Currently, to fully control the activity feed that appears on your Google profile, you have to be a developer or have a developer-like understanding of the Social Graph API. Getting activity streams into your profile using the Social Graph API requires a three step procedure outlined in this document. The essence of this procedure is embedding html codes in the relevant pages and then running a process hosted on Google App Engine to add knowledge of these codes to Google's representation of sites that represent you.
In other words, the Social Graph API, the components of which were originally developed for discovery, is being used as a sort of indirect mini-authentication system. I have been hectoring Adewale Oshineye over the demerits of this system, and he has asked me for concrete proposals to fix it. Well, here goes:
- Stop using the Social Graph API for indirect authentication. Instead, relegate it entirely to its better role as one of at least a few discovery mechanisms. Urgency: Immediate.
- Allow the user to establish his or her own links manually as one of the other discovery mechanisms. It would be fair enough to consider these links as less reliable. Google could set up a system that indicated to users which links had been "verified", provide instructions for how to do so with the particular service, and a sort of rewards system for completing verification. Urgency: Immediate.
- Allow users to prune their links manually. I'm not sure how some of the suggested links in my current profile got there. I'm not sure exactly what it would take to fix them. It is possible that at some point I "knowingly" gave my consent to them as the links do appear on services I have been using continuously over a number of years. Urgency: Mid term.
- Establish a mechanism, perhaps using OAuth, where participating services could allow users to establish and break links through a UI requiring no knowledge of html. Urgency: Longer term.