Privacy Practices

Do we provide users with notice and get their consent before installing or updating software or features?

Making it as easy as possible for users to install or upgrade their software or use new features can be beneficial, but keeping users in the loop about changes is just as important. Users want to have notice and an opportunity to consent before any significant changes take effect. Both Sony and Google learned the hard way that users do not like their software to contain silent, hidden surprises.

• Notify users and gain their consent before installing or updating products. Most users will embrace new or improved functionality as long as they are aware of what they are getting. Giving users choices before making changes will allow them to voice possibly legitimate complaints as well as prevent controversies when new features have unforeseen consequences.

Sony: Shipping CDs with an aggressive digital rights management (DRM) program that installed itself on users' computers without their permission was a big mistake for Sony. The company was targeted by multiple class-action lawsuits and blasted in the media. Sony was forced to recall the CDs and pay millions of dollars in compensation to its users.

• Activate auto-update only with user consent. Most users will happily activate a feature that keeps their software up-to-date without requiring any effort on their part—but some will be less than pleased if such updates happen automatically without their knowledge or permission. Avoid dissatisfaction by making auto-update an opt-in process.

Google: The company was pilloried in the press for making millions of its Google toolbar users vulnerable to a malicious software attack because of its toolbar's silent, automatic update mechanism. In 2006, a researcher found a flaw in the toolbar update mechanism of the Firefox browser. But since the Google toolbar software, unlike that used by Yahoo! or Facebook, did not provide notice to and obtain consent from users prior to updating the toolbar, Google toolbar users who used the Firefox browser could not control when the toolbar was updated and faced increased risk.

• Distribute updates and new products separately. Using an update to push out new, unrelated products can result in negative press and may cause users to lose faith in security update tools. Encourage users to install or use your great new product voluntarily—don’t trick them into it by attaching it to an update for a service they already use.

Apple: When Apple released its Safari 3.1 for Windows Web browser, it wasn’t content to simply promote its new product. Instead, it released the browser as an "update" to its popular iTunes music software, causing many iTunes users to involuntarily install Safari. Critics claimed that Apple’s behavior "bordered on malware distribution practices," driving Apple to clearly identify Safari as a new product and have users opt in prior to installation.

• Notify users and obtain consent before accessing, using, or publicizing a user’s list of contacts. It is tempting to leverage a user’s list of contacts to advertise products, seek new users, or push new services, but users consider this information to be private and find any company use of contact lists without informed consent to be especially intrusive. Companies frequently suffer reputational damage or worse for attempting to leverage contact lists inappropriately: Google’s Buzz was slammed as a "privacy nightmare" for poor contact list privacy, Facebook had to backtrack after users rebelled against privacy changes that made users' lists of friends public, and Tagged.com has paid millions in fines for misleading users into providing the company access to their contact lists. Avoid legal problems and public relations nightmares by clearly explaining any contact-list action to users and only accessing their contacts after opt-in consent.

Tagged: In 2009, in a misguided attempt to boost membership to its social networking site tagged.com, Tagged Inc. sent millions of deceptive emails, which misled recipients into giving Tagged access to their contact lists. As users became aware of the deception, Tagged’s reputation and pocketbook both suffered. In addition to being called “the world’s most annoying website” by Time Magazine, Tagged was sued by at least three states. To date Tagged has racked up $1.4 million in fines to New York ($500,000), California ($650,0000) and Texas ($250,000). The settlements also require Tagged to provide clear disclosures and to allow users to revoke access to the personal information they mistakenly provided to Tagged.