With the proliferation of web-based applications and websites that require users to create an account in order to access all of its content, many developers have taken to allowing their apps’ users to sync their accounts with pre-existing social media profiles such as Facebook (Nasdaq: FB) or Twitter. But while the practice makes perfect sense for simplicity’s sake and saves users the need to remember countless different passwords and combinations, it has also raised a number of privacy concerns as personal data extends beyond the borders of the social networks in which they were originally created.
To pre-empt some policy considerations, Gigya, a tech company that manages social logins and other internet infrastructure solutions for websites, introduced a new a social privacy certification and seal on Thursday. Perched below any website or service partnered with Gigya, the seal reassures users that the service has been examined to ensure that their personal data will not be abused or compromised.
But the seal is just intended as a marker of Gigya’s larger development, which is a collaboration with The Future of Privacy Forum, a Washington, D.C.-based in order to create a standardized list of industry best practices for privacy and social logins. The Mountain View, California-based company also hired a chief privacy officer and formed a privacy and safety advisory board to advise its clients.
Speaking in a phone interview earlier this week, Gigya CEO Patrick Salyer said that he hoped the service would establish a new precedent of trustworthiness and transparency for websites and internet companies in how they relate to their users and make use of their data. Polling some 2,600 customers for a study commissioned by SurveyMonkey, Gigya found that even though more than half of consumers have logged into an application or website using a social login, among those that don't 40 percent said that they didn’t want their personal information compromised.
Almost half of the consumers surveyed, meanwhile, said they would be more comfortable with social logins if the service they were trying to access offered a clear, concise message about how, exactly, it was going to use their data. Hence, the new privacy seal.
“We kind of consider it a virtual handshake, if you will,” Salyer said. “Users are granting permission-based data, and they’re doing that in return for transparency and a customized site experience.”
Gigya hopes that this type of certification standard will help establish a new precedent for web companies, thereby satisfying legislators concerned with how social logins compromise user privacy as well as everyday consumers tired of being spammed unintentionally by botched applications like the Washington Post Social Reader.
"When a website makes a public representation, it's a binding agreement,” Jules Polonetsky, co-chair of The Future of Privacy Forum and a prospective member of Gigya’s new privacy advisory board, said in a statement. “It's bold, but it's one most sites are ready to make. If violated, the websites would be open to enforcement by the Federal Trade Commission.”
The concern here for legislators will ultimately be whether or not this kind of self-contained regulation within the industry and between companies like Gigya and its clients is enough to guarantee the protection of user privacy. As a private company, Gigya certainly hopes so. But is self-policing by private corporate interests enough?
“It’s an important question,” Salyer said. “But we have the best interests in mind. We believe we’re on the right side of the privacy question.”