We blew it, we’re sorry, and we’re going to make it right.
It’s Hipster’s goal to provide a fun and beautiful service for our community to share where they are, and what they are doing – creating a safe environment for our users is of the utmost importance to us. However, when we built our “Find Friends” feature for iOS, we clearly dropped the ball when it comes to protecting our users’ privacy.
Yesterday, one of our Hipster users, Mark Chang (http://markchang.tumblr.com/) wrote a blog post detailing a few ways in which our “Find Friends” feature handles user privacy issues. You can read his post here .
Mark’s criticisms were spot on, and needless to say we’re pretty embarrassed by the situation. Embarrassed not because we had malicious goals in mind (we don’t store the contact data we pull – we just match it to existing users), but embarrassed by the fact that we pushed a feature that doesn’t meet our standards for the protection of our user’s data.
How are we working to remedy the situation? In an update that will be available through iTunes this week, we’ve changed the way our “Find Friends” feature works on iOS. Rather than automatically pull in a user’s contacts to help them find people already on Hipster, we’re making this feature opt-in, and users will have to confirm that they want to grant access to their address book. In addition, this data will now be transferred through a SSL connection.
But where do we go from here?
We’d like to use our recent experience to help improve the mobile industry as a whole.
On Thursday, February 17th, we’ll be hosting a “Application Privacy Summit” here at Hipster’s SF office to discuss of user privacy in mobile applications.
In addition to discussing best practices and privacy standards, the goal of the summit to be to come up with a “privacy pledge” – one that can be adopted by all apps, detailing for users what types of privacy expectations they should have. Applications will be able to boast that they have agreed to the privacy pledge, which should help give their users sense of mind regarding their personal data.
Invitations are being sent out to the CEOs of major mobile application companies, and we hope they will attend. In addition, if you’re interested in attending, please email me at Doug@Hipster.com.
We made a mistake, but we hope that what we’ve learned will shed light on the need for clear standards when it comes to protecting user privacy. Doing so will only do great things for our industry, our companies, and most importantly, our users.