Anyone who follows tech, startups, or privacy issues has probably seen, by now, the firestorm surrounding Uber this week. I will not go into extensive detail, but in brief, a senior executive at Uber apparently suggested that it might be acceptable to dig up dirt on individual journalists and their families if those journalists were critical of Uber. It seems generally understood that this was directed against one particular journalist (you can read her reaction here).
There has been plenty written in reaction to this story, but that is not the point of this post. The point of this post is that: tech startups, especially those that collect information about their users, need to be thinking about privacy issues from the beginning.
If you are a company that collects information about your customers, here are three things you need to think about immediately:
If your company collects a great deal of information, you need strong controls over that information and who within your company has access to that information. People are becoming more and more sensitive to privacy issues. Something like the so-called “God View” is going to make everyone very nervous. So far, the U.S. government has not imposed a huge amount of regulation on tech companies. However, Europe has imposed far more strict controls. If companies don’t start to take aggressive action to regulate themselves, the U.S. government is going to step in and regulate.
Each company is going to be different in terms of how information is controlled and how it needs to be controlled. It is important to think about who, within your company, has access to private user information. If you are not controlling this, you may find yourself liable legally for the abuses of your employees.
With all of your company policies, you need to think about how they will impact your ability to continue to attract new customers. If the future of your company depends on the trust of your users, you better make sure that your policies are designed to keep that trust. Right now, many users are willing to trust a great deal of their personal information to tech companies. However, too many abuses by too many companies will destroy that trust. If the trust is destroyed, your customers will start to look for alternatives. Google famously has the motto “don’t be evil.” This motto reflected a larger corporate attitude regarding company and employee behavior. As a result of this attitude, customers trusted Google with a great deal of information. While some of the policies may not have been required by law, they were good for business.
Privacy policies are not an easy issue. You will certainly need to talk with an attorney who is well-versed in privacy issues. Additionally, if you plan to have users in other countries, you also need to address international laws. However, appropriate privacy policies may be critical to your business, so you would be well-served not to ignore them.