Software services and applications are becoming increasingly intertwined with users’ lives. And this connection is leading to increasing concerns about privacy. We have already seen service-to-user dissonance with the recent privacy controversies at Google, Apple and Path. As the co-founders of Glassmap, a real-time location sharing service, we have first hand experience with trying to resolve this dissonance.
Robert Scoble recently criticized Glassmap’s registration process as a severe violation of user privacy. If the “Post to Facebook” option was left checked, an invitation to join Glassmap would show up on the user’s timeline. Glassmap has admittedly benefited from the additional virality. But we also believe that in a boisterous, loose-sharing Facebook landscape, our target market of college students and young professionals benefited from attracting their friends to the service. (We are now eliminating this feature because Facebook told us to.)
However, a minor controversy like this hinders honest discussion regarding the more important issues at hand. Instead of giving into Silicon Valley sensationalism, we’d rather have a real dialogue about online privacy.
There are four things that really matter: real-time adaptiveness, transparency, the right amount of privacy, and user-service symmetry.
1. Real-time adaptiveness
Privacy desires and demands are much more dynamic than Internet companies currently account for. In the real world, we constantly shift privacy thresholds when we move from home to work to shopping to clubbing. Facebook has introduced “lists” and Google has introduced “circles” to more finely tune the complex temporality of users’ privacy preferences. However, even these attempts are curated on static, a priori information. Future services must find ways to dynamically adapt to their users’ shifting privacy thresholds.
Users should be able to very clearly see what their actual privacy settings are (who they’re sharing with, what they’re sharing with them). They should also have straightforward, simple and fine-grained control of those settings. Social discovery applications like Highlight remove control from the user, allowing anyone the service deems acceptable to obtain your information. “Friends of friends” feels deceptively innocuous, but if your 500 friends each have 500 friends, a quarter million people might have access to your information. This lack of clarity results in the creepiness that is widely associated with these products.
3. The right amount of privacy
As social networks have shown repeatedly, more privacy is not necessarily better. Products cannot assume the user’s privacy preference lies at either extreme (share-everything or share-nothing). Instead, they must try to find the sweet spot in the middle of the continuum. Actions that adjust a user’s settings towards that optimum should therefore be made as easy and automatic as possible, so long as transparency and control are preserved.
4. User-service symmetry
While a lot of effort is spent on the design of both asymmetric and symmetric user-to-user relationships (subscribing, following, friending, etc.), less effort is spent on the relationship between the user and the service. As users offer their information to the service, the service must also present that information back to the user. Many privacy concerns revolve around simply not knowing what information a particular service has collected. Because social products now often act as proxies between users, openness between the service and their users becomes even more important.
This is how we think about privacy. We are optimistic about the power of information, and we are hopeful that a deeper understanding of it will result in meaningful and beneficial technologies for users.