Silicon Valley is renowned for its culture of innovation. There a common, renegade approach is to send products out into the world while they’re still half-baked, in the belief that it’s better to improve them based on real-world use, rather than trying to perfect them behind closed doors.
And the Valley accepts, of course, that this approach means that they’ll sometimes stumble, that some products might blow up in their faces. But it’s willing to live with that, believing that it’s ultimately better—and that they’ll innovate faster—if they ask forgiveness rather than permission. For the most part, the "Apology Approach to Innovation" works. Even when companies stumble, the consequences have generally been minimal—a few waves of invective from users and the tech press.
But last week’s FTC settlement over Google Buzz could change that. Google Buzz was launched with the classic Apology Approach: the social network was fairly well—but not completely—thought through. And when users started railing against the fact that it de facto looped in all Gmail users, seemingly without their permission, the company simply apologized and implemented some tweaks.
As we reported, the FTC’s settlement last week clearly said the do-first-fix-later approach wasn’t good enough, not when it comes to users' personal data. And as a result, for the first-time ever, the FTC took the unusual step, it said in its settlement, of requiring a company to implement a comprehensive privacy program—including 20 years’ worth of privacy audits.
Ever since Facebook launched the comparably flawed Beacon program four years ago, tech circles have been abuzz about the increasing precariousness of privacy in a socially networked world where more and more of our details lives are floating around online.
Tech companies have predictably chafed against the idea that new regulations may be in order to ensure that inadvertant privacy breaches don’t take place. And some leaders, like Facebook CEO Mark Zuckerberg, have gone further, asserting that that the Apology Approach is still the best tactic to use to innovate new offerings for the pervasively digital world in which we now live.
John Verdi, senior counsel at the Electronic Privacy Information Center, which brought some of the Buzz-related complaints to the FTC, however, says the settlement could be a wake up call for companies, prompting them to act more judiciously when tinkering with features that involve user data. "For far too long that [forgiveness-rather-than-permission] approach has been the tactic that a lot of companies have taken regrading privacy," Verdi tells Fast Company. The settlement, he says, will force companies to take privacy considerations more seriously.
"No one at a company producing banking software would say, ‘We’ll roll out the new software first and figure out the security issues later,’" Verdi says. "This settlement reminds companies that when they roll out products that have a privacy impact, the risks that are attendant to those rollouts need to be considered just as responsibly as the risks that are attendant to computer security."
[Image: Flicker user butupa]