I believe the next generation address book – or contact management play – will have more in common with oAuth data providers than with the traditional rolodex. Yet it will need to be as easy to use as the existing contact book or application that you use today.
The next generation contact management solution needs to provide a few basic services: portability, security, and syndication. What exactly do I mean by these ideas?
It’s simple – portability means the ability to move your data easily from one system to another. Currently we have lousy data silo solutions like vCard, SIM card contact, physical Address Books, or data solutions guarded by identity providers like Google, Microsoft, and Facebook that allow you limited access to all of the data in your contacts and give you limited ways to get them out (like CSV) – stay at the Hotel Contact California – and never leave.
Security is a much more complicated idea for contact management, and this is where many systems have gotten stuck. Do you advocate an open model – where everyone sees everyone else’s data – or something really closed, where you can only see someone’s data given the right combination of a public and private key or other multi-factor auth?
Most people would agree that some of the situations are appropriate given the need for the security of the contact information: you wouldn’t freely share a secret phone number for a celebrity or government official because if you did, they’d need a new “secret” phone number immediately.
On the other hand there is a legitimate need for security and it would be nice to be able to determine who can see your information – and who can’t. Yet we should also acknowledge (thank you Bruce Schneier) that absolute security of contact data is quite impossible for most of us unless we spend a lot of money and time that we don’t have to secure it.
And in an era of truly social and portable data, one needs syndication – or the ability to share and update the canonical copy of your contact information – to get the word out that your phone number changed given that you want people to talk you or contact you.
So, is there a solution? I think that by co-opting the practices of Vendor Relationship Management (VRM) to individual data, that it might be possible for an individual to manage the flow of their information in the world – using oAuth or another method along with a simple terms of service agreement – with the goal of asking users of that information (the data brokers who are looking at this post or anything you do online right now) to acknowledge and/or compensate with micropayments access to your updated contact information.
What’s in it for me? you ask. If this worked, you might be able to decide which vendors get to market to you, and they might gain valuable additional targeting information about you as a marketing segment. You might even get paid. It’s worth a shot, don’t you think?
Information Maven 
Hey Greg,
The future of contact management is indeed something that is portable. While the original phone directory dates back to 1878, nothing more has evolved from this idea. The future is always changing and bringing us easier ways to communicate with other cultures across the globe or the people standing across the room.
I recently started working for a Swedish start-up called Truecaller that relates to your blog, Greg. They noticed a market that has been untouched for more than a century: the phone directory. How the world manages contacts has become routine, and most things stay routine until someone comes along and shakes things up. The Truecaller app for smart phones has essentially created a way to take the world’s contacts with you everywhere. They created a database of global numbers through all the white and yellow pages around the world. The database is constantly and voluntarily being updated. This means there is a constant flow of new global numbers and names, even pre-paid numbers. The database is partly public information and then mixed with our crowdsourced database with half a billion numbers worldwide. The key, however, is you must already have the phone number to match it with a name in Truecaller’s system.
Physically, the world has countries and borders, different cultures and ways of life. But digitally, we have broken the chains that hold us to where we are from, and helped us reach out and hold the hand of someone 6,000 miles away. I think one of our users put it best when he said, “Evolution of tech has replaced everything. SMS with Whatsapp. Calls with Viber. Now Contacts with Truecaller.”
The future is the world united socially; constantly sharing our knowledge, data and our ways of life. We update our lives through social integration, so why not our phone books?
Hi Greg– Good stuff! Contact management definitely needs the help, as does my other favorite example: calendars…
Authoritative sources of data could be thought of as “OAuth providers”, but I would modify this moniker slightly to say that they are simply “hosts” that have been appropriately protected/access-controlled through OAuth (the OAuth standard would actually call them “resource servers”).
Don’t miss Phil Windley’s writings on “personal cloud” (http://www.windley.com), which expand on a vision very similar to this. The User-Managed Access (http://tinyurl.com/umawg) standard that I’ve been contributing to expands the OAuth vision to enable hosted data to be shared not just with other applications, but also explicitly other people and companies, and we’ll shortly be working on a case study doc that maps UMA to Phil’s “mutual subscriptions to each other’s clouds” scenario.
Thanks Eve, great thoughts!
Greg, great post. I couldn’t agree more. We’ve been striving to build something that pretty much is what you’ve outlined. I think Oauth is a bit of a red herring, but I get the point.
As a user I need a single point (address book) that aggregates ALL of my contacts, allows me to sync (bi-directional) them to ALL of my devices, AND that gives me a way to create “address books” that multiple people can use in a similar way. A shared address book that doesn’t necessarily have all of my contacts in, just the ones that I want to share with a specific group or team. This shared address book then needs to offer the same syncing possibilities as my personal address book (and the same for each member of the group).
We’ve been working hard to solve this and we think we’ve done a good job with our beta. We use CardDav for the syncing, its going to be pretty ubiquitous over the next 3-6 months and negates the use of Oauth. In fact as it gets adopted more widely it negates the need for an app at all on devices. All data is over 256bit SSL (in our case) so it’s secure too.
It’s early days, take a look at http://www.contactzilla.com we feel we’re on the right road…
Thanks Mark – will check out your solution.