Proof That Startups Don't Care About Privacy

Whether you agree or not, I think we are approaching a situation where our trust in fledgling start-ups, popular or not, is in decline. Just browse the names: Twitter, Path, Instagram, Google, Facebook, etc., etc. Not exactly obscure companies, many of whom are well-liked by their users.<p>I would be as worried as a founder as a consumer, because the joy of being an early adopter might be waning in light of this. The address book security breach has made it undesirable to just try out all apps you see and worry about security later. Before, I basically only had to worry about non-SSL and plain text passwords - something that rarely mattered.<p>I don't know if using "we don't send your information unencrypted and unsafely, and we certainly don't sell your private information nor nab your contact list" is going to do more good than harm to a new company. It sounds a little creepy.<p>Maybe we should organize a pillory service with a track record in crimes against privacy and security instead as an alternative to Crunchbase. The FTC, bless their hearts, have limited resources and don't seem to be doing to much to make Facebook do what they do, and a track record does not need to be kept up to date, as great as it would be. It doesn't need to be an exhaustive list; having the biggest companies like Google, Facebook, Amazon, Tumblr, Microsoft, Dropbox, and Twitter would suffice in most instances, because, honestly, as much as I loathe Facebook, I have an awful memory and have to rely on my bookmarks to remember just how bad they are.<p>Perhaps this database can be extended to follow founders or CTOs involved directly or indirectly in these screw-ups, when they leave their company, so they don't pull the same stunt the next time.<p>This could be done with something as basic as a GitHub collaboration.<p>Who knows, maybe this can even be turned into a start-up - it seemed to work for Chris Dixon.

Actually, I have evidence to the contrary. Check this out:<p>PrivacyParrot: See if a site sells your personal information.<p><a href="http://www.privacyparrot.com/" rel="nofollow">http://www.privacyparrot.com/</a><p>It uses AI and NLP to parse privacy policies into easily readable statements: <a href="http://www.privacyparrot.com/privacy-policy-for-twitter.com" rel="nofollow">http://www.privacyparrot.com/privacy-policy-for-twitter.com</a>

For a very early stage startup caring about privacy does not immediately translate to displaying a privacy policy.<p>For us it was a day 1 decision: we will not do anything remotely creepy with your data. We will guard what you give us carefully and collect only what we need to operate our service.<p>This is a fundamental and important part of our ethos.<p>Still, it took us more than 6 months to get an externally visible privacy policy in place, because lawyers are expensive and not displaying a policy did not kill us.

The lack of a privacy policy isn't good enough evidence for people not caring about it. It just means people haven't written one up. I'd question whether a privacy policy that says "we'll collect any information about you we can and sell it to everyone we can" would be an example of caring about privacy.

Hey I made CleanIcons.com and I was just wondering what kind of privacy policy you are expecting for the site? I am using a third party purchasing service (gumroad.com) and I am selling icons that I made. I guess I could have a privacy policy that says I will not sell your email to people? Is that what you are expecting?

Have you considered the possibility that "privacy" is mostly a Hacker News moral panic, an obsession of the sententious personality that only really leaks out into the outside world when it can drive eyeballs or pageviews?