In web we trust, but how much?
Since September, I’ve been developing tweetcetera on my spare time. And I’m on the point to release a beta soon (end of the month or earlier)..
What is tweetcetera?
Tweetcetera is a web application I’m working on the spare time. Basically, you login in with you Twitter account, and it reproduce the Twitter web interface with smarter options.
Once the beta out, I want the development to be user centred, so a uservoice will be open and everyone will be welcome to ask for new features.
What is the problem?
I had a conversation with Matt Aimonetii where I asked him to test the current version of tweetcetera.
Even if I use Twitter Oauth for the authentication (ie: I don’t store you password, you login on twitter and then are redirected to the application), there was a confidentiality problem.
His first thoughts were:
How do I know that you’re not going to use my personal informations?
How do I know that you’re not going to post analyse informations like DM or protected statuses?
I must admit that, as a fair developer, I wasn’t expecting these kind of questions. I didn’t even think about it when using another third party application to connect to Twitter.
But the question is legitimate. You don’t want to be spammed, or analyse without your contentment right?
What can I do?
As a lot of developer, I’m fair. And so are my applications. I’m not going to use informations for post analyse. But how can I transmit the message?
I don’t want to write a big warning on the landing page saying “Trust us, we are not evil!”, that would scare more people than reassure the others.
If you are using web third party app (like Seesmic for example), what makes you trust a this application? (Brand reputation? Website design? … )
For me it’s usually just a matter of willingness to take the risk. Brand rep plays a huge part in this. If it’s a new app without a rep, then I tend to fall back to how professional the site appears. Does it have really good design? Does it have a FAQ and other good docs? In short, have the developers obviously put a lot of time, effort and caring into its creation. I think it’s simply not worth that kind of effort if your only goal is to screw users. Plus, with twitter, there’s not a lot of value in screwing someone. Yeah you can post stuff that makes them look bad what else are they going to do. I mean, what personal information have I given twitter? My e-mail? That’s not hard to find anyway. My web sites? Hullo, all available through google. My location? Potentially useful but if i were out to steal peoples location info for nefarious purposes i’d work on something that hooked into Loopt or FourSquare, or any of the other GPS location based apps.
In short, make something that looks really professional visually, and appears to have had some non-trivial amount of time expended in its creation, along with good documentation to show me that you actually seem to care about what users think and want them to understand and use your service. Do that and, assuming your tool is something I’d find useful to begin with, I’ll take a chance on it.
There are way too many twitter oAuth apps out there that have zero documentation. not even a freaking about page that describes what exactly it does and why. Just some fancy front page with their widget on it, an assumption that it is totally self explanatory, and sign-up type button. grr.
Thanks for these points masukomi, there are some good points here that I need to work on