Lesson: Privacy Matters

Tweet

Privacy matters to users. It matters a lot. That should be obvious, except that many times what seems like a small issue for us, may actually be a much larger issue for our users.

An anecdote: Today on their blog, business web app maker 37signals shared some aggregate usage data from their Highrise CRM application. Company founder Jason Fried posted a chart showing how many contacts were in the apps entire database (of over eight million) from each country. Because users can enter whatever they want into the country field when entering a contact, the data paints an interesting picture of how people prefer to reference countries (US vs. USA vs. United States vs. U.S. or UK vs. United Kingdom vs. Great Britain, etc.).

The data is mildly interesting, and I assume that’s why Fried posted it — he thought it was kind of neat and wanted to share. But almost immediately, users chimed in with privacy concerns. “I’m a fan of 37signals, so please don’t take this the wrong way. But I have to ask,” wrote one commenter. “Did we agree in our licensing to people going through our data? Do you stop at looking over addresses, or is there other info 37signals staff combs through. I’d like a little more of an illusion of security with regards to our data in Highrise.”

Fried immediate reassured commenters that this was aggregate country data pulled from a database and nothing personally identifiable was attached to it at all. “No one’s personal data is being reviewed or exposed or scrutinized or in any way compromised. This is faceless automated aggregate data,” he said.

But that didn’t allay everyone’s concerns. “So I walk up to your house, look in the window. I take an inventory of everything I see. Repeat for everyone on your block. If I report on just the quantity of HD TVs, this is okay?” wrote one commenter.

“I know it doesn’t really mean much, but for some reason it just feels… funny. I’d be ok if you only looked at the account owners info for internal use, but past that… I dunno,” wrote another.

One commenter, who said that he isn’t a 37signals customers, noted that nowhere in the TOS or privacy policy does the company mention gathering aggregate data on the information that customers store. “It looks like they reserve the right to compile stats on customers themselves, but not on the data they own. Even sharing of data about customers is restricted to legal requirements & improving the service, no where does it mention marketing that I can find,” he commented. He mentioned that Google Analytics provides a customer opt-in for the aggregate sharing of data and suggests that as a possible model for 37signals to emulate.

Of course, this is really a non-story in the long run — nothing Fried did compromised customer privacy or at all exposed any personally identifiable data. It’s a tempest in a teacup. Still, there were a fairly large number of commenters who expressed concerns over privacy quickly after the post went up, so there is a lesson to be learned here. Privacy is paramount to users, especially to business users who are using your application to store information about clients and customers. It is never a good idea to give anyone doubt that you don’t make safeguarding that privacy a number one concern, even if the specific concern is ultimately trivial.

Free book: Jump Start HTML5 Basics

Grab a free copy of one our latest ebooks! Packed with hints and tips on HTML5's most powerful new features.

  • Wardrop

    Thanks for opening my eyes to this, as I’m not all that concerned in regards to my internet piracy… um privacy.

  • http://www.japan-website.com/ pavan_patil

    Perfect – after all everyone have right to keep secrecy , People will not approve this at all !

  • Stevie D

    Here again we see the difference between legitimate concerns and paranoia. Some people have a totally unjustified fear of anything they say or do ever being reported anywhere in any form.

    In another article on this site, I’ve reported the browser breakdown for visitors to my website. Should I withhold that information in case it breaches people’s privacy? Of course not! Aggregated information that provides no reference to the person behind the data does not give any potential breach of security, and is completely harmless – while at the same time often being very interesting!

  • http://www.sitepoint.com/ mmj

    Passing this sort of thing off as unjustified paranoia is just another manifestation of the “the users need to be educated” attitude.

    If you have this user-hostile attitude, (ie, that the reasons they have problems with your service is that they are stupid or don’t know better), you will be hard pressed to build a service or application that truly understands and meets their needs, and addresses their concerns.

    The very first step in providing any service to your users should be to respect them and trust that they know what they want, treating them as worthy as you are. I commend 37signals and Josh for doing this.

    These users’ concerns about privacy were legitimate, and while we as developers know exactly how this data was collected and compiled, and it is clear to us that it posed no privacy issue to those users, the users didn’t necessarily know that. Their only way of understanding how their private data was going to be handled was what was written in the privacy policy when they submitted it. In this case, the privacy policy was inadequate in getting that message across.

    A well-written privacy policy explaining how the data is used in simple and honest terms may assist in reducing users’ concerns. In this situation, it may have helped, but wouldn’t have prevented most of these comments. The professional way to deal with such comments is to treat the users’ concerns with respect and respond to them honestly and openly, while also noting to yourself that you may need to address the way you communicate information about your privacy practices to your users, keeping in mind that they don’t know the internal workings of your applications.