Who is in your “house”

April 28 , 2011

Once upon a time…

I was in elementary school and we had a special guest in our class, Officer Friendly, an ambassador for the police department who attends classes to teach students personal safety lessons such as not talking to strangers and how to protect ourselves when we were lost or hurt but especially not to allow people we didn’t know into our house. Being a latchkey kid and older sister I paid attention. The lessons that Officer Friendly taught are still relevant today. I am a product designer; It is my duty to protect and inform my users to guide them through the web and the products I design.

One example came up in 2008…

It was around the time Obama won the election for President and in California Prop 8 retracted the ability for people of the same sex to be married. I live in San Francisco, this was a hot topic and my gay friends were paying attention to this proposition.The project I was working on at the time was proposing the feature to update your Yahoo! Buzz activity into your Messenger status, that seems harmless right? This is what my project manager thought. Promotion through your networks was a great idea for viral activity, it’s a big win for the business side.They get more users, I get that. It made total sense until, I started asking him when was the last time he curated his Messenger buddy list? Did he know what settings he had for his privacy; did our users?

You are not all your users

He didn’t understand why I was so concerned. I know that there has been a surge of I’m designing for me, I’m the user. You aren’t. People all over the globe are using your products. You cannot be the only point of view. I gave him a scenario, let’s say you are: gay and in the closet, a lawyer in Alabama. You just “Buzzed up” a Prop 8 story and didn’t realize it showed up in your Messenger status update. The term “Buzzed up” is a positive term, depending on the context of the story: may have just outed the Lawyer, gotten him beaten up or killed.

Again, my PM didn’t see what the concern was. He is a San Franciscan and I reminded him that he is not thinking outside of his own social circle, the rest of the United States is not as tolerant or liberal. I grew up in the south. I have some emotional scars from that time which prepared me to be empathetic to others and apply it to my designs. I have friends who are different than me. They live in many parts of the world. I learn something from each of them. These are the people that I design for and protect.

Protecting users and their data has been on my mind lately because there are so many connected applications being connected to Facebook and Twitter. As a designer, I am interested in all sorts of products and applications others design, testing them, and to see what the excitement is all about. One product that popped up in my radar was Pixable, they designed a suite of photo sharing applications, they have been getting a lot of press and being an avid Flickr user I was curious. I downloaded Pixable and I started setting up my account.

Pixable:Facebook access

If you take a look at the screen it gives them access to everything even when you aren’t logged in. This is not a slam on Pixable. They want access so it is the best experience for their product to work. This is where the level of access to my data concerns me. We are doing a disservice to users when we have screens such as this. Facebook is allowing some context of each level of access by having a description below each of the levels of access. Does this appear harmless to you? I suppose it isn’t a big deal otherwise their product wouldn’t have been featured by so many sites right?

Think about it this way, when you meet someone for the first time do you give them the keys to your house and your ATM pin code before even having a cup of coffee? If you do you are very trusting. In most relationships trust is built over time. Why is access to your Facebook any different? This model of all or nothing hasn’t matured yet. We need to collectively take a good hard look at how we can improve the experience.

Design levels of sharing

These ideas have been running around in my brain.

  • Tiered access: entry level to get your foot in the door, that you can increase over time as your trust and use increases.
  • This one is a slight deviation on the one above. An ability to cherry pick which you the user are comfortable with. The all or nothing access to an application is too extreme.
  • A reminder set for you to check if you still want this application to have access. A Yahoo product called Fire Eagle used to remind you to update your preference on location data every week, month, 6 months, year, or the end of time.

Relationships change over time and that awareness should be applied to applications that we allow our data. Design a way to give users the ability to control and remind them where and how to revoke access to applications.

I’ve been on Twitter since November 2006, over the years I’ve allowed applications access to my account because I wanted something like the “friend or follow” that uses your twitter information to surface relationships with my audience to me or a feature that many applications such as Posterous to give me the ability to post to Facebook, Flickr and Twitter at the same time.

Disconnecting the relationship between applications is just like breaking up with someone we have been dating or are friends with. The vast majority of us are horrible at it. Applications allow you to “break up” your relationship but there is a lingering “they will come back to me” screen. Just because you disconnected it in one application doesn’t necessarily mean you’ve removed them. Remember, there was an authentication screen allowing an application, or promotion such as Macy’s Christmas 2010, or an American Express contest access to your Twitter/Facebook page. Twitter has it in their documentation to point users to that page but normally we are designing products to entice our audiences not think about how to make it easy for them to leave.

How to revoke access for applications to Twitter:

  1. Sign in to your Twitter account
  2. It is in your twitter settings page.

Twitter: Revoke access page

How to remove applications from Facebook

This took me about 5 minutes to find this page.

  1. Sign in to your Facebook account.
  2. Then go to your settings’ applications page.
  3. Take a look at the screens and start spring cleaning through applications that you no longer use.

Facebook: Remove applications

Please continue to question who you’ve allowed in and who still is in “your house.”



Constantly, trying to learn new things, and on the way I get to meet some amazing people with my camera by my side. XOXO!

on Flickr