There’s a yucky yucky trend going on in social media right now: Asking for Address Books. This is evil. Do you hear me? EVIL!
BAD BAD BAD BAD BAD!
KNOCK IT OFF! PLEASE! JUST QUIT IT!
Okay — step back. What am I talking about. I’m talking about when you go to LinkedIn or Facebook or MySpace (or pretty much ANY of them now), and the website smiles all cutesy at you and says, “Oh, hey, I’m really glad you like our website. You know, there are probably people on here that you’ve never thought to search for, and it’s a real shame that they’re not in your network yet. But if you just give us the username and password to your Gmail account, we can check all of your friends’ email addresses against our database and find all of them for you. It’s quick, it’s easy, and your friends will thank you!”
Sounds harmless enough, right?
Don’t give it to them!
I don’t care how much you like them, or how safe they tell you they’ll keep it for you, or how much convenience they’re offering you. Your address book is your address book and it does NOT belong in the hands of a social networking website.
Why? Here’s why:
- Spam. We know it, we hate it, we’re sick of it. When you give out your address book, you give out a list of email addresses that are connected to legitimate people who use the Internet regularly, and this is very valuable to email marketers. Your social networking site will promise you that your email addresses are “safe,” but sometimes “safe” means, “We promise we’ll ONLY share it with our partner companies — you know, our hundred closest friends. And by the way, when a larger company buys us out, those rules will probably change.“
- Impersonal Invites. I’ve received invitations to social networking websites from people I’ve barely ever spoken to — people I would need to reintroduce myself to if I ran into them at a party. Why did this happen? Because those people gave up their address book to a website, and that website went ahead and invited every email address that wasn’t already in the system. If you let this happen, it can make people feel uncomfortable, and it can make you look disrespectful. The worst part is that you might not even be aware that it’s happening.
- Trust. You don’t give your friends’ phone numbers out to strangers. Please don’t give their email addresses out to a centralized database. That information is theirs to share; not yours.
- Identity Fraud. They’re asking you to give out full access to your email account when they ask for your address book. Your email account is a critical link to your internet identity. Access to it is supposed to be a SECRET!
This plays into another yucky technique (which is as old as dirt, but far more powerful with the emergence of social media): Data Mining of Personal Information.
There’s a service called Rapleaf. It allows you to plug in your email address and find out what your reputation looks like on the web. The same people run a service called UpScoop, which lets you plug in all your address book data and social networking site information to scan the profiles of everyone you know — public and private — so you can “keep up with your friends.” The same people run a service called TrustFuse, which lets email marketing campaigns check boatloads of email addresses against the Rapleaf and Upscoop database to find out lots and lots of information about the people they’re trying to get money out of. (Edit: Here’s a good analysis of the RapLeaf/UpScoop/TrustFuse drama if you want more. )
Evil, I tell you. Evil.
Do you read the Privacy Policy and Terms of Service of every website you give a username and password to? I don’t either. We like to function on trust. And if someone I respect invites me to use a service, I will often take their word for it that it’s a good service. But now I can’t do that anymore, because I don’t know for sure if they’re actually inviting me, or if some robot monster manipulated them into giving them my email address before they even had a chance to create a profile.
Social networking is a good thing — it’s doing phenomenal things for communities at an international level, and it’s important that we represent and express ourselves on the web. But please pay attention to what people are asking you for out there.
And don’t underestimate the value of your friends’ information.
December 16th, 2007 at 1:07 am
i have no problem with data mining, as long as they are mining public info. if i put something where google can find it, i’ve let it free into the world.
December 17th, 2007 at 4:23 am
yeah– while I’d prefer it if aggregators left different areas of the internet alone, i know that’s a losing battle.
but i do take issue with the centralize aggregation of info that you can be gleaned by people giving account access to third parties.
how far away are we from locked livejournal content being archived in marketing databases because someone wanted to read their friend’s writing on a website that also let them see myspace profiles…?
not very far at all.
December 17th, 2007 at 4:27 am
also: trustfuse is connecting “personally identifying info” provided by clients — like addresses and phone numbers — with web content profiles. my phone number and address are unlisted in the white pages, but if i give it to a nonprofit as i donate $20 to them, and they choose to use trustfuse… suddenly my physical coordinates are connected to all of my online actions.
awesome…
December 17th, 2007 at 4:51 am
I have two fears which petrify me even more than established sites such as LinkedIn and FaceBook (and possibly my own sites in the future) containing features which send invites to address books.
1). The obvious fear that certain sites will continue to get even more sneaky about the way in which they incorporate this feature into their sites. As the 2.0’s continue to become more and more aggressive in their networking and marketing strategies, it doesn’t seem unreasonable to expect a site which FORCES you to invite a send a certain number of invites before you’re allowed to access any substantial content. In fact, anyone who rememebers AstaLaVista style torrents and hacks before the turn of the 20th century is probably already familiar with one version of this trick…”Enter four more email addresses and your file will be waiting!!!”
2). The fact that this feature serves as an obscenely easy-to-implement bulwark against more serious transgressions, such as a) traditional spamming and b)auto-enrolling emails found on the wider internet. For example, a site like CareerBuilder.com could easily aggregate massive lists of email addresses from other social media tools, and be protected from anti-spam lawsuits by uploading the email addresses to a few alias Gmail accounts. Yikes.
Ironic that this blog required my email address for me to post. :__)
Kylie,
WomenCo.com
December 17th, 2007 at 5:13 am
Good points, Kylie (ha — especially on the email address requirement for this blog post. Yes, I am privately, secretly logging your email address so I can send Dopp Juice SPAM at you All! Day! Long! Okay, not really.)
Thanks for kicking ass on WomenCo, by the way. :)
December 17th, 2007 at 5:17 am
(omg, kylie, i just figured out who you are. *headslap!*)
December 18th, 2007 at 1:14 pm
Two massive thumbs up! This is a practice I’ve never endorsed or participated in. I also find it interesting how it took off with gmail; almost as if gamil is the skeleton key to web identity. *shudders*
December 19th, 2007 at 10:52 pm
Thank you, J! For a brief minute I was feeling kind of alone in this righteous indignation. Spread the word.
January 3rd, 2008 at 7:14 pm
Sarah, late to the game, but I wanted to drop a line to say thanks for a thought-provoking post. For some of us who enjoy these social networking tools but don’t live and breathe the tech (etc.) worlds and their considerations, it really helps to have a well argued post like this one. Many thanks. And I’ll be following you on Twitter soon. =)
January 4th, 2008 at 10:07 pm
Thanks, arse poetica! This is exactly why I wrote it. Really glad it helped.
January 12th, 2008 at 1:57 am
Hmm, I was really tickled when I first saw this feature. Of course I hit “select none” and carefully chose the few people I was actually on a friendship basis with and wanted to invite.
And I’ve definitely gotten the random invites from people I don’t really know but am just in their address book (i.e. hosting customers). I felt bad about ignoring them, but now I get it – they probably didn’t even check who all it was sending it to.
I don’t know. I get the issues you are saying, but I also see the future we’re going towards. I don’t think anything will really be all that private anymore. And I’m not sure that is a bad thing. Think about if everyone was telepathic. No one would be able to lie. It would be a completely different world.
Now, this of course is different because people can definitely lie online. So, I think there will be a learning period where some horrific violations will happen and then people will learn from them. But we have to, as a culture, make those mistakes before we can learn.
Then eventually privacy will become unnecessary because humans will evolve beyond judgment and violence (having learned to by making mistakes). And everyone will realize that everyone else is more complicated than they appear to be (just like them) and everyone will then be free to be more open.
But then again, I’m a hopeless utopianist. =)
January 12th, 2008 at 2:10 pm
Ah, sheesh, I would love to be able to say it can be as you say, Emma – oh, how I wish it were so, right now – but, idealist though I am, my head says “not now, it isn’t”.
Openness is great – until it isn’t. And then it’s a burden that might break one. And recovering from that burden can take a long, long time.
However, I’m enough a realist to also know that “nothing changes until we do” – and finding that middle-ground of openness and discretion, authenticity and security, pride and realism – it’s a daily struggle, and it’s a hard one.
Just my humble opinion, of course!
February 3rd, 2008 at 10:10 pm
[…] sharing your “friends list” between your social networking websites without having to give out your email address book. This also means that signing up for a new social networking website won’t be such a […]
February 13th, 2008 at 5:17 pm
[…] networks SHOULD NOT ASK PEOPLE FOR THEIR GMAIL AND YAHOO MAIL LOGIN INFO. (i know, we’ve talked about this already, but it was nice to hear it on the panel from the Yahoo rep, too.) His reasons: our email address […]
March 24th, 2008 at 5:01 am
very nice web site. My English is not so good, so I do not understandt it well, but it seems very good. Thanks
October 14th, 2010 at 12:19 am
[…] So what about giving the website direct access to your contact list to pull in email addresses? That’s gotta be pretty easy right? Well… people are getting more wary of this practice since it’s what a spammer would do and could give you a bad reputation. In general, giving a website full access to your address book is a no-no. […]
December 10th, 2010 at 2:44 pm
It was a pleasure reading your blog entry. I bookmarked the site for future reference
September 21st, 2011 at 11:45 pm
CCleaner. it’s free.