In today’s tech industry, builders rule. But there’s a real tension between creators—who want to use every tool at their disposal—and everyday users, who freak out when too much of their personal information gets vacuumed up and sprayed out into the world.
The privacy leaders at Facebook and Google+ say their companies are starting to get the message. At today’s Privacy Identity Innovation conference in Seattle, Google+ privacy head Anne Toth and Facebook privacy and public policy manager Rob Sherman discussed how the two tech giants are striving to give users more control over their privacy amid a dogged, industrywide competition for social data.
“I think people will start to make judgments when they use products, and they’ll start to say `I want the companies that I do business with to think about privacy and to give me the ability to make my own choices,’” Sherman said. “Facebook’s continuing to do that. I think a lot of the smaller companies, as well, are starting to think that way.”
Facebook, of course, has little choice in the matter. The social networking leader, which is set to hit the public stock markets in a few days, settled a federal complaint last year by agreeing to change the way users’ information is made public and submitting to 20 years of independent audits.
Google+, the search leader’s response to Facebook’s rapid rise in social networking, is very new—and nowhere near as popular. As the challenger, it has tried to build in some features that clearly stand apart from Facebook’s sometimes convoluted settings for how social information is shared. That difference is distilled in the Google+ design concept of “circles,” which lets a user visually sort online friends into different groups, and choose which of those groups gets to see any given activity.
Toth said Google’s approach is to give engineers freedom to build, with supervision from product leaders who are responsible for making sure users’ privacy is being considered.
“What’s interesting is, in an engineering culture, very often people want to launch something because they can,” she said. “There are a lot of examples that I’m seeing more and more of, where the ability to do something is not the driver of whether you launch a feature. It’s about whether you do it in a way that’s responsible, that meets user expectations. That’s more of a test, and I think that’s a certain sign of maturity.”
Keeping an eye out for user privacy isn’t just for the big companies that might wind up in federal regulators’ crosshairs, said Kevin Mahaffey, co-founder of mobile software security startup Lookout. When users can see what kind of data mobile apps and Web services are accessing, they can sound off through reviews to alert other consumers—and change developers’ behavior.
“Historically, there haven’t been a lot of market forces that push down collection of data. Because a lot of times, it’s a transparency issue—you collect data, either some or a lot, and the users kind of don’t know the difference,” Mahaffey said.
But when users are armed with standard disclosures about the data a program uses, and a feedback mechanism like the reviews section of an app store, that’s quickly changing.
“The developer, instead of just saying `Well there’s no recourse because the FTC doesn’t care about me, because I’m just one guy in a garage’ … Now, all of a sudden, my download numbers are going down because users don’t like me. That’s awesome.”
