Who do you trust? More importantly, who do you mistrust?
May 31 is “Quit Facebook Day.” Some users are outraged over new privacy policies that made sharing all personal content the default. The company “rolled out a simplified version of its privacy controls today, a single page where users can set who sees what.
Too late. Facebook already damaged its own reputation by mismanaging changes in privacy controls. That harmed reputation will continue to haunt Facebook for years.
The reason: Trust is now the most important service an online company can offer.
The public perception used to be that we “used” online services. But it’s slowly dawning on the public that, well, they “use” us, too.
To use Facebook is to hand over the most intimate details of your life — your personal contact information, your life history, your family and friends, your intimate secrets, in many cases. People are willing to do this only if they trust Facebook to protect that information.
If this is too subtle a point, let me say it in another way. While old-school privacy advocates focus on the details of privacy policy and practice, everyday users are going with their gut. Do I trust these people? It’s about perception more than practice.
And they have a point. The truth is that privacy policies and privacy controls don’t tell us everything.
How to Gain Trust
Years ago, before money was just digital information, banks not only had to actually protect your money, they had to engage in “trust theater” to earn the confidence of customers. They erected sturdy-looking banks with impressive marble pillars out front. They built banks so that everyone could see the vault door. And the vault had to be something out of Fort Knox. Everybody wore suits and business attire.
Airport security is similar. The Transportation Security Administration (TSA) airport security policies and practices have two jobs. The first is to make flying safe. And the second is to make passengers believe that flying is safe.
Online services are now like banks or the TSA. In order to succeed in this new world of cloud-based, social, interactive everything, they have to figure out how to both protect the privacy of users, and also to convince users that they are trustworthy organizations.
Facebook doesn’t seem to understand this yet, but Google does.
That’s probably why Google was named the most reputable company in the world by “a Reputation Institute survey. Sony, Apple, Nokia, Intel, Microsoft, Panasonic, Philips, IBM, HP and Samsung also made the top 28, but Facebook was nowhere in sight.
Here’s an example of the new “trust theater.” Google yesterday “unveiled a browser plug-in that blocks its own data collection service.
The plug-in gives users control over whether information about their browsing can be collected by Google Analytics, a tool for web site owners that provides stats on what visitors do on their site — how long they linger, where they linked from, and so on.
The browser plug-in has no real purpose other than to build trust with users. Google Analytics doesn’t collect the private data of individuals. It collects aggregated data on visitation, but that isn’t linked to actual, individual people. Google could have simply argued that no private information was being collected. But some users complained, so Google now lets them block data collection. It’s pure “trust theater.”
It’s hard for companies like Google to predict what people are going to object to. For example, Google computers read the content of your Gmail to display advertising related to the topics of your conversations. Some have complained, but ultimately users have accepted this.
But when Google rolled out its Buzz service, which is a cross between Twitter and blogging, it made public users’ most commonly e-mailed contacts. People freaked out, and Google fixed it in just a few days.
This highlights another way Google builds trust. They admit error, then fix it. They’re passive. When people complain, they don’t argue. They make changes.
The worst potential privacy scandal ever to hit Google happened recently, when we all found out that Google Street View cars, which take pictures for Google Maps, has been collected fragments of data from people’s home Wi-Fi networks as they drove past. Google said the data collection was a mistake, a result of code written for an earlier experimental program.
Google promised to delete the collected data, but then stopped doing so when privacy groups and governments called on Google to retain it so authorities could determine if any laws were broken.
The data collection was a huge blunder. But it’s hard to see how Google could have handled the fallout any better.
The Wi-Fi data collection fiasco also highlights another aspect of the new importance of trust. We live in an age where we don’t and can’t really know what others are doing with our private data.
For example, your cell phone knows where you are at all times because it checks in with local cell towers — and might even have a GPS built into it. What does your cell carrier do with the information?
What does your operating system maker (Google, Apple, Microsoft, RIM) do with that data? What do location apps do with it? How long do they retain location data?
Apple knows all about your inner life. If you own an iPad or iPhone, they know what you read, what Web sites you visit, what music you listen to, what TV shows and movies you like and they know who all your friends and family are. This is monetarily valuable data for, say, advertisers. What does Apple do with all this information? How long do they retain it?
How many online companies have your credit card information? Your social security number? Your address and phone number? We really have no idea.
With everything becoming social, and social becoming aggregated, we now have to wonder who has access to what information. We share the details of our lives on Facebook. But what happens when a friend approves an app, or connects Facebook with another social network. What is the other online service — the one we don’t even know about — doing with our data?
If this doesn’t sound like a plausible threat, consider a new site called “”Evil.” A programmer set up a feed that proves personal names and phone numbers can be easily extracted from Facebook — by showing the phone numbers (he’s nice enough to hide three of the digits).
The bottom line is that the online world has become so complex, the interconnectedness of all things digital so confounding, that the only defense users are left with is a gut feeling for how trustworthy an online service is.
That’s why a new age of “trust theater” is suddenly upon us. As companies begin to understand the overarching importance of actively building trust, they’ll go to great lengths to convince us that our data is safe in their hands.
Users will have a much harder time separating the truth from the facade. And companies will rise and fall on the perception of trust, more even than the material protection of user privacy.
Who do YOU trust with all your most private data?
