Sunday, September 6, 2015

Electronic Telemetry: The Sheep in Wolf's Clothing

Two workhorses dominate the electronic world: advertising and analytics. Both go hand-in-hand, as advertising companies heavily use analytics to target products at a perceived demographic. And because of this, analytics and user-tracking have gotten a bad rep over the past few years. Turn off statistics. Install a tracking-script blocker. While there is some truth to this advice, there is a blurred separation between "good" and "bad" tracking, and some analytics, especially anonymous telemetry, can be extremely useful. Sometimes even mission-critical.

Application developers use usage statistics to observe use patterns, detect unexpected errors, collect crash reports, construct runtime metrics, determine content quality, and much more. These statistics are fed back to determine what bugs developers need to fix and what new features are most wanted. Have you ever reported an error message? Or requested a new feature? Or complained about a glitch? Most people actually do...but not to the developer that made the application. Users usually complain to other users in online communities. And it is left to the developers to find these communities and track the feedback accurately. This is a daunting task that does not scale as the user-base grows in size and diversity. As an alternative to manual data collection, automatic telemetry is an attractive feature for an application. When done correctly, it can provide developers with valuable information about their product without breaching users' privacy, when done correctly, that is.
Example location Analytics image
By Ofol (Own work) [CC BY-SA 4.0], via Wikimedia Commons
One of the reasons users have been backlashing telemetry is companies collecting more data than users think they need, or even lying about the data they collect and how to disable such collection. Microsoft set a great example. They added one or two placebo settings for turning off telemetry, and afterward went through great efforts to implement mandatory telemetry that bypasses common power-user blocking techniques. Users like the illusion of choice with privacy, but not so much when that illusion is shattered. And there is always somebody willing to monitor all the network traffic coming from their computer to see exactly what information it is sending back to the mothership.

Lying is not the only way to deceive your users, though. Moving from one big corporation to the next, Facebook is very straightforward about its Messenger app, and what data it collects and why. But telling the truth is not enough. The Messenger app collects so much usage data that a digital forensics expert claimed, "I've worked for companies writing corporate spyware for iOS that didn't know you could get some of this information." It might be nice if every burglar in the nation made sure to list what things they stole and why they stole them, but the homeowners would still be quite a bit angry, and probably want their stuff back.

Bad examples aside, there is an acceptable way to collect telemetry data from your users. Collect a reasonable amount of data, allow for turning data collection off, and be transparent about what data you collect and why. It also helps to show users the steps you are taking to protect their privacy. Users understand—well, they think they understand—the job of the people developing the applications they use. And most users are willing to make a small privacy sacrifice, if it can even be called a sacrifice, to help improve the software they use daily.
Creative Commons License
Electronic Telemetry: The Sheep in Wolf's Clothing by Tyler Romeo is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

No comments:

Post a Comment