient forgetting how they may know the Plaxo member.

We may take steps to ensure the Plaxo member is unable to send further messages through Plaxo to the recipient filing the abuse report, as well as request on behalf of the recipient that they be removed from the Plaxo member's local address book. We may also send a friendly reminder to the Plaxo member regarding the proper usage and etiquette of Plaxo before reenabling their account. But should our investigation find an obvious violation of our Terms of Service, we will remove the user from Plaxo immediately.

Plaxo Etiquette and Usage:
In general, we recommend to all Plaxo members they only send Update Requests through Plaxo to contacts they truly know and wish to stay in touch with. Sending messages to recipients who are unlikely to recognize the Plaxo member as a known contact may be viewed as an unwelcomed intrusion by the recipients and lead them to filing an Abuse Report against the Plaxo member. A significant number of abuse reports for the same Plaxo member may result in the removal of the member from the Plaxo Service.

In addition, we also encourage members to personalize their Update Request messages before sending them to their contacts through Plaxo. As a rule of thumb, the message content included within Update Request messages may include some business reference or updated news. But this content should not change the tone of the message as to make it commercial in nature, nor overshadow the primary purpose of the Update Request message, which is to stay in touch with the contact.

Reporting Abuse:
Members and non-members can help to ensure the integrity of Plaxo by reporting suspected abuse to our Plaxo Abuse Department. Users may contact our Abuse Department at abuse@plaxo.com. All reports will be investigated and followed up on.

I hope this helps to provide a better understanding of Plaxo's position and approach. If you have any questions, comments, or suggestions regarding our policies, please let me know.

�til next time.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

From the desk of the Privacy Officer�

I previously noted David Coursey's article titled "Beware of 'Free' Service" where he touches on a number of his concerns regarding Plaxo and other services. Not less than two weeks later, David Coursey wrote a follow up commentary on Plaxo titled "Plaxo Reconsidered".

I mention it, not because David Coursey comes 180 degrees with Plaxo where he now recommends us. It's worth noting because I believe it illustrates the importance of companies like Plaxo to have an open communication and feedback loop with their user community and to fully embrace the user communication channels of today, including e-mail, user forums, and especially blogs.

Our business is based on trust. We realize that trust is not an entitlement, but rather must be continually earned. To build that trust, we are happy to answer any questions people might have regarding our service so we can quickly address any issues and continually improve our service.

I give David all the credit for taking us up on this offer. In his article, David talks about the recent meeting he had with folks from our Executive and Engineering teams. The meeting gave David a chance to ask his questions and Plaxo a chance to listen to his comments. In the end, we didn't agree on everything but it gave us a better user perspective and things to think about in order to better improve our service. I give David even greater credit for publicly changing his position on Plaxo after learning more about our business plan and our promising future.

While I can not promise everyone a face to face meeting, I can promise we will continue to strive to operate in an open and public fashion. But I also feel that open communications can not be solely based on the historical model of waiting for customers to contact Support. Mediums such as blogs, forums, and newsgroups have tremendously empowered users to express their comments and questions in their own specific ways. In order for a company to be successful today, I feel they must reach out to their users as much as possible.

At Plaxo, we've tried to be as proactive as we can in reaching out to users, whether they are Plaxo members or non-members. Of course we provide the ability for anyone to contact us at Support (support_@t_plaxo.com) or Privacy (privacy_@t_plaxo.com). But we also provide other venues to create a greater sense of community and responsiveness. We have our own fairly active User Forums as well as forum groups on both Yahoo! and Google.

But of course my favorite venues are blogs. Blogs, as a result of their ability to quickly publish and syndicate a person's thoughts and comments have shown to be extremely powerful. I've seen the downsides to blogs. For as much as blogs can inform, they can also misinform turning rumor into truth, and speculation into fact.

But I also see the upside. Blogs provide the ability for companies to feel the pulse of their userbase. They tell us what people think and how they feel. And most importantly, they allow for an open and public communications on issues that matter most to people. I can't think of a better way for a company to build trust than by reaching out and embracing this type of user community. My hope is that one day, company officials responding blog postings will be the norm and not the exception.

But as the example with David Coursey has shown, there's still much work to be done. We'll continue to strive to operate in an open and public fashion and allow people to decide for themselves about Plaxo. Hopefully, as occurred with David Coursey, we'll also continue to grow.... one recommendation at a time.

Feel free to share your thoughts with us.

'til next time,

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com