Disclaimer: personal views abound.I’ve recently been playing around with Google Latitude (the few folks I’d use it with are privacy-conscious enough that they don’t, so it’s boring), and I’ve tried the PicPosterous iPhone app. I’ve also been a close observer of what’s going on in W3C’s geolocation Working Group. It strikes me that, as they ask for users’ locations, many applications (native and otherwise) start with, well, bad manners. Take PicPosterous: That application wants to turn on the iPhone’s location system before I’ve had any interaction with the app at all. What is it going to do with my location? I don’t know. Is it going to track me? I don’t know. Is it going to keep a trail of where I am forever? I don’t know. Or take Google: When I start up Latitude, I expect to deal with location data. That’s ok. But I don’t expect Google Reader to start tracking me down just because I signed in to a different, location aware service from the same company. That kind of unexpected behavior really smells like spyware. It makes me want to turn off the GPS (and the other location services) most of the time — which, of course, makes the legitimate location-aware services a pain to use. Dear developers: Build your applications so they don’t look like Spyware. Don’t surprise me. Be predictable. Put me in control.
- Don’t locate the user unless he’s said so. Take PicPosterous: The purpose of the location gathering is geotagging a picture. Why not pop up a quick dialogue that says “I’d like to geotag this picture. Shall I?” And why not locate me only when a picture is taken? All that would go a long way toward building some trust in the application’s behavior. Or take Google Reader (or Latitude): Why not give me a setting “update my location whenever I use Google applications”, with default “off”?
- If you’re an application that needs to track my location (say, you’re a turn-by-turn navigation tool, or you’re Google Reader and I’ve told you to find me), remind me. Give me a little button to turn off your location function. Again: Don’t surprise me, and put me in control of what you do.
- Tell me what else you do with the data, in plain English. Start out with what the latest draft of the geolocation API spec has to say, and be very clear when you do anything else. Even better, give me an option.
- Even when I click that “remember for this site” option, I’ll probably forget about it in a while. You better ask me again when I haven’t visited the site for a while.
- A web application might behave badly. Remind me whether someone’s locating me right now (how about a little pulsating crosshair?), make it a no-brainer for me to figure out who knows where I am, and make it really easy for me to stop sharing location data — with any of them, or with all of them.
- Give me an option to lie about my current location.
2 thoughts on “If you want to know where I am, convince me you aren’t spyware.”
Excellent suggestions. I think this message also needs to be aimed at the Operating System vendors as well. My understanding is that the permissions dialog boxes displayed above are owned by the OS; hence, app developers may not have the flexibility you are looking for.
Actually, you’re seeing two different types of dialogues: On the one hand, an OS-based one for the picposterous app; on the other hand, browser-based ones in Safari (mobile) and Firefox (desktop).The common point to all of those, though, is that they all go off once the application (web or local) tries to locate me. I.e., as an application programmer, you have control over when that dialogue shows up: Right after I click a "locate me" button — or barging in the door right after I’ve started the application.
Comments are closed.