More and more sites I run into these days are offering a way for me to log-in using Facebook. That’s cool, if it means I don’t have to fill out yet another registration form. But the permission pages that come up sometimes are so scary that I decline the offer.
This happened again with me today when I went to Groupon. The Facebook sign-in icon was there, so I tried it. This is what came up, in response:
You know, all I wanted to do was easily sign-in to Groupon and buy a Kiva card as part of a special charitable offer that’s going on. Instead, I have to contemplate all these things that Groupon and/or Facebook will do with my account. Let’s do the blow-by-blow:
Access my basic information: Includes name, profile picture, gender, networks, user ID, list of friends, and any other information I’ve shared with everyone.
Some of this makes sense. Groupon can pull information it might ask me about on its own form, instead getting it from Facebook. Sure. But when you start talking about “list of friends” or “other information,” it feels like overkill.
Of course, I’m pretty sure this is just asking for permission to pull stuff that’s already public on Facebook to begin with. If so, why ask my permission and complicate things? This is probably a good intention disclosure that’s actually unnecessary and generates more concern than it relieves.
Send me email: Groupon may email me directly
Can’t complain here — simple and clear.
Post to my Wall: Groupon may post status messages, notes, photos, and videos to my Wall
WTF! That’s my initial reaction. Groupon’s going to just start posting things to my wall? Like what things? How often? Is it going to ask me first?
Again, I think this is a good intention disclosure. My guess is that if I do things in Groupon, it might offer to let me share my actions to my Facebook Wall, if I explicitly say so. I don’t know this, of course. And the permissions page does nothing to reassure me. How about a plain English explanation that tells me exactly what might happen?
Access my data any time: Groupon may access my data when I’m not using the application
WTF again. What data is it going to access. Why’s it need to access this any time?
Oh, by the way, Groupon’s not an “application.” Dear Facebook: There’s this thing called the web. It contains web sites. Web sites are not applications that run on Facebook, regardless of what your engineers might think. They are independent entities that may interact with Facebook. I doubt most typical Facebook users would think of Groupon as a “Facebook application.”
Check-ins: Groupon may read my check-ins and friends’ check-ins.
Because why? I mean, maybe you could explain a bit more about why Groupon needs to do this? And maybe I could opt-out of this, if it’s not absolutely necessary? Remember, my goal here was simply to log in to Groupon in the first place, not hand over check-ins from my friends.
Access my profile information: Birthday
This is clearly a template that says something like “List profile items that aren’t public in this fashion, ‘Access my profile information: item A, item B, item C, etc’.”
Again, plain English. Why not just say, “Get my birthday.” Sure, a little more programming time. But it’s worth it for the non-engineering types you’re trying to reach.