Hacker News new | past | comments | ask | show | jobs | submit login

So someone explicitly chose to hide their email, and then on logging into an app is asked to share their real email.

Anyone in that position would think the app is shady AF and user hostile.

Progressive consent makes sense though: in starting out with an app that i have no previous trust relationship, "Hide my email" sounds like a good idea in a trial balloon. If after using the application it tells me that to better use its collaboration tools it would like me to consent in giving a more direct email address, I might change my mind given changes in trust relationship (I have been using this app for some time and I trust it more now) and/or greater context for why the app is interested in a more direct email address ("make collaboration easier").

It's not necessarily shady or user hostile when done right, and there are plenty of opportunity to add trust relationship building as a part of the consent process (links to privacy policies; details about marketing policies; etc).

It's also not that different from how many iOS applications (at least) are encouraged (in App Store best practices) to handle consent models for location tracking and notifications: ask the user as they become familiar with the application, not up front, and provide as much context as you can.

I like this approach. And giving users that progresive consent is smart. If I open your app and am greeted with "You need to give us your email to get the most out of our app" then I'll be upset as that is user hostile. But If I click a share button and am told "In order to make it easier for people to send you things, would you provide your email" and being able to dismiss that and continue to use the app and all of its features, I'll be significantly happier.

That said though, I don't see why the app couldnt just change their sharing model to an "invite link" based pattern. If I want to share something with a friend, why do I need to provide their private information to the app to do it? Why can't I generate an invite link and send that through my already established channels of communication? I don't think the "but your friends don't know your Apple privacy email" reason is very compelling. That might not work in their current system, but it is definitely not an insurmountable problem.

That's something that bugged me about the article because it sounds like they do fallback to an "invite link" pattern when they don't know an email address, but it sounds like they've spent most of their UX optimization work on flowing people most directly from invite links into "Create Account" that they don't trust users not to create new accounts on receiving an invite link. (Maybe just stop assuming that people receiving invite links don't already have accounts and instead better your UX flows for existing users?)

(ETA: They make an okay follow up point that someone accepting an invite link sent to a different email sends a signal that they could just go ahead and link that email address directly to the account, and don't see why you wouldn't just give them that email in the first place. But in addition to being a squicky privacy faux pas to automatically link any email to an account without direct user consent, there are plenty of reasons to send emails to an address only indirectly linked to a person and/or that a user would not feel comfortable directly linking to an account. It's a somewhat flimsy argument below the surface, I think.)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact