I joined Path on December 1st, 2011. I know this because it says so, under my “path” in the application on my iPhone.
That same day, I posted this message in the app:
“Wondering how Path knew whom to recommend as friends?!?”
I’ve used a lot of social software over the years (technically since 1992 when the Internet was mainly a social platform, before the e-commerce era), and I do this Internet stuff for a living, so I have a pretty solid mental model for where my data is and what is accessing it. But this was one of those moments where I realized something very non-transparent was happening.
How did it know?
Path was very smartly recommending users on Path to me, even though it knew nothing about me other than my email address and the fact that it was on my phone. I hadn’t given it a Twitter handle; I hadn’t given it the same email address I use on Facebook (which isn’t public anyway). So how did it know?
I recall in a dinner conversation with co-workers deciding that it must just be checking my address book on my phone. That bugged me, but I let it slide.
Now, I’m intrigued with why I let it go so easily. I suspect a few reasons:
- Path had positioned itself as an app for intimate connections with close friends. It set the expectation that it was going to be careful and safe, more closed than most social platforms.
- It was a very pleasing experience to use the app; I didn’t want to just stop using it, but wanted to keep trying it out.
- I was busy and in the middle of a million other things, so I didn’t take the time to think much about it beyond that initial note of dismay.
- I assumed it was only checking names of contacts and running some kind of smart matching algorithm — no idea why I thought this, but I suppose the character of the app caused me to assume it was using a very light touch.
Whatever the reasons, Path set me up to assume a lot about what the app was and what it was going to do. After a few weeks of using it sporadically, I started noticing other strange things, though.
- It announces, on its own, when I have entered a new geographical area. I had been assuming it was only showing me this information, but then I looked for a preference to set it as public or private and found none. But since I had no way of looking at my own path from someone else’s point of view, I had to ask a colleague: can you see that I just arrived in Atlanta? He said yes, and we talked about how odd that was… no matter how close your circle of friends, you don’t necessarily want them all knowing where you are without saying so.
- When someone “visited my path” it would tell me so. But it wasn’t entirely clear what that meant. “So and so visited your path” sounds like they walked up to the front of my house and spent a while meditating on my front porch, but in reality they may have just accidentally tapped something they thought would allow them to make a comment but ended up in my “path” instead. And the only way to dismiss this announcement was to tap it, which took me to that person’s path. Were they now going to get a message saying I had visited their path? I didn’t know … but I wondered if it would misconstrue to the other users what I’d done.
- Path also relies on user pictures to convey “who” … if someone just posts a picture, it doesn’t say the name of the person, just their user picture. If the picture isn’t of the person (or is blank) I have no idea who posted it.
All of these issues, and others, add up to what I’ve been calling Context Management — the capabilities that software should be giving us to manage the multifaceted contexts it exposes us to, and that it allows us to create. Some platforms have been getting marginally better at this (Facebook with its groups, Google + with its circles) but we’re a long way from solving these problems in our software. Since these issues are so common, I mostly gave Path a pass — I was curious to see how it would evolve, and if they’d come up with interesting solutions for context management.
It Gets Worse
And now this news … that Path is actually uploading your entire address book to Path’s servers in order to run matching software and present possible friends.
Once I thought about it for half a minute, I realized, well yeah of course they are. There’s no way the app itself has all the code and data needed to run sophisticated matching against Path’s entire database. They’d have to upload that information, the same way Evernote needs you to upload a picture of a document in order to run optical character recognition. But Evernote actually tells me it’s doing this … that there’s a cloud of my notes, and that I have to sync that picture in order for Evernote to figure out the text. But Path mentioned nothing of the sort. (I haven’t read their license agreement that I probably “signed” at some point, because nobody ever reads that stuff — I’d get nothing else done in life if I actually read the terms & conditions of every piece of software I used; it’s a broken concept; software needs to explain itself in the course of use.)
When you read the discussion going on under the post I linked to, you see the Path CEO joining in to explain what they did. He seems like a nice chap, really. He seems to actually care about his users. But he evidently has a massive blind spot on this problem.
The Blind Spot
Here’s the deal: if you’re building an app like Path and look at user adoption as mainly an engineering problem, you’re going to come to a similar conclusion that Path did. To get people to use Path they have to be connected to friends and family, and in order to prime that pump, you have to go ahead and grab contact information from their existing social data. And if you’re going to do that effectively, you’re going to have to upload it to a system that can crunch it all so it surfaces relevant recommendations, making it frictionless for users to start seeding their network within the Path context.
But what Path skipped was the step that most such platforms take: asking your permission to look at and use that information. They essentially made the same mistake Google Buzz and Facebook Beacon did — treating your multilayered, complex social sphere as a database where everyone is suddenly in one bucket of “friends” and assuming that grabbing that information is more important than helping you understand the rules and structures you’ve suddenly agreed to live within.
Using The Right Lenses
For Path, asking your permission to look at your contacts (or your Twitter feed, or whatever else) would add friction to adoption, which isn’t good for growing their user base. So, like Facebook has done so many times, they err on the side of what is best for their growth rather than what is best for users’ peace of mind and control of their contextual reality. It’s not an evil, calculated position. There’s no cackling villain planning how to expose people’s private information.
It’s actually worse than that: it’s well-meaning people looking only through a couple of lenses and simply not seeing the problem, which can be far more dangerous. In this case, the lenses are:
- Aesthetics (make it beautiful so people want to touch it and look at it),
- Small-bore interaction design (i.e. delightful & responsive interaction controls),
- Engineering (very literally meeting a list of decontextualized requirements with functional system capabilities), and
- Marketing (making the product as viral as possible, for growth and market valuation purposes).
- Full-fledged interaction design (considering the entire interaction framework within which the small, delightful interactions take place — creating a coherent language of interaction that actually makes sense rather than merely window-dresses with novelty)
- Content strategy (in part affecting the narrative around the service that clearly communicates what the user’s expectations should be: is it intimate and “safe” or just another social platform?)
- Information architecture (a coherent model for the information environment’s structure and structural rules: where the user is, where their information lives, what is being connected, and how user action is affecting contexts beyond the one the user thinks they’re in — a structural understanding largely communicated by content & interaction design, by the way)
I’m sure there’s more. But what you see above is not an anomaly. This is precisely the diagnosis I would give nearly every piece of software I’m seeing launched. Path is just an especially egregious example, in part because its beauty and other qualities stand in such stark contrast to its failings.
Path Fail is UX Fail
This is in part what some of us in the community are calling the failure of “user experience design” culturally: UX has largely become a buzzword for the first list, in the rush to crank out hip, interactively interesting software. But “business rules” which effectively act as the architecture of the platform are driven almost entirely by business concerns; content is mostly overlooked for any functional purposes beyond giving a fun, hip tone to the brand of the platform; and interaction design is mainly being driven by designers more concerned with “taste” performance and “innovative” UI than creating a rigorously considered, coherent experience.
If a game developer released something like this, they’d be crushed. The incoherence alone would make players throw up their hands in frustration and move on to a competitor in a heartbeat; Metacritic would destroy its ability to make sales. How is it, then, that we have such low standards and give such leeway to the applications being released for everything else?
So, there’s my rant. Will I keep using Path? Well … damn… they already have most of my most personal information, so it’s not like leaving them is going to change that. I’m going to ride it out, see if they learn from mistakes, and maybe show the rest of the hip-startup software world what it’s like to fail and truly do better. They have an opportunity here to learn and come back as a real champion of the things I mentioned above. Let’s hope for the best.