
“Users want control” is a shoulder shrug - collinmanderson
https://www.ianbicking.org/blog/2019/04/users-want-control-is-a-shrug.html
======
mochomocha
I'll offer a contrarian opinion. A lot of the issues raised recently in our
industry around privacy or algorithmic bias come from the fact that as an
industry tech has the hubris to believe that it knows better than its users
what is best for them. Under the pretense of simplicity and scalability, we
think that every individual behavior and tastes can be reduced into a one-
size-fits-all product and business model, sprinkled with machine learning to
give the illusion of a product experience tailored to different people, when
in fact it is only mildly so. And I'm saying this as someone building machine
learning models for a living.

~~~
citrablue
Perhaps I am thinking too narrowly, but I think the algorithm-driven approach
is much less hubris than someone at the company making a decision. These
models reflect what users do -- isn't that much more democratic than employees
deciding?

There is an orthogonal argument that this is also harmful to some people's
aspect, but "give the people what they want" doesn't seem like it's reductive.
Especially when it seems like people in our society can be clustered and have
some clear groupings occur.

~~~
naravara
>These models reflect what users do -- isn't that much more democratic than
employees deciding?

What users do is different from what users would like to do. If people's
aspirations lined up with their real behaviors, Planet Fitness wouldn't have a
business model. But when navigating the world people often want to improve
themselves into something they want to be, not fall deeper into the worst
tendencies they exhibit in any given moment.

------
nostrademons
The truth of "users want control" depends on how closely your users'
preferences resemble each other with regards to the particular service you're
providing. If you can make one set of choices that works for all users, then
no, users don't want control. If you can't, then the users will be demanding
that control whether you give it to them or not, and if you don't they'll go
elsewhere.

If you're small, you get to sidestep this distinction by defining your market
carefully. Apple is one company that famously does not give users control. Is
it true that PC users don't want control? No. That's why Windows has 80%
market share in PCs and Android has 75% market share in mobile. But it's true
_of Apple customers_ , and in return for giving up control, they get a well-
integrated user experience that's relatively bug-free, just works, and
requires no extra thought on their part. You could look at dealing with
hardware incompatibilities, avoiding crapware, integrating systems, and so on
as services that Apple provides to its customers, and as a result they can
charge a premium on their devices and make handsome profits.

This model falls down for public policy, like privacy, because people have
_different_ priorities that lead to _different_ tradeoffs. I will happily give
Google my location if it helps me avoid traffic jams, something many HN
readers object to. I will post semi-identifiable comments on Hacker News,
because I've derived fairly significant benefit from comments here. I don't
generally post pictures of my family on Facebook. I certainly don't document
my every waking moment with Instagram. Many other people make different
tradeoffs, and that's their right.

It's debatable which bucket health care falls into - I suspect most people are
in the "just make it work" camp until they dig into the details of exactly
what experience and cost "just make it work" entails. I'll point out that the
Apple experience for health care is completely possible with Kaiser Permanente
and other managed HMOs, if you are willing to give up your choice of
providers. Stay within their network and everything "just works", but then you
have to stay within their network.

~~~
floatingatoll
Apple gives their users forms of control, but not necessarily the forms that
HN commenters agree with.

For example, this week I was explaining to someone how different the iOS
(possible) and Android (impossible) processes are for finding and removing
spying crap if you don’t know how to operate technology very well.

I showed them Settings > General > Profiles on my phone, explained briefly
that I’d opted in to them, and that they wouldn’t have that because they
weren’t a developer.

They had it! For a coupon email spam account. That they’d tried out a year ago
and were now unable to completely remove. They removed it immediately.

No, we can’t root iOS devices reliably (rarely at all), but in exchange, non-
technical users gain control over their device to a degree that rootable
devices make impossible.

It’s not about whether you have control, it’s about whether you have the
degree of control you desire, and whether that control provides the needs you
desire.

I, an advanced technical user, use iOS because I can prove efficiently that
it’s unharmed. I consciously gave up a rooted device with a keyboard for it. I
have a 50% typo rate and I miss a lot of things. But the need for safety is
paramount, or else everyone protected by my MFA tokens is at risk from attacks
so severe I can’t even fathom.

~~~
jeswin
Different people want different things.

I can't use iOS because it doesn't meet my needs: T9 Dialer, Homescreen
customization, Guest mode/Multiuser (not Guided Access), better notifications,
real Firefox, better multi-tasking etc.

Add: I also think it's unfair to compare the security capabilities of a
handful of Apple phones with the countless Android phones out there. People
have the option of buying Android phones from Google, which have comparable
security guarantees as any iOS device (while allowing root access to people
who actually desire that).

~~~
floatingatoll
If it can be rooted by you, it can be rooted by someone close to you, at which
point it can be modified to install competent spyware tooling that hides that
it’s rooted. Women who have been stalked by their exes will be quite familiar
with the risk this poses. So will people who need Tor Browser to keep them
safe from their governments.

I’d accept this as fine if I had to order it rooted from Google in hardware,
so that the bootloader could show an unskippable “This is a rooted device and
lacks critical security protections against malware attacks” warning.

Sadly, that’s not currently on offer. While your needs are legitimate,
offering rooting in software on consumer-facing devices is more dangerous than
they can afford. To me, the harm that comes to others isn’t worth it.

~~~
maxsilver
> I'd accept this as fine if the bootloader could show an unskippable “This is
> a rooted device and lacks critical security protections against malware
> attacks” warning. Sadly, that's not currently on offer.

It is on offer, that is already how Android rooting works on most phones (at
least, every Nexus, Motorola, HTC, and LG I've used already does this). You
already get that warning you requested _and_ your phone shows some sort of
"unlocked" icon on every single startup to remind you your phone has been
rooted _and_ your phone auto-wipes all data itself before unlocking too.

Screenshot of the warning message (Motorola) -> [http://androidadvices.com/wp-
content/uploads/2014/11/unlocke...](http://androidadvices.com/wp-
content/uploads/2014/11/unlockedbootloader_320-1024x1024.png)

Screenshot of the warning message (HTC) -> [https://img.xda-
cdn.com/zgUZzE19yICj6wdJm--RJopG_-U=/http%3A...](https://img.xda-
cdn.com/zgUZzE19yICj6wdJm--
RJopG_-U=/http%3A%2F%2Fwww.htcdev.com%2Fimages%2Fuploads%2Fbootloader%2Fstep13.jpg)

Screenshot of the every-single-boot reminder icon (Google/Nexus) ->
[https://fscl01.fonpit.de/userfiles/4774964/image/AndroidPIT-...](https://fscl01.fonpit.de/userfiles/4774964/image/AndroidPIT-
Nexus-5-boot-unlocked-w628.JPG)

We can argue over the particular clarity of the wording and icons and such.
But generally speaking, the functionality you are asking for has already been
Android standard default for many years now.

~~~
floatingatoll
The Motorola one is partially acceptable. I had no idea, thank you! It’s
unfortunate they fail to mention the threat of spyware, since that would make
more sense to a typical consumer than “you’ll shoot your eye out, kid” as
shown here. More work to do here, Motorola.

Do all manufacturers offer that sort of clear warning text, or just Motorola?
The unlock icon alone is meaningless.

~~~
cannonedhamster
Samsung phones also warn you if there security features of Knox (their
security platform) have been bypassed or turned off in red letters at boot.

~~~
floatingatoll
Do they warn non-technical users on every boot that their device could be used
to spy on them in language plainly understandable to a consumer?

I’m glad they have any warning at all - but warning in tech developer terms
and warning in consumer-understood terms are entirely separate problems, as
Motorola’s insufficient developer-focused terminology demonstrates.

~~~
Faark
You have moved the goalpost quite a bit by expecting such high standards from
Android. As in you're asking for a message that absolutely every user can
understand, while for iOS you've been totally fine with power users being
necessary to identifying threats.

My Sony and a Huawei I set up for a family member show similar warnings after
unlocking them, btw.

------
torstenvl
> _Control is what you need when you want something and it won’t happen on its
> own._

Err. Well. No, not usually. Usually it runs the other way. I want control
because I specifically _do not want_ you taking over my life, not because I
disagree with the way you're taking it over. I _don 't want_ it to happen on
its own.

I can imagine the author in an automaker board room, arguing vehemently that
if they only move from a ten-speed automatic transmission to a twelve-gear,
the smoothness and low-end power will make it so nobody wants a manual
transmission anymore.

But that simply isn't the case. Freedom has inherent value. Simplicity and
approachability have inherent value. People prefer to drive rather than fly or
take a train because they want to be in the front seat - literally. Control
has a value to it that far exceeds the mere pedestrian concern of whether your
approach was good enough.

~~~
thatfrenchguy
I think this “a car give you freedom” American thing to be somewhat funny
because to me it’s the opposite: a car is a huge investment, it costs you a
ton of money per year, puts you down in one place (and thus prevents you from
moving to another place easily), makes you mostly sit in traffic while going
to work while contributing heavily to destroying the planet. I personally
enjoy taking a train to where I’m going much more, especially in places where
it’s convenient.

~~~
userbinator
It's definitely _very_ American, but the feeling of cruising down an empty
highway in a piece of "Detroit iron" is something that has to be experienced
to be understood --- if all you've ever driven or ridden in are smaller or
less comfortable vehicles, I can see how you would think driving isn't very
enjoyable. Even with lots of traffic around, I still think that sitting in my
own "personal lounge" is better than sharing a cramped train or bus with all
sorts of strangers.

~~~
Ma8ee
The train doesn't need to be cramped. And if you aren't occupied with
controlling a vehicle, you can actually use your time for something useful or
enjoyable.

And while cruising down an empty hightway might be very nice, it's excedingly
rare for anyones daily commute to be like that.

~~~
Zimahl
> you can actually use your time for something useful or enjoyable

I'm doing something enjoyable. I'm cruising down the freeway with the windows
open, good tunes on the radio, and I can choose to go anywhere I desire.

~~~
Ma8ee
That is not a commute. That you can do what you describe on holidays and
weekends when the weather is fair and there isn't much traffic is not a good
reason to create traffic, destroy the climate and the local environment, waste
your own money and being frustrated in traffic jam.

People are buying cars because they believe in the commercials where the car
means freedom. But people use cars to waste their lives in traffic.

------
throwaway66666
> For instance, we say “users want control over their privacy,” but what
> people really want is some subset of:

> To avoid embarrassment

> To avoid persecution

> … sometimes for doing illegal and wrong things

> To keep from having the creeping sensation they left something sitting out
> that they didn’t want to

> They want to make some political statement against surveillance

> They want to keep things from the prying eyes of those close to them

> They want to avoid being manipulated by bad-faith messaging

\-----------

You forgot the two most important ones. Users want their privacy because.

A) they do not trust you.

B) They expect that everything they do, will be used against them. (eg
providing an email address will result to receiving spam. Providing personal
details to advertisers using them etc).

C) Info they leak, is leaked out forever. Today that might be ok, but
circumstances might change tomorrow.

It is a bit dishonest to say that users want privacy because they want to do
illegal things. Or that they want to make a statement against surveillance.

Wanting privacy is not a statement, it is an end-goal on its own.

Yes I am missing the point of the article but I had to point the above out.

~~~
closeparen
The author addresses you pretty directly.

>There are some cases when a person really does want control. If the person
wants to determine their own path, if having choice is itself a personal goal,
then you need control. That’s a goal about who you are not just what you get.
It’s worth identifying moments when this is important. But if a person does
not pay attention to something then that person probably does not identify
with the topic and is not seeking control over it. “Privacy advocates” pay
attention to privacy, and attain a sense of identity from the very act of
being mindful of their own privacy. Everyone else does not.

~~~
flattone
But privacy advocates do it on behalf of everyone else

Even if some majority of users do not care about privacy i dont believe our
most fruit bearing path is build w/less autonomy.

There is so much distance between how things need to be built and whether or
not end users identify with some component of the system.

------
jcrben
It's unrealistic that an organization can predict exactly what users want. If
you try to do that, it's like central planning of the economy. It just doesn't
maximize people's happiness.

However, if you give them lots of control and monitor choices, you can modify
your defaults to improve that situation... but don't expect preferences to
remain static.

~~~
shstalwart
> ...and monitor choices, you...

So... more telemetry. This user says no thanks.

------
jancsika
> People don’t want to lose their data, but having personal control over your
> data is a great way to lose it, or even to lose control over it.

I don't think "personal control" implies that nobody else has full access to
one's data. If that were true then NDAs would be useless.

The idea of users "wanting control" simply means they want ubiquitous software
to work like the _best_ parts of ubiquitous social structures they've grown up
with that _aren 't_ the internet.

That is: facilitate personal growth and self-expression in a framework where
individual failures and oversights don't accumulate to create a goddamned
international environmental hazard.

For example-- I'd bet there are a lot of Youtube posters who would _love_ the
following two features:

1\. Painlessly upload videos that assert their opinionated world view at that
moment in time.

2\. Have people find it without plugging into a recommendation rabbit hole of
contention that reframes their content as yet another rusty nail in a
goddamned international environmental hazard.

> But if, as technologists, we can’t map functionality to desire, it’s a bit
> of a stretch to imagine everyone else will figure it out on the fly.

And one level above that-- if you don't have a legal framework where it's
against the law to put cocaine in soft drinks then mapping functionality to
desire will often be an unethical endeavor.

------
nhumrich
True. People didnt care about who had their data until the data started being
used unethically. But now these unethical practices are so common, they are
considered ethical. We used to print books with everyones name and number in
the city. You would give your phone number out freely. But now, people keep
their phone number hidden because its abused more then its actually used these
days.

------
m463
I am reminded of a passage in the book "the subtle art of not giving a f*ck":

"For a relationshipt to be healthy, both people must be willing and able to
both say no and hear no. Without that negation, without that occasional
rejection, boundaries break down and one person's problems and values come to
dominate the other's."

The problem is that users are not given the choice to say no.

------
stakhanov
It's not about knowing better, it's about actual conflict of interest.

Think about how much of the internet runs on advertising dollars. This leads
to a situation where much of the internet serves the interests of people
trying to maximize profits when selling stuff over the interests of people
wanting to be well-informed about stuff they buy and looking for the best
possible deal. -- When you search for "usb stick", of which there are
gazillions, in an online store, which one will you be shown on page 1? The
best product at the best price? Or the product made by the person who payed
them to show their product first? (advertising expenses that they'll have to
recoup by making that stuff more cheaply or selling it more expensively)

Think about how copyright owners instrument digital rights management to try
to maximize monetization of content over allowing users to make good use of
rights in copyrighted material that they already possess. -- If you're 70
years old, and you're into the beatles, you probably paid for that music at
least four times. You bought a record when it came out, buying the right to
listen to that music for the rest of your life. But for some reason, you paid
for buying that right a second time when it came out on CD. A third time when
you bought an MP3 download. A fourth time as part of a subscription package
that you now have. -- The development of the technology did not serve the
interests of the user. Otherwise, a RW-medium like minidisc would have won
over CDs, allowing you to maybe record from vinyl to minidisc. "Copy
Protected" CDs would have never happened but instead ripping-friendly CDs
would have been produced because this was what would have been in the user's
interest. And streaming would have happened on the basis of making
micropayments when streaming stuff you don't already own instead of turning
everything into a subcription package.

Think about how insurance companies might use the information gathered by the
surveillance system which is the internet.

People THINK that when they are the ones paying for a computer, for an
internet connection, etc that they are paying for technology that should now
serve THEIR interests. The fight for user control is the fight to actually
make that happen. And a fight it is. It's not a given that technology is made
to serve the user's actual interest.

~~~
scarface74
_If you 're 70 years old, and you're into the beatles, you probably paid for
that music at least four times. You bought a record when it came out, buying
the right to listen to that music for the rest of your life. But for some
reason, you paid for buying that right a second time when it came out on CD. A
third time when you bought an MP3 download._

Why would you buy an MP3 download if you already had the CD? The most popular
MP3 player at the time - the iPod was used with iTunes that it made it very
easy to rip your own CDs. There was a way to rip CDs in Windows 2 decades ago.

 _A fourth time as part of a subscription package that you now have._

If you didn’t want the benefits of having access to all the music out there
and just wanted your own library, you still wouldn’t need a subscription
service. In the case of iOS, you could pay a one time fee of $25 for Apple
Match and you would have up to a year to use it. With Apple Match, it will
match all of the music in your library no matter where you obtained it and
count it as purchased song that you can redownload from iTunes DRM free.

 _The development of the technology did not serve the interests of the users._

The user has a choice between subscription music that has DRM, purchased music
that is DRM free, or easy to use software that lets you convert physical CDs.

 _Otherwise, a RW-medium like minidisc would have won over CDs,_

CD-RWs were already backwards compatible with CDs. I was burning CDs using a
parallel port CDRW in the late 90s.

 _allowing you to maybe record from vinyl to minidisc._

You’ve been able to take a record player, connect it to the audio in Of a
computer, record the audio and burn it to a CD. I’m sure there were standalone
boxes that let you do it. _”Copy Protected " CDs would have never happened but
instead ripping-friendly CDs would have been produced because this was what
would have been in the user's interest._

Copy protected CDs were really never a big thing.

 _And streaming would have happened on the basis of making micropayments when
streaming stuff you don 't already own instead of turning everything into a
subcription package._

People _wanted_ subscriptions and not micropayments.

~~~
stakhanov
You're coming at it from the POV of a "power user". Most people aren't that.

> Why would you buy an MP3 download if you already had the CD? The most
> popular MP3 player at the time - the iPod was used with iTunes that it made
> it very easy to rip your own CDs. There was a way to rip CDs in Windows 2
> decades ago.

...actually, if you ripped a CD with iTunes, it would turn into a format that
almost no software other than iTunes could read. The same thing was true about
Windows media player. So you COULD rip stuff, but you would get from one kind
of vendor lock-in into another kind of vendor lock-in. If you wanted MP3, you
had to put a fair amount of thought into it, download special software, etc,
i.e. you had to be a power user, and you had to put a lot of work into it if
you had a couple hundred CDs on the shelf and wanted your collection to go on
a hard disc. Besides myself I know only one other person who did that.

Also: I was making a more general point here. Substitute "DVD" for "CD" and
"movie" for "music" and the argument still holds. DVDs had encryption that had
to be cracked by somebody, the crack having to be obtained illegally by
anybody who wants to rip a DVD.

The actual point I was making was the following: These examples show how, in
one area, the tech industry will be hard at work trying to make certain things
DIFFICULT (like cancelling a subscription deal, where they might accept fax as
the only method of communication, or copying copyrighted material) and hard at
work trying to make other things EASY (like signing up to a subscription deal,
re-purchasing stuff you already own). Most people go the way of what's EASY.
But that does not usually serve their own interests.

> The user has a choice between subscription music that has DRM, purchased
> music that is DRM free, or easy to use software that lets you convert
> physical CDs.

Purchasing music that is DRM-free happened very late in the game and is still
a niche topic. The first businesses to try and offer downloads that you'd pay
for (like napster when it tried to go legit) failed because they couldn't get
content deals, because the music industry didn't want DRM-free downloads for
fear they would be copied illegally. The first service that actually made it
commercially viable was iTunes, and they only managed it because they could
get the content industry on board through introducing DRM. -- The fact that we
now have DRM-free downloads in certain niche areas is a side-effect of the
fact that most people have subscription packages now anyway, and offering DRM-
free high-quality music is now a way to charge them YET ANOTHER time.
(purchasing that Beatles album for the fifth time).

> CD-RWs were already backwards compatible with CDs. I was burning CDs using a
> parallel port CDRW in the late 90s. You’ve been able to take a record
> player, connect it to the audio in Of a computer, record the audio and burn
> it to a CD. I’m sure there were standalone boxes that let you do it.

That made YOU a 1-percenter when it comes to technology. Most people I knew in
the late 90s could have never figured out how to hook up a record player to a
computer, record a WAV file, and burn it back to a CD. -- You're not
representative for how that industry works/worked at any point in history.

~~~
scarface74
_actually, if you ripped a CD with iTunes, it would turn into a format that
almost no software other than iTunes could read. The same thing was true about
Windows media player. So you COULD rip stuff, but you would get from one kind
of vendor lock-in into another kind of vendor lock-in. If you wanted MP3, you
had to put a fair amount of thought into it, download special software, etc,
i.e. you had to be a power user, and you had to put a lot of work into it if
you had a couple hundred CDs on the shelf and wanted your collection to go on
a hard disc. Besides myself I know only one other person who did that._

iTunes has never ripped music from CDs into a DRMd format. By default it used
(and popularized) AAC after the iTunes Music Store, but you could change the
preference to MP3. AAC was never owned or controlled by Apple. It was just
another format that was licensable to anyone just like MP3. Within two years
of the iPod, most players supported DRM free AAC.

Don’t forget that the whole “Rip,Mix, Burn” commercials that Apple used for
advertising iMacs came out two years before the iTunes Music Store. Before the
iTunes Music Store, the iPod could only play MP3 files.

They required a firmware update to play AAC files.

It also wasn’t the “tech industry” that introduced anti copying measures to
video. The video industry did that during the analog days with Macrovision.

 _That made YOU a 1-percenter when it comes to technology. Most people I knew
in the late 90s could have never figured out how to hook up a record player to
a computer, record a WAV file, and burn it back to a CD. -- You 're not
representative for how that industry works/worked at any point in history._

That maybe true. But when Apple introduced iMacs with CD-RWs, it was already
behind. PCs had started coming with CD burners and Roxio software by 2000.

------
vorpalhex
Nobody ever has your best interest in mind except yourself.

You can throw all the money in the world at healthcare, you can make it free,
and you should still get a second opinion and be involved as a direct agent in
your health choices.

Humans are agents, that is to say, they have agency. There is no single
optimum outcome for all people - there may be an optimum for a business (the
most profit), a healthcare provider (the least amount of getting sued) or
other entities, but there is no single best outcome for agents.

Given that no system can give the best outcome for all people, the system
shouldn't even bother but instead empower people to make their own outcomes.
The problem is that sometimes people choose bad outcomes - but that is also an
expression of agency.

~~~
sfink
Sure. But _only_ giving users control, in the form of being able to choose
between the available providers, does not solve the problem by itself.

Say you sprain your pinky finger and your insurance covers two doctors: Donald
Drugmeister who can afford to pay his office staff only by pushing the latest
offerings from Pfizer, and the excellent surgeon Carl Cutter who will decide
your root problem is in some organ that needs to be removed. You may feel vast
relief that you're able to choose Donald over Carl, but in actuality you'd be
better off going to your mom who will give you an ice pack (not covered by
your insurance!) and kiss you on the forehead.

The US healthcare system, at least, cannot be fixed simply by handing over all
control to the patients. That'll just end up with even more strenuous efforts
by the pharmaceutical companies to convince of us, the non-medically astute
population, of the necessity for various drugs that they happen to make money
off of. And even more antibiotic overuse and unnecessary procedures.

I think having choice of doctors is part of the solution, as is having a
pretty high degree of control over what procedures and drugs are used in each
personal situation. But if the only fix on offer is to allow more control over
the choice between mediocre or bad options, then we're all screwed. (And the
less privileged are even more screwed than the rest of us.)

I agree that the system shouldn't even bother to guarantee the best outcome
for all people, but I don't think empowering people to make their own outcomes
is going to get us very far.

~~~
vorpalhex
Whether it's the US or the UK or wherever, you need to be an active
participant in your health choices and reading up on the materials available
to you.

That isn't affected by whether your healthcare is socialized or infinitely
expensive.

You probably have more choice in a non-totally socialized healthcare setting,
but only to the extent you can afford choices. Neither extreme is any good,
but the ideal is a golden median with many affordable choices.

------
username223
Let's put it in simple CRUD terms. Users want to:

C - control when you collect it.

R - read what you have on them, and know how you read it and/or share it with
others.

U - update it, e.g. when it is wrong.

D - delete it.

Most users just want non-hostile defaults, but all users should have CRUD-
control.

~~~
llamataboot
I'm not sure why this is downvoted - it's a little bit counter to the scope of
the parent article, which applies to all sorts of design decisions, not just
data retention and usage, but I would agree that this /is/ the base level of
control over any data that a third party has from me and should be enshrined
in law.

It has been great to see Apple, for example, move more towards better
awareness and defaults for C, but by and large the internet is still a mess of
hostile defaults, opaque privacy statements, and no way to know that this
weather app is selling your location to advertisers when they could've just
asked you for your location, if they wanted to be a weather app.

------
rb808
related tweet from @SwiftOnSecurity yesterday.

"The difference between Excel and a database is if they use Excel they don't
have to talk to your elitist ass."

Too true

------
ajuc
> For instance, we say “users want control over their privacy,” but what
> people really want is some subset of:

> (...)

> To avoid persecution

> (...)

That's like saying "drivers don't want safe cars, they just don't want to die
in a car accident".

Will you stop making safe cars, then? If not - how is that an useful
information?

I understand it wasn't the main point of the article, and I might even agree
with the main point in general (I'm not sure, there are exceptions), but that
was bad example.

------
stakhanov
...kind of reminds me of a slogan by "Die Partei", a political party -slash-
set of comedians that runs in German general elections as a platform for
political comedy. The slogan goes "We'll do it right!" \-- Laugh about it for
a moment. Then think about why it is so funny. Then stop laughing when it
dawns on you how f*ing terrifying it is that this is where society is headed.

------
gnode
For me, control in technology does not mean being able to go and press buttons
in a maze of options. Control means being able to use an ad-blocking plugin in
a browser written by an ad-tech company, to use off-brand ink in a printer, or
to use a government API with a program written to optimize my taxes.

------
rgoulter
"try and understand underlying motivations whenever you see 'want control of
X'" is neat point.

I'd think "if the system satisfies all the desires, people don't need
autonomy" and "people need control/power, because systems inevitably fail" are
two contrasting viewpoints.

------
psychoslave
Most users want to take back control when the default behavior stands in the
way of their current workflow. So the best scenario is the default
configuration is handy for basic uses, and the behavior can be tweaked
extensively when needed.

------
LaGrange
> Making the claim “users want control” is the same as saying you don’t know
> what users want, you don’t know what is good, and you don’t know what their
> goals are.

Yup, that's exactly what I'm saying. There might be overriding concerns coming
from _community_ needs (which is where arguments for things like ACA and other
public healthcare come from, actually, and why I might not give a user a
particular configuration option), but while I might know better what a
platonic ideal of a user wants, what any particular user wants _I do not_
unless I ask them.

------
arendtio
Having control is just the least common denominator.

Sure, in the end, people want other things and control is just a basic tool to
reach a goal, but as long as we are not 100% sure what they want we will hold
them back on their way to reach their goal if we take away their control.

\- First, give users control (enable them to reach their goal, whatever that
might be).

\- Second, reason about what their goals are and make those easy to achieve
(reduce friction, without taking the control away).

------
3xblah
How does he know what users want? I presume by the term "user" he means
someone is not one of the authors or who cannot1 themselves modify the
software as they wish.

As a user, I do not ever recall being asked what I wanted by anyone at Mozilla
nor have I ever heard of any other user being asked.

1 I could modify Firefox but the compile process requires more time and
resources than what I consider reasonable.

~~~
ianbicking
Mozilla uses telemetry in their products to try to understand what Firefox
users want. We only use telemetry to improve our products (which is directly
related to understanding user desires), and we have a data review policy to
ensure we are collecting data in an attempt to improve things for those people
we collect data from.

Additionally Mozilla regularly surveys samples of its user base, and conducts
in-depth interviews of the public to try to understand desires.

~~~
3xblah
Are the dates, detailed methods and raw results of the "surveys" and "in-depth
interviews" made available to the public?

------
oytis
As a control freak I don't agree. I feel uncomfortable even with good
solutions I don't understand and have no control over. I think a lot of Linux
users like myself have chosen it because of that in the first place.

And the same holds for privacy even more. I'll prefer encryption on my machine
with my keys to the best permission model in the cloud.

------
reshie
you have to define control first. personally i think it is a dev to users in
the form of options but you have to create options that will get the most need
and has mostly the most following for the most part. with advanced users
almost on par with developers some times a light hackable modular design is
better.

------
strin
Sometimes what users want is what users think of as a solution to their
problem in the context they have. For example, users want better taxi services
-> turns out ride-sharing is a better solution. Taxi service is a solution to
the problem of getting point A to B.

~~~
sfink
Ride-sharing is a better taxi service. Or rather, the uber/lyft thing that is
misnamed "ride-sharing" is a better taxi service. Better because of the
experience of hailing a ride, and better because it is cheaper due to
externalizing a bunch of costs onto the drivers and society. But not
different.

------
phkahler
Users dont want plugins or extensions. They want features that are missing
from the product.

------
envolt
> People want good health care. If they don’t trust systems to provide them
> good health care, if they don’t trust their providers to understand their
> priorities, then choice is the fallback.

Applies to any settings page with too many options.

------
hawaiian
As a user of services, I _do_ want control. Whether my privacy needs are met
is not good enough unless mathematically guaranteed, and even then there are
social/integration features that may add side channels that require control.
An example of such a feature would be Signal requesting your contact list to
find out whom, among your friends, is also using Signal (which isn't too
horribly an anti-pattern in this case because the app still works without read
access to your contacts).

Why? Because I want to be able to revoke access to any of several specific
details about me or my device based solely on whether I feel like it. As soon
as this is taken for granted, it is devalued and users lose leverage. Then the
conversation during development becomes whether a proposed new feature is
"worth" an encroachment on user privacy.

------
Data_Junkie
Reminds me of when Gordon Ramsey tried to explain to a clueless "chef" not to
just give endless options. " Well why are you here then ? "

------
johnrob
I just saw ads on that blog post. I thought that was odd given the context. I
went back to see again, and they were not there anymore. Is one of the
included script tags up to no good?

~~~
ianbicking
:( Probably Disqus, I turned off ads but it looks like they've turned them
back on for free accounts. I'd change comment providers, but doing it for new
posts while leaving Disqus on old posts is beyond my energy level.

------
norswap
As a counterpoint, if you give users control, you don't have to figure
_exactly_ what they want. They can also get creative.

And _in some cases_ that is exactly the right approach.

------
barce
I did a thought exercise and replaced users with pilots in light of the Boeing
737 Max crashes. Pilots wanting control is not just a shoulder shrug.

~~~
laughinghan
How about a thought exercise where you replace users with the customers of the
Boeing 737 Max flights---the passengers? They don't want control. They want to
be flown somewhere without dying.

------
fareesh
True, but also possible that users want control.

------
anbop
OK, users don’t want control. I’ll start a Netflix with only one movie because
they don’t want control over what they watch.

------
Eric_WVGG
The economist Theodore Levitt said “consumers don’t want to buy a quarter-inch
drill, they want a quarter-inch hole.”

------
arno_app
How can you trust a system you don't control or see how it uses your data?
With this premise the main claim becomes invalid imo while I agree with your
point what users desire but I still think control and sovereignty are major
points

------
dboreham
Lost 5 minutes to wondering what other thing you can shrug...

------
scraegg
In fact it is actually mutliple things, depending on the situation. I think
the people Ian is talking about really exist. But I don't think it applies to
health care. In health care it's actually a cost saving effort by politicians
not unskilled providers trying to hide their lack of knowledge, i.e. reason
(5) not reason (1). Therefore educating them or the public is also not an
helpful action. More reasonable would be to try to figure out the cause of
lack of funds and how to counter it, or if there is no way back to help people
along the way, e.g. by writing an article about how to find and read research
papers oneself as a previous user of a social health care system.

If you don't believe it or don't understand what I mean, read on:

1) In software dev "Product Owners" who have no idea of their job (or simply
see that nothing happens and therefore have better things to do in their life
than focus all their energy on their job) say that to have some kind of goal
to work towards. True. That's probably also where Ian got this idea from. In
this situation it's not unreasonable to do that because if he can't even act
like he would have a goal he could not stay in that leadership position.

2) Users also really want control when they can't trust the actual service
provider. And that doesn't just mean incompetent providers. It also means
providers with goals that compete with the users. E.g. many countries now try
to figure out how they can do nextgen_after_4g without Huawei, because they
fear the political goals that might stand behind Huawei. In this situation
it's also not unreasonable to want control.

3) A third reason is people who know the user's situation better than the user
(e.g. IT security experts) and who want to help the users. In that case they
will basically do the reason (2) fight for the users without much help from
the users. It's a naive but admirable position to take. Not unreasonable.

4) Some people act like they would do reason (3) but actually just try to play
games with the users on the user's cost. Anti-Vaxxers are such a group of
people. Or the nationalist political grups we saw rise up a few years ago.
They take an existing fear of uneducated users, escalate that to unreasonable
sizes and then act like they would offer some help in exchange for money or
votes.

5) Politicians and highest level corp leaders will say "users want control"
when they have an area where they were providing a service in the past that
the user come to expect, but for political or market reasons they can't
provide that for much longer. So they act like someone else would want it. If
they stand there in front of the camera in their $5000 suit, $200 hair cut,
and their $3000 wrist watch nobody would believe them if they would simply say
"all right guys, there is no more money for that service, let's pull our belts
tighter". The only practical alternative I've seen is what the new Pope is
doing. But that really needs a fanatic who can live an asketic life style
which simply is not for most people. If most people can choose between a $5000
suit and a $2 self-knitted, itching rope then most people would choose option
1. So either you need to put one of a very small number of people in a
leadership position and defend them there (which will cost you a lot as well),
or you need to accept that "users want control" is the strategy the existing
leadership is driving.

Imo the best approach is to think about how to deal with reality instead of
hoping or fighting for a reality that can't exist. But I can even see the
reasons for why one rather dies dreaming than live in reality. ;-)

------
collinmanderson
> I first started thinking about this during the debate over what would become
> the ACA. The rhetoric was filled with this idea that people want choice in
> their medical care: people want control.

> No! People want good health care. If they don’t trust systems to provide
> them good health care, if they don’t trust their providers to understand
> their priorities, then choice is the fallback: it’s how you work the system
> when the system isn’t working for you. And it sucks! Here you are, in the
> middle of some health issue, with treatments and symptoms and the rest of
> your life duties, and now you have to become a researcher on top of it? But
> the politicians and the pundits could not stop talking about control.

~~~
swagasaurus-rex
I would want to choice not to place my physical and financial health in the
hands of profiteering insurers, but that's currently the only reasonable
choice we (people in the U.S.) have.

~~~
nostrademons
That's not true. There are a significant number of non-profit health insurance
companies, insuring a majority of the total market:

[https://www.firstquotehealth.com/health-insurance-
news/non-p...](https://www.firstquotehealth.com/health-insurance-news/non-
profit-health-insurance)

~~~
ummonk
Having not-for-profit tax status doesn't mean they aren't profiteering.

~~~
nostrademons
If you're worried about that you should be worried about government
profiteering as well. Particularly since a very common failure mode of
publicly-funded services is for the government to give the contract to friends
of the bureaucrats who administer the program. If that's forbidden, a common
failure mode is to give the administrator position itself (and usually, a fat
salary) to friends of those in charge.

~~~
maxxxxx
When you compare the US situation with other western countries your number one
fear should be with US private insurances, private or not.

------
microcolonel
I want you to stop telling me what I want, because it is sickening in its own
right.

------
Causality1
Frankly I'd settle for control of the hardware I paid good money for. Root
access on my android devices. Full control over Windows Update without having
to boot into Linux and rip DLLs straight out of the system folder.

