Privacy Model for Notifications

We live in a weird new era where I nearly always have full control of what information I share and whom I share it with (assuming I have an indefatigable interest in navigating permissions settings for my various social services), but I have no control over my information once it leaves me.  The consumption of my social content is entirely controlled by my followers, not me. This control model is simultaneously intuitive, correct, and disconcerting.

A classic example that comes up frequently for me is location. I’m perfectly fine with sharing my location with my friends through foursquare/swarm. I update Swarm multiple times per day and derive a lot of value from doing so. But I think it’s odd that, for people who have updates from me set to always notify them, some folks are constantly being reminded of my location, buzzing away in their pocket. This problem is not to Swarm, it’s true for Facebook, Instagram, or any other means of sharing current location. I have no problem sharing this information, but I have a little problem with how “in your face” it can be under the most aggressive notification settings. It’s a vanity issue… I think my location is unimportant to the point that I’d rather it not be in my friends faces multiple times per day. 

One could argue a few counterpoints:

(1) Why should I care how other people consume the content I create? Their mode of consumption is their choice.

(2) Just check-in “off the grid” more and share less.

(3) Just unfriend (most) people. 

For me, (2) doesn’t feel like an option. I’m happy to share and when I get helpful comments about my location, it’s terrific.

If (3) is the answer, then the product is broken, not my usage. So, lets give well-intentioned designers the benefit of the doubt and toss out (3).

So, I think the whole meat of the issue is (1). I don’t want my friends to be able to control my notification settings, and yet, I wish I could control their settings when it comes to my content. My desire is obviously inherently contradictory and why I find it interesting enough to blog about. There is a difference between (A) sharing information such that others have opt-in access to it and (B) broadcasting information aggressively. Designing these settings (and their defaults) is really tricky, and I wish I could be a fly on the wall in these design meetings.

Bonus Corollary: Sometimes you send an email and instantly regret it. You want to edit or delete it, but you can’t. Your content is your own until you share it, and then suddenly it’s the recipient’s content too, as a received message and intuitive privacy controls implies that a recipient should control their content. Yet everyone has felt this exact email pain point, and so when Slack decided to design for this use case, they allow the author to both edit (with an “edited” sign next to the message) and also delete any message the author writes. Slack decided that tie goes to the runner and email decided that tie goes to the fielder. The email design decision is less intentional and more an artifact of the information architecture of how email works in a stateless distributed early-internet design (how can you take an email off a remote server you don’t own?), but it’s still an interesting design choice nonetheless.