Recently I was reading an article on the the Business Insider’s website http://tiny.cc/ddiqv, that got me thinking.

In this day and age of web 2.0  development where a lot of the content that appears on the web is created by the end user, I wanted to ask , how do we as web developers protect the privacy of our users while still maintaining the experience that a client desires?

First and foremost, we have to look at the data we are going to be collecting for display on a site and how we are going to store that data in the database. We as developers have to remember that if we don’t have to store the info, we shouldn’t store it. Now that is a simple concept, but this does two things. 1) It protects us as a company from ever losing data that could compromise someone’s personal information. 2) It allows us to always have the most up-to-date information to display on the site.

When we connect to Facebook or Twitter, as a developer we only ask for the level of consent that we think we will use in our application. We never ask for full consent from users.  That would be like throwing open the floodgates to potential problems later on. We also try and be upfront with the site’s users about what data we are going to use and what we will do with it once we have it.  We  try to only store users information for as short a time as necessary. The good thing now is that social networks are beginning to understand this and have started to provide the tools needed to protect the privacy of their users.

One tool that has been almost universally adopted among social networks has been OAuth. For those who don’t know what OAuth is, it is a means by which we as developers can access the information the users give us access to, without the need for them to give us their username and password to the site.

It used to be that the only way we could bring a user’s twitter feed or a list of their friends from Facebook to our site was to ask them for their username and password, then store it for later use.  This could potentially be dangerous because many users guard these items like a dog guards a bone.

However with the introduction of OAuth, this has all changed. Now what we do is we set up an application on the social network’s site and we have the user log into the social network site and grant us permission to access their information. That consent comes back to us in the form of a very long encoded piece of data. This is the information we then store in our database.  At no time do we have possession of their username/password.

Whenever a user comes to use our site, we then send that encoded data back to the social network and they allow us access to the information we have consent to use. We then may do a mashup of their data with data we have stored in their account, but once we do that we are then bound by the Terms of Service for that social network.

For example Facebook has the following terms that we must abide by http://developers.facebook.com/policy/ as developers. Feel free to read through these if you have the time, however for purposes of this blog post lets focus on Policies – section III. Facebook in this section makes it very clear about what data and what types of data we can store about the end user.

Users give you their basic account information when they connect with your application. For all other data, you must obtain explicit consent from the user who provided the data to us before using it for any purpose other than displaying it back to the user.

This is probably the most important item on the list. We as a company must explicitly ask for consent for all information we are going to store or use. If  they do not want to give us that consent, then that is their choice. It should not stop them from being able to utilize the site they are on. If we have access to a user’s information, we can then create a richer, more personalized experience. It does not mean we now have full control of all the user’s information, just that we can make their experience better overall.

Also another point made in the Policies is:

You will delete all data you receive from us (Facebook) concerning a user if the user asks you to do so, and will provide a mechanism for users to make such a request. We may require you to delete data you receive from the Facebook API if you violate our terms.

Now, sure people can and probably will try to store your information for purposes other than what their needs are. Most companies like ours ,however, do not want to run afoul of these terms as the consequences can be severe. Essentially the relationship we have with social networks is an “at will” relationship. Meaning if they want they can cut us off from using their api at any time, and that also means all our clients would be cut off also. So its best for us to stay on the correct side of the TOS.

Now to the second point of my original question, how do we maintain a excellent user experience for the users (while protecting privacy)  that makes our clients happy? Well the easiest way is we should provide a means for the site to function without social networking that is almost identical to the social network connected version of the site.

Recently we did a twitter campaign for Daffy’s where we aggregated tweets whenever a user put #DaffysBang tag in their tweet, it was picked up by our servers. Now granted, no one gave us explicit permission to do this to their tweets, however we only used tweets that were publicly available using Twitter’s Search API. To maintain the users privacy, the information we stored did not relate to anything other than the specific tweet the person posted along with the profile image at the time of posting. Now during the campaign the site itself had a twitter feed, that was generated from those tweets we had stored, then after the campaign ended we reverted back to the original site. Now also we did not allow people to login to customize the site with their twitter info, but this is a good example of how we maintained the user’s privacy while integrating twitter into the site.

In conclusion, how do we maintain privacy of our users without compromising  a excellent experience on our sites? Well it is a balance, but if we make sure that the experience we create is respectful of the information that the users are allowing us to access and we take precautions when storing information, we should be able to provide a great experience that satisfies both the users and our clients at the end of the day.