My birthday is the 5th day of some month. So I was surprised and took notice when LinkedIn included in an announcement email to congratulate me on my birthday this month. I didn’t remember giving them my birthday, but I’ve had the account so long I thought maybe I gave it as account verification information. I presumed it was the usual headache that can arise out of the fact that the US represents dates as month/day and the UK/CAN represents dates as day/month.
I went looking in my account to either correct or change it. I couldn’t find my birthdate anywhere. Profiles now contain a section for personal information, but I hadn’t provided anything there. There are no birthday fields on the account page.
Long story short, I opened a support case to inquire about where the data was stored and how it could be changed, and found out that LinkedIn had internally stored information in my account when I had performed an Outlook address book sync. As resolution of the case LinkedIn removed all the synced account data for me, so the offending incorrect birthday has now been removed.
It was a bit disconcerting that LinkedIn had stored information about me, didn’t make it available to me to change in user account screens and then used it. There’s probably some disclaimer in the Ts&Cs where I’ve allowed the use of my data. Still, it felt like a personal violation. But then LinkedIn has become such an accepted way for us to promote ourselves professionally, I’m not about to show that displeasure by removing my account. If a smaller or less essentially niched service did the same, I definitely would have voted with my feet.
I do advocate that including features in your online services that allow for collaboration with other services or applications. Such as an authentication proxy, like with Facebook, Twitter or Google. Or a data import, like this address book sync in Linked-In. They save the user time in having to re-enter information that is stored someone else, making it easier for the user to use the service and encourages users to commit or convert to the service or feature. However, I believe there are some ground rules that service provides should consider.
Make the data visible to the user
Make it clear, somewhere on your site, what information you are taking, where you are storing it and how you are using it.
This may be as simple as adding a further details page/tab to the account screen. You may want to have it as a general statement up front when the sync action is performed, and then provide a link to the details if they want to see more.
I believe this information should be presented to the user in a format that they can edit or delete it. Or even to re-sync, if they change the original source information.
Be clear about what you are doing with it
Most Terms and Conditions are clear about the service’s use of sharing the data with other companies, stating clearly that they don’t or allowing for users to opt in and out. But what are you going to do with the data? Are you being clear?
If you use customer data to provide you with demographic information about your community, and use it without identifying the users specifically, there is nothing wrong with making that type of a statement. Most people are aware that their data and behaviour on a site are often used for marketing purposes. It can be phrased in a manner that says, we use this information for ongoing improvements to our service.
If you are going to use it for something like the birthday announcement, be clear about that too.
Allow for an opt out
And always provide the user with an opportunity to opt out. Either as a configurable account setting, or as suggested above, allowing them to delete the data.