Friday 21 September 2012

Privacy policies – when shouldn’t you bother posting them?

Dear Brenda,

Many thanks for inviting me to such a useful session at the offices of the British Computer Society in Covent Garden last night. It’s so important for bods like me to be able to understand what it’s really like to be an application developer, and what issues are foremost in their minds as they seek to become Britain’s next squillionaire. Failing that, at least to run a profitable internet business.

You’re right – thank goodness there weren’t any officials from the Information Commissioner’s Office in attendance. Or from the European Commission. Had they have been there, blood would undoubtedly have been spilt on the carpet as they would have felt obliged to respond to some of the fascinating points that were made.

Remember though, Brenda, the guys from Wilmslow just have to interpret the law as they see it. It’s not their fault if the law’s unworkable. And, boy, we heard of a few unworkable examples last night.

I like the point that was made earlier on in the evening about the additional difficulties that mobile application developers face. Yes, users are impatient. And, their fingers have to navigate really small screens. And it’s hard to input the right combinations of letters and characters when overcoming the password hurdles etc. And the devices have a relatively weak CPU power. And the internet connections will keep dropping. And the battery life can be pretty dire.

But, all this notice and consent stuff is supposed to be important. Developers will be expected to pepper screens with privacy icons and pop up boxes, and permissions and explanations, all in 8 point type (or smaller). The theory behind this privacy set up is pretty straightforward – give the user something to click on for a few minutes, so they build up their anticipation of the great stuff the application is actually going to deliver. Eventually, they’ll be so relieved to be presented with the actual app that they might not notice it’s a bit ropey.

Anyway. I also chuckled when that speaker said that the best way for application developers to succeed these days was through the use of a “lean technology” philosophy. This means only doing the absolute basics to get the application up and running, so you can see if anyone actually wants to use it – and, more importantly, how they want to use it.

Yes, it also means cutting out the privacy policy etc to get the “day 1 minimum viable product” out in the market place, soonest. Let’s be realistic – the initial release is only going to be picked up by a few people, and most of those are going to be your friends.

I chuckled when another speaker recommended that you shouldn’t worry too much about this privacy stuff at this stage. Just spend a long time closely monitoring how the application is being used. Don’t listen to what the users say about the product. Look at what they are actually doing, and how they are using it. Then, when you’ve got more bugs fixed, and you’ve given the site a bit more functionality, you can dress it up with a privacy policy – because by then you’ll have a better idea as to what this new creation of yours is actually going to do.

I though anther speaker also made a good point when they mentioned that every web application developer goes through a couple of about turns as they realise that what they thought was going to be ultra cool simply won’t fly. So you shouldn’t bother spending money commissioning a privacy policy until you’re far more confident that you have a commercially viable enterprise in your hands. Wait until you’ve got about a thousand users or so.

And don’t worry too much about these fears of Euro fines of up to 2% of your global turnover if you haven’t got all the administrative stuff (and the policies) in place from day 1. Remember, 2% of diddley squat really isn’t that much.

Just make sure you’ve paid your £35 DPA registration fee to the guys at Wilmslow. They’ll be so grateful for that kind gesture that they’ll cut young British innovators a bit of slack, you know. They don’t want to stifle innovation. They are human, after all. And, if your business becomes a roaring success, they might even want to come and work for you.

PS – I’m not sure whether the remarks in my last paragraph apply equally to the bods at the European Commission. But you’re not in a million years going to be seeing them doing a dawn raid in Rivington Street. They’d never find your desk in that cavern of a squat you share with all those other app developers.


Thanks to the Central London branch of the British Computer Society for holding such an interesting session on designing, building and marketing consumer mobile applications on 20 September. Speakers included Tony Fish, the author, entrepreneur and Investor; Dr. Yanguo Jing, Principal Lecturer in Computing at the Faculty of Computing (London Metropolitan) and mobile app specialist; Phil Woodward, co-founder of HipSnip and Alex Berezovisky, CEO of LetoLab.

Tony was supposed to talk about reasons for going mobile, features of a good app, mobile business models and raising rounds of funding. Yanguo was to discuss steps towards building your first app, design considerations and platform choices. Phil was to speak about his experience in the mobile space, the relationship between web and mobile, and mobile web versus mobile app. Alex was to discuss the principals of a Minimal Viable Product (MVP), staying focused on key value propositions and aligning apps with business models and the market. In the event, a variety of views were expressed on a variety of issues from these and other contributors.

References to the speakers in my email to Brenda may have been to the above individuals, or to interventions from members of the audience. You are never going to know – unless, of course, you were there.

Image credit: