I wish I had more time to blog. It is a great way to distill your thoughts about everything you read every day, especially around complex areas (which is what I do on my commute, via my iPhone). Alas, I am just trying to move a ball forward every day and kicks some goals for StreetHawk.
There is a lot in the press about privacy at the moment, and some great commentary about what this actually means in the new ‘social’ world. The discussion exploded after a number of apps were ‘discovered’ accessing users entire address books and even uploading it to their servers without the users permission. I find this shocking. What I also find shocking is the amount of information Facebook (FB) gives StreetHawk as a company for the benefit of letting users login to StreetHawk with their FB ID.
I am a FB user. I don’t regularly go in and check the Privacy Statement – I mean, who really does. When I login to my Airbnb app using my FB login, do I know what information I am imparting to the Airbnb? It is certainly NOT in their permission box, nor is it in many others. They, like us, ask for the minimum amount of data from FB, but what this gives us as a company is everything in their profile, their friends and even their email address.
I read a great article recently – wish I could find it – about the fact that there are many dubious practices around privacy, but the fact is that even with lots of lobby and government groups jumping up and down, nothing is being done about it. The writer made the statement that this might be because people don’t really care. Or that the downsides of having their privacy invaded aren’t really very bad, and at most, incredibly unlikely?
Our home address for example is held by many organisations and individuals. It is really not that hard to find someone if you want to. If we’re going to have a stalker, it’s likely to be an ex-partner and they already know where you live and hang out.
And of course I have to mention the whole cookie advertising discussion here as well. OK, I think that tracking what people do, where they go, with permission and as long as it is anonymous, is a good thing. It means that everyone in the advertising eco-system is happier (what consumer really wants irrelevant advertising?). But, when Google just gets trickier and trickier, it takes the whole cause back. Read this from Business Insider today. http://read.bi/xCxkR6
I follow with an article by Graham Spencer from Mac Stories on what it means to over-compensate on permissions. If you use location-based services on your iPhone, you are probably as annoyed as I am every time I get asked my permission for something that is integral to using the app.
We start treating these permissions like wallpaper, undoing the good that was intended. Graham makes some great suggestions so hopefully someone from Apple is listening.
We have to keep talking about these issues as a business community. We have to navigate very new waters. It is complex, I think ‘consumer’ views and technology has the ability to capture more information than ever before.
Now I must get back to that ball.
The iOS Permission Dialog Dilemma
For anyone who used Windows Vista, you will be well aware of the frustration that UAC (User Account Control) caused. That permission dialog popped up far too frequently, constantly asking the user for permission to execute a particular task. In theory, it was a good idea: give the user more control over what was allowed to run. The problem was that because the dialog box popped up far too often, people quickly learned to ignore it and blindly click “Allow” whenever it appeared - nullifying any of the security benefits of UAC. Thankfully Microsoft relaxed the pervasiveness of UAC in Windows 7 and it is now a far more useful security tool.
Why did I just spend a paragraph talking about UAC? Because to a certain degree, Apple is facing a similar dilemma with iOS and its permission dialogs. It recently faced scrutiny after it was revealed that a number of apps were accessing a user’s entire address book and even uploading it to their servers – without any user approval. Apple has now pushed back and announced it will soon require user permission for apps to access a user’s Contacts. But will it resemble yet another blue dialog box, just like access to Location, Push Notifications and Twitter already do? If so a user will face a barrage of those dialog boxes, asking for permission, one on top of the other.
It’s after reading Marco Arment’s thoughts on this issue earlier today that I thought I would weigh into the discussion and suggest one idea that may (or may not) be a potential ‘solution’. While there can never be a single solution that will be perfect for everyone (what may be overly cautious for one user may be overly lenient for another) the goal as I see it is to arrive at a solution somewhere in the middle ground; one that achieves an acceptable mix of precaution and freedom.
Essentially, my suggestion is that rather than let users face a stacked barrage of blue permission dialogs, is to flatten them all out on one clear screen when they first launch an app after installation. Users would see a list of what the app would like permission to access and the user would be able to (with one tap) allow all, or individually deny permission for the various databases. Furthermore, with one tap, a user could see a short justification from the developer for why the app is requesting that particular access – giving a little bit more control and peace of mind to the user. If a developer lied on this page it would almost certainly be grounds for expulsion from the App Store. The one final goal of my proposal is that it would also inform the user that these options can be changed the Settings, something many users may not be aware of at the moment.
I myself am not sure this is the best option, because there is one critical weakness. With my design, an app would have to upfront ask for permissions for whatever it might want to access in the future – but as Marco points out, some apps (like Instapaper) require access to something like Location for a minor feature that not everyone would even use (in that case it is to determine if it’s night at the users location, in which case it can switch automatically to dark mode).
If I asked most careful people if Instapaper could have their location, they’d refuse, because there’s no obvious good reason. But if the app asks right when they enable a location-based setting from a screen that shows why it’s asking for their location, they can make a more educated decision. Similarly, if an app doesn’t seem to have a good reason when it asks for Contacts, a skeptical person can decline.
Although to counter that point, I would note that not only can a user choose to individually deny Instapaper access to their location, but if they were curious as to why Instapaper would need access to their location, they could quickly read Marco’s explanation with one tap. Furthermore, my suggestion wouldn’t entirely remove the blue permissions dialog, as an app could ask again for permission later on if access was initially denied but a user is trying to use a feature that requires permission — in that case, the app could trigger the dialog to ask the user permission again.
Accompanying my suggestion would be something similar to Rene Ritchie’s app permission sheet in Settings. It would list all apps that have asked for permissions and you could dive in and edit those original options from when you first installed the app. As for allowing an app to send push notifications, I would probably keep that separate, as its own blue dialog box. My permissions “screen” would be solely dedicated to access permissions, to information that is privately stored on your device. One big benefit of such a permissions screen of course is that Apple could theoretically add more things that require permission to be accessed by apps, without a user becoming too overwhelmed, because such a layout is far better than stacking dialog boxes. Think about access to NFC or perhaps your music library.