Instant Personalization vs privacy

Facebook has been weathering a number of privacy-related storms lately, the most recent (at press time) being a new feature called "Instant Personalization", which allows partner websites - starting with Pandora, Yelp and Microsoft Docs - to personalize your experience based on the public info in your Facebook profile.

Just before that announcement, Facebook changed its privacy policy so that public info such as "current city, hometown, education and work, and likes and interests" would be transformed into "connections" that can be shared publicly on sites with similar interests. So, for example, a Facebook site about mobile devices, say, will list every member who named "mobile devices" as an interest. The only way to get off the page is to delete the interest.

The two announcements together essentially mean that more user info is public, which means more partner sites - to potentially include advertisers and marketers - can mine that info for targeted services and ads. To be fair, Facebook has an opt-out process - but it's so strikingly laborious that the Electronic Frontier Foundation has a dedicated page with updates to guide people through it.

Here's the interesting part.

Many of my Facebook friends are unhappy with this, as well as every other Facebook privacy change that has arisen in the last year. And I find myself in the position of explaining to them - to their astonishment - that this is nothing new, and that Facebook is hardly the only company doing this. Odds are, so is their ISP or mobile operator. And if they're not, they're definitely looking at ways to get in on it. The mobile sector in particular has been keen on the idea for several years now, because of the wealth of context-aware customer data that can be transformed into lucrative new services with a premium on personalization for users and targeted marketing opportunities for advertisers.

And there's ostensibly nothing wrong with any of that. Many cellcos already know from experience that users want personalized services and will gladly give up a little privacy in return for a tangible benefit. But many have also learned that trust is essential to making it work, and the starting point is to give people the chance to opt in, rather than forcing them to opt out - and if they do have to opt out, make it super-easy.

Risky strategy

That's where Facebook is going drastically wrong. I'll be fair and assume its "deploy first, apologize later" strategy is based on the social networking axiom that value increases with mass usage. After all, Facebook's advertisers and website partners aren't going to be impressed with Instant Personalization unless the initial user base is, well, everyone on Facebook.

But making the advertisers happy at the expense of user satisfaction is at best risky and at worst stupid. Maybe Facebook is banking on the likelihood that its subscriber base won't suffer as a result. But the bad publicity could hurt future subscriber growth and encourage existing users to simply delete as much public info as possible, which devalues the entire proposition.

Ironically, the idea of, say, Pandora or other music services using your Facebook profile to automatically tailor your playlist is a good one that would probably go over well with music fans. Facebook undoubtedly feels people will appreciate what they're proposing more if they experience it for themselves first.

But the reality is that it's not just what you offer, but how you do it. And in an age where many people are learning the hard way that what you post online can get you in big trouble (and can be stolen and used against you), leveraging personal data requires more than just forcing a feature on people and saying, "Trust me, you'll love it."

However it plays out, the Facebook debacle should serve as a cautionary tale to any and all service providers hoping to leverage customer data to roll out personalized services: above all else, trust matters, and trust is earned.