My employer recenty put into place one of those Web content filtering (WCF) devices. So far, they have it set to fairly benign settings. The last time my work PC sat behind one of those, the world of the Web was a different place. Mashups were just beginning to emerge, and hot linking or embedding content from another site into your own was considered rude — not a business model. Now, thanks to the new WCF device in place, I am no longer visiting many of the tech- and business-related sites that I may normally view during the course of my day.
The problem is not the sites themselves. It is not even the content on the sites themselves. Heck, the issue is not even that the sites I visit do not have a direct relationship to my job. The problem is, the sites are willing to embed a YouTube video into their content.
I know for a fact that this WCF device does logging and monitoring of what sites people access, even if the site is not on the blacklist. I know that they will be running reports on those logs to potentially look for less obvious “time waster” or “not appropriate for work” Web sites. This is fine. My fear is that I will get in trouble if they decide to turn on some sort of alert that says, “Hey, this user is trying pretty often to get to restricted or flagged content!” for sites that embed YouTube videos and other mashups.
This is yet another reason why I will not mashup. I have already tread this trail before, from two slightly different angles. “Grateful that I don't 'mashup'” discusses one reason why I think mashups are a bad idea. “Will Skype Get You Fired?” examines the issue of how poorly conceived use of “convenient” data can turn an otherwise safe application into a career killer.
The last thing the vast majority of developers or Web designers think when they post a piece of content on YouTube, Flickr, or similar site is that they are possibly doing their user a real disservice. In fact, it's just the opposite. They say, “Hey, look, I can put this useful video tutorial onto YouTube. It will not clog up my bandwidth so my site will still run fast; the YouTube player is pretty slick, and it blends right into my site.” These are all true statements.
When that user goes to your Web site to view a work-related Web page, the user’s company may very well be logging it as a visit to an unauthorized or inappropriate Web site. This is not necessarily something your users want. As a result, there is a good chance that sharp-eyed visitors will start to avoid visiting your primarily work-related site. And when they shift their preferred sources of information from 9:00 – 5:00, you can be sure that their home usage will very possibly follow suit. Less observant or ill-informed users might not notice or put two and two together, but they could end up in hot water over it.
I have always felt that content from outside my domain should be clearly marked as an outside link. It is smart usability. It allows a user to decide if they want to open it in a new tab or window, so they can keep their place on your Web site. It helps to make sure that if there is something the user does not like, or if it comes from somewhere the user does not want to visit they can make a fully informed choice. All around, clearly marking outside content (either through the text of the link or an icon next to the link) is a win-win for your site and the user.
My stance is: do not mashup with content sites. In general, it is not a very good policy. It is not that difficult to craft a similar system yourself; or to embed one of the various Flash players for content that can pull from your server; or to put in a reference to one of the standard multimedia plug-ins out there. If you do not have the bandwidth to serve up this content, you might want to consider how much value that video, sound clip, etc. is truly adding. It is bad enough that once you put your content somewhere else, it stands the chance of having ads and such put on top of it — and it can get your users in a bunch of trouble too.
Justin James is an OutSystems MVP, architect, and developer with expertise in SaaS applications and enterprise applications.