Wednesday, December 26, 2007

Google Reader's Lesson on Privacy in Software Design

There's been a big kerfuffle over the last week (or two) about Google Reader's revised sharing feature. In the past, your Google Reader shared items were only available to people to whom you'd given a relatively obscure URL. While I quickly published that shared URL to a few places, other people were clearly taking advantage of its obscurity.

Recently, Google Reader added a 'friends' section such that the shared items for all of your GMail contacts (as well as anyone you add explicitly) will be easily accessible in the menu. Unfortunately for Google, not everyone is happy with this.

Some people have shared items that they've chosen to expose to a particular subset of friends / contacts, but don't want to expose to others. Imagine, for instance, that you share your love of bare-chested firemen with a few close contacts but you may not want your colleagues to know.

It's an interesting case, because on the surface, to anyone who was already treating the Shared Items as relatively public, it seems like a useful feature. I was happy to see the feature arrive, because I'm looking forward to using it and I was already treating my shared items as public. On the other hand, I can understand that this raises a privacy concern for some people, and I can respect that and see that it could be quite damaging.

It just goes to show that privacy can be a tricky thing in software design, and that sharing of information of any kind should be thought through in detail to avoid the kind of negative backlsh that the Google Reader team is facing.

It seems to me like there are some relatively simple solutions to the Google Reader Privacy Crisis (TM). I'm inclined to believe they should roll back the change until they're able to put some access controls in place. The simplest solution is to add a preference that allows people to make their shared items visible to their GMail contacts. Even if that preference defaults to 'on', it gives people the simplest control over the publication of their shared items. After that, it might be nice if there were options to share certain tags with certain groups of people, for instance -- so if I wanted to tag some feeds as private, or "for special friends" and share those as distinct from my publically shared feeds, that seems like a useful, if more complex, form of sharing that could add value.

Anyway -- I'm not sure if Google Reader is going to cave in to customer demand or stick to their guns, but I'm pretty sure there's an interesting lesson on software design and privacy here for those who care to learn it.

No comments: