If you have this user-hostile attitude, (ie, that the reasons they have problems with your service is that they are stupid or don’t know better), you will be hard pressed to build a service or application that truly understands and meets their needs, and addresses their concerns.

The very first step in providing any service to your users should be to respect them and trust that they know what they want, treating them as worthy as you are. I commend 37signals and Josh for doing this.

These users’ concerns about privacy were legitimate, and while we as developers know exactly how this data was collected and compiled, and it is clear to us that it posed no privacy issue to those users, the users didn’t necessarily know that. Their only way of understanding how their private data was going to be handled was what was written in the privacy policy when they submitted it. In this case, the privacy policy was inadequate in getting that message across.

A well-written privacy policy explaining how the data is used in simple and honest terms may assist in reducing users’ concerns. In this situation, it may have helped, but wouldn’t have prevented most of these comments. The professional way to deal with such comments is to treat the users’ concerns with respect and respond to them honestly and openly, while also noting to yourself that you may need to address the way you communicate information about your privacy practices to your users, keeping in mind that they don’t know the internal workings of your applications.

In another article on this site, I’ve reported the browser breakdown for visitors to my website. Should I withhold that information in case it breaches people’s privacy? Of course not! Aggregated information that provides no reference to the person behind the data does not give any potential breach of security, and is completely harmless – while at the same time often being very interesting!