What we learned about privacy that Facebook knew and forgot
In short: keep it simple.
In the first version of TurnTo, we were determined to set a gold standard on privacy control. We provided a multi-level model for authorizing purchase information sharing. We had forward and reverse models for specifying friend relationships. We let users create groups of friends then share with groups while excluding individuals or sub-groups. We provided time-based controls that let users specify review periods. And that’s just the stuff we implemented; our plans went even further.
You know how that movie ended: no one used these functions. And we’ve been stripping them out of the system one by one ever since.
Here’s what we learned: when it comes to sharing purchase information, there’s them that do, and there’s them that don’t, but there’s no one in the “I would if only I had more granular controls” group. The best way to serve your users is to keep the model very simple so that it’s obvious at first glance what sort of information sharing is going to happen. It’s OK to be very open, very restrictive, or anywhere in between, as long as the rules are obvious. Granular controls don’t help you increase your audience. At best they’re ignored, and at worst they cause confusion and bad feeling.
In contrast, Facebook has been moving in the opposite direction. They wanted to make their environment more open to enable functions that would be valuable to their members. But they felt a significant part of their membership might prefer the old, more restrictive model. So to keep everyone happy, they added granular privacy controls. “Everyone can have it just the way they want it.” But in trying to keep the old and the new at the same time, what used to be simple got complicated. And that hasn’t worked. People get their settings wrong and are surprised. People feel duped if their settings change without warning, or they feel coerced if pressed to change settings they were happy with. Or they feel burdened by having to learn complicated rules for something that used to be simple. Or they lose confidence in the system and back away. And what about those conditions where A meant to share only with B, but B shares everything with everyone, and A didn’t see that one coming? Now Facebook has added the Bandaid of bundling those granular controls into higher-level preferences. “You want it small, medium, or large? Don’t worry about the details.” That might help – we’ll see.
But if Facebook had asked us, we would have told them this: it’s OK to change, even radically. (You of all companies know that and have shown the guts to do it.) Decide on the basic approach to privacy you think is best for your users and your business. And throw everything else out. Some users will gripe about the changes (like they did when you introduced the news feed). But then they will see the wisdom of your new model, their behavior will adapt (some may share less, others more), and they will thank you thank you thank you for keeping it simple.