Thursday, April 2, 2009

Privacy Enhancements: You Asked, We Listened

It's been nearly a month since our launch of Xmarks at the DEMO conference and already hundreds of thousands of existing Foxmarks users have upgraded to Xmarks. Many of you have shared great product feedback with us and we thank you for your praise, suggestions and support.

Among the comments and questions have been a few on the topic of privacy, and how exactly we use aggregate bookmark data to power our new discovery features. You've raised some important issues and we've been listening. With this post, we hope to address your privacy concerns and show you that we are dedicated to building a great product that you can enjoy for free.

First off, a number of you have asked about the motives for adding sync and discovery features, and pondered “why not stay a pure bookmark sync utility?”. The answer is simple: we think there's immense potential for creating a discovery engine based on the wisdom of millions of people (like you), and have been in pursuit of this goal since day one (view our privacy policy from 2006). Our co-founder Mitch Kapor originally described this as “a user-driven approach to finding the information that matters on the Web”. Today we simply say that our goal for Xmarks is to help users discover the best sites on the Web.

Beyond our belief that bookmark-powered discovery can make your web searching and browsing experience better, our launch of Xmarks is important to our business. Our new discovery features have the potential to generate enough advertising revenue to allow us to keep our incredibly popular synchronization and backup service completely free. Just as Google provides a world-class search engine for free by complimenting it with advertising, we see similar opportunities for our discovery service. We have no hidden agendas - our goal is simply to build next generation tools that help people find great content online.

So how do your bookmarks fit into all this? In the same way that Amazon uses purchase trends to recommend products to millions of other shoppers ("people who bought this also bought"), or Netflix uses movie ratings to help others find great films to watch, we analyze bookmark trends to help you and others discover the best sites on the web. Just as you can't learn about individual details from these discovery features on other sites, you cannot learn about an individual's bookmarks from Xmarks.com. We simply use the collective wisdom across bookmarks to power our service and in return we provide you with our best-in-class synchronization service free of charge.

We understand that some of you are concerned about private sites leaking out to the world, but rest assured, we only make a site discoverable on Xmarks.com if a sufficient number of people have bookmarked it – a site with a small number of bookmarks gets automatically ignored. To help address your privacy questions in more detail, we've prepared a Privacy FAQ. Please take a moment to read it and let us know if we've missed something.

Finally, we’ve heard from some of you that you do not want your bookmarks to be included in aggregate by Xmarks. In response to your requests we're adding an opt-out feature that will exclude your bookmarks from our discovery engine. We'll make this available within a week in the My Account section of our website to users with a valid email address on file.

Keep the feedback coming. We’ll keep listening and working hard to make Xmarks better.

Thanks,

James Joaquin
CEO, Xmarks Inc.

25 comments:

  1. I think I would embrace this kind of system, if only there was an easy way to turn it off when I wanted it to be off.

    I want a bookmarks folder that the Xmarks extension ignores completely.

    I want to be able to temporarily turn off the tag downloading feature (because it necessarily sends the URL up to the server for analysis).

    Give me that, and I'll let you index and analyze the rest of my bookmarks to your heart's content.

    ReplyDelete
  2. To be clear, by "folder" that the extension ignores, I don't mean the whole set. I mean that I want to be able to mark individual Bookmarks folders as "ignored", and they will be completely ignored by the plugin for purposes of uploading and sync.

    ReplyDelete
  3. I think that's not the right way to go. It should definitely be opt-in, not opt-out.

    If I find a site I think is interesting for others, I'll tell xmarks. In ALL other cases, I don't want anyone to do anything with it, I don't even want xmarks to look over my bookmarks to see if it is potentially of interest for others.

    My bookmarks are my business and my business only. Why is it that hard to understand?

    Or would you send me your bookmarks for further investigation? I have given my email address and am really curious what your personal bookmarks may be, James!

    ReplyDelete
  4. @John, Xmarks does not display your personal set of boomarks to anyone, ever. We only use aggregate bookmark data similar to how Amazon and Netflix do.

    We do have a sharing feature that allows you to explicitly share one or more of your bookmarks folders publicly. Since you expressed interest in my bookmarks, here'ya go:

    My eight year old son Dylan is fascinated by natural sciences, in particular Entomology. Here's a link to all my bookmarks I've collected in a folder for him:
    http://share.xmarks.com/folder/bookmarks/04qWPSd1WK

    Feel free to subscribe to the RSS feed for that share if you want to stay abreast of the latest kid science sites. ;-)

    -James

    ReplyDelete
  5. Note to John: In order for bookmarks to be available via a link such as the one that james posted, you must go to my.foxmarks.com, login, click a folder, and click share. No bookmarks are available as that way by default. ;)

    ReplyDelete
  6. I chose Foxmarks to backup my bookmarks because it was "anti-social." I sure hope it doesn't become something like stumbleupon or de.li.cious. I think the web has enough social bookmarking sites.

    ReplyDelete
  7. > We only use aggregate bookmark data
    This does not matter. You are using my bookmarks. My bookmarks, not yours. It's my private data, not yours.

    I'm not interested in some bookmarks you've sorted out to make them public, I'm interested in your bookmarks! I want to read your bookmarks, just like you read my bookmarks.

    And don't worry, I'm just aggregating! I'm waiting for your bookmarks, James. One law for all.

    ReplyDelete
  8. John, I really think you are overreacting? If nobody knows that your bookmarks are yours why do you care? I think I understand the principle of the matter but I don't feel it's an issue. If Xmarks wants to see what I have bookmarked, that's fine, I have nothing to hide.

    ReplyDelete
  9. I overreacted the same way John did. Here is a product that worked perfectly for what I needed it to do -- sync research-based bookmarks between three Ubuntus. That's all I wanted. Now I find out I'm supposed to be part of a "social aggregation" experiment whether I want to or not.

    The original announcement was extremely unclear about whether I'd be forced to adopt Xmarks; it was quite clear that the Foxmarks Web site (and, I assumed, my online folder) was vanishing into Xmarks. I took this as a sign that if I wanted to continue using Foxmarks, I'd have to be a part of a social network that I did not choose. From my perspective, this was not a good product rollout; there was something about it that felt, frankly, not quite on the level.

    It may work out for the best. But if I feel like I can't opt out of enough sludge (and I agree with John that opt-in is good, opt-out is bad), it'll give me an incentive to get really good at RSync.

    ReplyDelete
  10. "And don’t worry, I’m just aggregating! I’m waiting for your bookmarks, James. One law for all."

    Yeah, you're "aggregating" from one person. That's a really good aggregate. :/

    And they are his bookmarks; you just fail to see that through that wall called ignorance. Unless you're implying that he can actually _look_ at your *private* bookmarks. It is not clear to me whether they are allowed to look at your bookmarks from what I've read in the Privacy Policy. I would suggest that be corrected by an Xmarks employee as soon as possible. I would assume that it is against company policy to look at individual bookmarks which have been collected by the Xmarks service, but as of now I cannot say whether that is true or not.

    ReplyDelete
  11. "And they are his bookmarks"

    And so are my bookmarks my bookmarks.

    Exactly what I wanted to show, thanks!

    ReplyDelete
  12. You mean "you’re implying that he can actually _look_ at your *private* bookmarks"? Otherwise, we're going in circles. ;)

    By "they are his bookmarks", I was actually speaking of the ones he put up a link to, as apposed to the ones you were speaking above in an earlier comment. Technically, "the company" (Xmarks), not "he" (James), has your bookmarks. Technically, he "could" (I.E.: it may be possible to) access your bookmarks, but I don't know if he's allowed to, or if it's against company policy for anyone to access an individual's bookmarks without a reason.

    That being said, I would assume that it is against company policy(as I said above, see the circle yet?), but it is not in writing as far as I can tell, so I would wait for an official response.

    ReplyDelete
  13. Oh, and you're welcome. ^.^

    ReplyDelete
  14. Hi Nobu, it's a good question and one that we have gotten frequently over the years.

    Our Terms of Service states that "In order to manage, administer and provide the service, or as required by law or order, we may access files and data provided by you for use in the Service."

    This means that only select Xmarks employees have the ability to access a user's bookmark data and do so only when it is absolutely necessary to resolve a customer problem. Most issues don't require us to access bookmarks so this scenario is uncommon and is done only in response to a user's customer service request.

    You can find this clause in the "Privacy" section of our "Terms of Service": http://www.xmarks.com/about/terms

    ReplyDelete
  15. Wow, what a botched upgrade: new functionality that invades privacy, little/no mention of it in the release notes, no way to opt out yet; how could this have been managed worse? What did you developers thing was going to happen when you released this? I would love to know.

    Oh, and private ftp transfers were broken --- I don't have to wonder why. :-(

    I downgraded to 2.7.2. How do I prevent it from auto-upgrading later? Would someone create a version that doesn't upgrade itself, ever. I can give it a try.

    ReplyDelete
  16. Where I can download Version 2.7.2. of Foxmarks? I don' t like the new Xmarks, because it disables the use of a own server.

    ReplyDelete
  17. I found a way to prevent Firefox from bugging you to upgrade from Foxmarks 2.7.2. Open "about:config", right-click to create a new
    boolean variable, extensions.foxmarks@kei.com.update.enabled, and set it to 'false'; you will then no longer be prompted to upgrade
    Foxmarks. Download 2.7.2 by clicking on "See All Versions" from
    addons.mozilla.org.

    ReplyDelete
  18. From the Firefox addon site. Just make sure to note your username and password , uninstall xmarks , and reinstall 2.7.2.

    Agree most completely with Eddie :

    Right way :
    1. Upgrade should be voluntary.
    2. Should be 100% clear if original foxmarks will continue or not.
    3. Default for "aggregating" should be opt in.

    If they had done this , it would be fine.
    The way its been done is :

    1. Hope most users will be indifference to upgrade.
    2. Marketing speak by all staff.

    ReplyDelete
  19. Bruce thats Brillant.
    Thanks.

    I'll post it on the xmarks site , and give you credit.
    Hope thats ok with you.

    Thanks a million ,

    Joe

    ReplyDelete
  20. It's a bit ironic that you have to validate your email address before you can opt-out of having your data aggregated.

    Having all my bookmark information and a valid email address would make for some incredibly well-targeted spam.

    People already don't trust this service because of the spyware style upgrade, a classically naive initial reaction, and disingenuous communication.

    Now they want more private information before you can opt-out. A login and password isn't sufficient to authorize use of the opt-out mechanism?

    You have to be kidding.

    ReplyDelete
  21. I also felt concerned that xmark was invading my privacy as soon as I saw the funky xmarks icons on a google search.

    I immediately de-activated all plugin "Discovery" features.

    Then I learned about bookmark "aggregation" here, by pure chance, and immediately de-activated it in my account. I believe you should clearly provide a message and link about what aggregation is and how to opt-out in the plugin itself, close to the "Discovery" feature activation.

    Thanks

    ReplyDelete
  22. just moved to syncplaces. ciao.

    ReplyDelete
  23. I happily used Foxmarks for years as a great way to keep my multiple machines in sync, but I will now stop. You may have fixed the invasive changes with this update to Xmarks, but the fact that on the upgrade from Foxmarks to Xmarks you slurped all my bookmarks has driven me to find a new way to sync bookmarks.

    You took a good add-on and turned it into spyware and adware. Good job, champ.

    ReplyDelete
  24. I upgraded to the Xmarks-addon with some reservations.
    First thing I did after logging in was to disable the contribution.
    Not because I totally reject the concept, but due to the same reasons Tim stated in the first two comments. I want to decide what bookmarks get aggregated, from complete folders down to individual bookmarks.
    You can proof that you respect the privacy-needs of your customers by implementing these features.

    Unless, of course, your business model is now primarily based on not giving users control over their bookmarks in terms of privacy, which I really hope it is not.
    Give me those options to finetune my contribution and I'll turn it back on. Thanks.

    ReplyDelete
  25. I sleepwalked into upgrading to Xmarks. When something works well, you don't tend to notice it.

    What I did notice was the icons liberally sprinkled over my Google searches. I hate add-ons that manipulate web pages in any way, and so I immediately chased it up and landed here, among other places.

    Disappointed and disgusted, I have now opted out of this ridiculous bookmark aggregation. There should have been no need for me to do so. It is now time to investigate alternatives.

    ReplyDelete