advertising and other stuff. no, really.

Tuesday, June 28, 2011

“Allow (blank) to access your entire life?”

DENY. This rant brought to you by yfrog. It’s a spinoff of ImageShack where I host some images. (It’s one of a few choices you have in Tweetdeck in terms of what service uploads your images.) FF >> to last week when I found out though that they had accessed my private direct messages and published images of client work I'd sent to a co-worker. They deleted them after I sent a panic email, but the point is that people still have no idea how much personal stuff third-party applications are controling.

Not. Cool.

And we let it happen, every single time we grant permission to an app to access our online accounts. Problem is, we also have no real alternative choice, because the terms set up by the services allow for no option where your personal info is not accessed – except to not use the service. This is the price of free.

My unproven scientific theory surrounding social networks and privacy: The social networking bubble 3.0 doesn’t get that people are turned off by letting third-party have access to anything they construe as personal info. It’s why people get turned off on Facebook whenever a brand app wants permission to access their account.

The counter argument from the app makers is that they need certain information to make their app work. Eh... maybe, in some cases, but not the majority of times. Looking at the screengrab from Twitpic above and the section highlighted in yellow, you can’t tell me they need the ability to be able to post on my behalf. (I work with mad scientist-type devs who tell me they don’t need that kind of access, and I believe!)

Social networking may have blown up huge these past few years, but the core dynamic at work is that sitting in front of the monitor, people still want control over their privacy. Third-party apps, brands, agencies and start-ups need to rethink just how much info they really need, let alone do a better job of explaining to people why they need what they need without it sounding so ominous and controlling. (In my case, they need to leave private conversations alone.) Do this, and they’d likely see far better signup and adoption rates.

I’m guessing they’ll need to figure this out sooner rather than later if they want to move to a sustainable pay model. Who’d put up with this type of intrusion if they have to pay for the service? I don’t with cable TV or Netflix. Why should I with my social nets?


Cynthia Maniglia said...

Great post. So many well-made points. And so true.

jose said...

I definitely think that as we sign up and use online products (especially ones that utilize the login functions of other services), we have to be diligent about keeping an eye on our privacy.

I am a little confused about one thing, though ...

Direct messages are private between the parties sending and receiving, of course, but yfrog & Twitpic (and probably other services) post pictures publicly.

If a person uses either service, even within the context of being sent as a direct message, the picture gets posted public via the photo tweeting service.

Is that what happened? "That" meaning, the pic was automatically posted via yfrog when you DM'd it to someone else.

The "[yfrog] had accessed my private direct messages and published images of client work I'd sent to a co-worker" makes it sound like the account was hacked.

Or, did they actually hack your account?

mtlb said...

@jose - Not hacked. They take all images you upload, whether for use in public or private tweets, and make the available publicly.