

Poll: I would hand over my data for good -or- I would do anything for privacy - kisamoto

In recent days large leaks of how data is being captured, combined and used has given us all food for thought.<p>I am currently working for a stealth startup, with the potential to capture a lot of data, to use it to provide contextually relevant information and target groups of people. I am curious to see peoples thoughts and opinions on data usage and privacy. So:<p>Would you hand over your data if it was used to provide better information to you?<p>Would you prefer that any data handed over was kept encrypted, so even the company could not access it?<p>If you prefer privacy, are you willing to pay for it? After all, data is where free services make their money.<p>Are there any limits to the data you would hand over? e.g. Location&#x2F;Contacts&#x2F;Calendar&#x2F;Shopping preferences
======
kngspook
I agree with anigbrowl that this too vague and open-ended for a meaningful
answer. But maybe a few datapoints will help you. (And for context, I'm
generally considered a little on the paranoid side amongst my friends/peers.)

In general, if you treat my data as mine and are respectful about it --
explain to me why you need it, keep it safe, and let me delete it (bonus
points for exporting) -- I'll be reasonably generous with my information. With
that said, and in no particular order...

\- I prefer that data be as encrypted as possible, yes. But even more
important to me is that when I delete the data on the front end, you delete it
from the back end. And that there be a way for me to delete my entire account.

\- I will give you location/contacts/calendar/etc. data access if your service
will provide me ongoing value as a result. I'm reluctant to hand that data
over for a one-time benefit, largely because I don't believe you'll delete it
when you're done. Similarly, I tend to be reluctant to hand over contact data
just so you can find my friends once (I'll just do manually searches for the
people I care about), and very reluctant to let anything connect to Facebook.

\- I do not find any sort of privacy-for-more-"relevant"-advertisements trade-
off to be worthwhile. Frankly, I question whether anyone who has given it a
few moments thought does. So far, I have no found targeted advertisements to
provide me with any utility...except that I will occasionally lightly game the
system to make unaesthetic/annoying advertisements go away.

\- If you only allow me to login via Facebook, I will use a fake profile (fake
name, email, everything, no friends) to test out your service for fun, but
will probably never use it seriously nor connect it to my main/real account.

\- I will absolutely dig through news articles and your support docs to find
the answers to these questions. If I have to drop to your Privacy Policy to
try and delete my account, I'm already pissed. If your answer to "is my data
protected?" is a one line in your privacy policy saying "We use industry
standard encryption to protect your data in transit and at rest.", then I'm
gonna go pop some popcorn and wait for Stealth-Startup-ppening (or is it
StealthStartupGate?) to begin.

\- For me to want to pay you, I have to trust you. If you don't respect my
privacy as a free user, I'm never going to trust you enough to want to pay
you. On the other hand, if you win my trust from the outset -- specifically by
making it easy for me to leave by letting me export my data (where relevant)
and letting me deleting my data when I quit the service -- then I am way, way
more likely to pay you for other add-ons.

At the end of the day, I don't know how secure your service was -- I don't
have the time or the competency to audit your code and organization, even if
you were willing to open up to me, and that would just be a snapshot in time
anyways. So I have to go by other heuristics, and I do that by your founders'
and notable employees' reputations, what you say in the press, the quality of
the code that I experience as a user, the language in your app (do you talk to
me like an adult human?), the look and feel of your site, and the quality of
your support docs. And from that, I get a sense of what the people on the
other side of this app/service/site are like, and if I want to do business
with them.

TL;DR: How much you respect your users shows. I go from there.

~~~
kisamoto
Thanks for taking the time to write a detailed answer. As it happens we do
offer visualisation tools that show the data recorded and have a large, "erase
me" button that hard deletes all information we keep for a user (also
explaining at what cost).

We are also spending significant time and effort in redesigning the language
of the app to be more respectful as well so I'm reassured by your comments.

------
anigbrowl
Too vague and open-ended to admit of a meaningful answer. Everyone has an
individual utility possibility frontier and your app will sit somewhere
different relative to that. Your aim as a commercial entity is to sit along
the median.

~~~
kisamoto
There is obviously the fence to sit on, fighting with privacy advocates on one
side and "these ad's aren't relevant to me" on the other, but my primary
reason is to see if there is a viable market for privacy respecting apps or if
ultimately, people just don't care.

