Facebook has gotten all kinds of grief lately for continually tweaking its privacy settings to give users less control over how their information is used. Earlier this week, the social networking company announced it would allow third-party partners access to basic user information so as to create a more personalized experience for users when they visit those third-party Web sites.
The problem most users have with the plan, however, is that Facebook will hand over their information to these partners automatically. If users don't want to participate, they must opt out. Though many don't have a problem with the information sharing program in principle, they would rather opt in to participate than have to opt out when they don't. I can understand their frustration.
So when Google announced a plan to allow developers more access to Gmail accounts, it also made sense that many would view the move with similar skepticism. In fact, a coworker sent me v3.co.uk's coverage of the story with the comment, "This doesn't sound good." But the difference between Facebook's tweaks and Google's plan - in this particular instance, anyway - is that Google is leaving control with the user.
According to v3.co.uk, the Gmail user will ultimately decide whether to grant developers access to his or her account, and doing so won't require giving up password details. The story quotes a blog post in which Google senior product manager Eric Sachs explained:
It is more secure for the app developer to use the industry standard protocol called OAuth, which enables the user to give their consent for specific access without sharing their password.
Facebook could learn a lot from this example. In giving its users a choice from the beginning, Google avoids having users feel they're being taken advantage of, avoids the public relations headache that could result from upset users, and also promotes innovation and product improvement.