Over the weekend I received an email from a company I very rarely do business with, Eventbrite, telling me what upcoming events my friends D and R are going to in my area. Since I have bought a handful of tickets via Eventbrite, and nothing recently, I assume they were trying to trigger a visit perhaps a ticket purchase. Instead, they made me feel uncomfortable. How did Eventbrite know these two were my friends and do these friends realize that the events they are going to are being shared with me?
I narrowed down my list of suspected social apps that could give out my contact info to either Gmail (all my contacts) or Facebook, quickly realizing that I had, at some point, given Eventbrite access to “my close friends” on Facebook. Instead of booking an event, I took a look at my Facebook app permissions and removed not just Eventbrite’s access but also a few other apps I was no longer using. That users are not always aware of what they are agreeing to in the terms and conditions of an app or service is not news. It’s also not news that apps try to mine that access for information on the user, their personal information and habits as pertain to the service. The hope is that knowing more about the user can and will drive future engagement or even a transaction. There is also the hope that by making a desired action very easy to do, and socially relevant, a user will be more inclined to do it.
What I’d like to see is more transparency from these apps and services when they use this information. Instead of surprising users with what events their friends are going to, say, perhaps, “your friends shared these events on Facebook.” It would also help if users had a chance to opt out from some features without removing the entire app, but that’s an entirely different blog post.
LinkedIn, Facebook and other social media networks are also guilty of this. They look at various sources, such as phone contacts, call history, or email contacts to suggest new people to connect with on the network, and users have given them this permission, not always knowing how it will be used. Mostly, this makes sense and makes connecting with friends much easier, hence delighting the user. Occasionally, especially when a call was a one time event, a non-social interaction or an unwanted connection, such suggestions make users uneasy. Transparency could also help in such cases, as well as the option to block certain permissions, such as suggestions based on call logs.
I do see the drawbacks of such transparency. Not everyone user will question the source of information and perhaps telling the user what the source is would cause too many users to block access to that information. Isn’t it at least worth considering when planning to access and use such data?