Last week I wrote about Spotify and the new permissions asked for in the latest version of the app. I am still pondering the right balance between requesting access to sensitive data and defining the feature that needs that access. There are some clear cut examples where access makes sense: a photo app will need access to the camera and photo roll, a messaging app will need access to contacts, and a map-based app will need access to location. All these are requests that benefit the user and are a core part of the app’s feature set. Then, on the other end of the spectrum is what Markus Persson called “feature creep for privacy invasion.” That is, requests for sensitive permissions that have dubious benefit to the user and enable a minor, peripheral functionality.
Today I was about to update my Starbucks app when I noticed that it now asks for permissions to access my contacts. In my personal “permissions hierarchy,” access to Contacts is very high on the sensitivity scale. In Android, an app asking for Contacts permission gets “permissions to read and write the user’s contacts and profile information.” From reading the release notes it seems that this functionality is for sending gift cards. This is definitely not a feature I need to use every day during my coffee run. Hence, no update for me.
But while we’re on the topic of my daily Starbucks run, can I ask for two features? They require my location and my payment info, two things that the app already has access to as I monitor my Starbucks card and rewards through the app.
First, an “is there a line” feature. Go ahead and attach a Density sensor to every Starbucks branch. Start with the urban ones, as there is a Starbucks on almost every block. Then, when a user searches for nearby locations on the app, indicate the length of the line for every nearby store. I’m envisioning this feature like Google Maps traffic indicator: green location icon for almost no line, yellow for some line, red for at least 10 in line and dark red for avoid this place at all costs. In an ideal world, users would avoid the branches with a long line and walk an extra minute to make their purchases in the branches with the shorter line, making their own distance-to-branch vs time-in-line tradeoff. Starbucks would have happier customers and less stressed baristas.
Second, why not avoid the line altogether with in-app ordering? The app can verify the user’s location, that they are near the branch and thus probably intent to pick up the drink and they can also charge the user via the payment information they already have. If done smartly, the app can indicate to the barista to make the drink only when the user is less than a 3 minute walk away. What could be better than walking into a branch and having a freshly made drink ready for you? And for extra points, the cup might actually have the user’s real name on it!