This is part two of a two-part post about the launch of Color. The first part talks about the business and is available here.
The privacy practices of Color
Several things struck me about Color after I had used it for a while. The first is that Color gathers a lot of data. This data is highly personal (a picture is worth a thousand words and all that). If I see your photo stream, I can determine not only where you are at a given time, but figure out who your friends are, what places your frequent, and even your routines and habits over time. The second is that Color automatically shares your photos with anyone, instantly. Most of those people will be strangers. Your next door neighbor can see what’s happening in the party you’re holding at your place. (“I really hate my neighbor right now because of all that noise. Wait, is that a person doing blow in the corner? Let’s call the cops.”) This is different to media sharing tools like Facebook, Foursquare, YouTube or whatever, because they are either shared with people you actually know (or their acquaintances), or are shared on a very deliberate basis by the media owner. Color is just a firehose of information… and it can contain information which is far more revealing than a Tweet.
The privacy issues are totally obvious. If you take a sick day from work and you’re not actually sick, you better be careful about using Color, because if your boss uses it, he can probably automatically see your photostream. If you’re snapping photos in an office building, you better make sure you don’t inadvertently snap anything that’s confidential, or your competitors three floors above you might get wind of it without you even knowing.
As a lawyer at a small tech company, I spend a lot of my time thinking and worrying about consumer privacy. After reading all of that, it’s totally obvious that if you use the app, nothing is private and you have no control over where your photos go. If you don’t like it, don’t use it. Well, that’s all fine and good, but for an app that is completely invasive of privacy, it does what is, quite frankly, a bad job of informing the user about it.
Let me say here that there’s nothing wrong with an app that is completely invasive of privacy as long as people know exactly what they’re getting in to, and have some choice over the matter. And as long as you comply with the law, which may be pretty difficult in some European countries which tend to rachet up compliance requirements the more invasive your privacy practices are. Color is a U.S. company and will soon be registered under the U.S.-EU Safe Harbor Framework, but despite the Safe Harbor, some European countries’ privacy laws can impose additional obligations that have what is effectively extraterritorial reach (I’m looking at you, Spain).
As soon as you start the app for the first time, you are asked to snap a photo of yourself. Before you know it, that photo is broadcast to everyone around you. There is no warning. You have to figure the last part out later, as you learn how to use the app. (The app is pretty confusing as well – it uses icons I’m still trying to figure out the meaning of.)
Let’s do some analysis
A good privacy effectively communicates answers to three key questions: What info are you collecting from me? How are you going to use that info? Who are you going to give that info to? However, I believe the most important question to be answered is: How are you going to handle my data in a way I’m not going to expect or know about unless you tell me?
Contact details (name and email)
Mobile device unique ID
User-generated Content (pics, videos, comments, actions)
Location information (some of which is attached to Content)
Server log file information and cookies
Mobile phone number
Your mobile phone’s address book
General disclosure exceptions
Terms of Service
So how does it all stack up?
When interviewed by the press, Color has been upfront that their app should not be used if you’re not willing to let the world see your Content. But that upfrontness is distinctly missing from the app.
One other issue is that of inappropriate Content. At the moment, social norms keep the Content in check – I have yet to see any inappropriate photos from the 100+ people whose photostreams I have access to. However, just wait until the teenagers get a hold of this. Despite this, I’m actually not very concerned about inappropriate content being snapped. There is a distinct potential for misuse (snapping photos in restrooms or around schools, for example), but no more so than any other online service dealing with user-generated content. It’s not a new issue. The speed at which things could go viral is stepped up a notch, but this isn’t in itself a reason to get your knickers in a knot. In today’s world, all publicity is good publicity, right? … Right?
This is part one of a two-part post about the launch of Color. Click here for the second part, which examines Color’s privacy practices.
Color isn’t the next Google. But it could be the next Twitter.
A mobile app called Color launched this week. It would have been an otherwise unremarkable launch had it not been accompanied by the news that the company, Color Labs, Inc., had received $41 million in funding from Sequoia Capital, the VC arm of Bain Capital, and Silicon Valley Bank. Assuming Color’s founders still have control of the company, the most conservative estimate of Color’s implied valuation puts it at a little more than $80 million. This investment appears to have been made on the basis of the strength of its reputedly star-studded ~30-person team (headed by Lala founder Bill Nguyen) and a working prototype, because when $41 million was plowed in, Color had no revenue, no users, and no live product. Its most “tangible” asset was its U.S.-centric domain name, Color.com, which was reportedly acquired for $350,000.
Sequoia Capital partner Doug Leone was reported to have said, “Once or twice a decade a company emerges from Silicon Valley that can change everything. Color is one of those companies.” Which is expected when you’ve handed over more money than Google received in its initial funding round. It’s a big call to make. If there’s only room for one or two a decade, I can only think of two tech companies founded within the last decade that have reached 11-figure valuations. For a mobile app to reach these lofty heights, well… let’s just say the gut reaction is immediate. Color is going to have to be an app that you use multiple times everyday: Email, Google, Facebook, and perhaps Twitter have achieved this.
At a basic level, Color lets you snap photos (and video) with your phone. The photos get uploaded to Color, which then pushes them out to all Color devices in your physical vicinity (within a few hundred yards), as well as to your friends further afield. You get to see what other people in your vicinity are seeing – some will be friends, some will be strangers.
Color’s algorithms also attempt to group together bunches of photos taken by different people based on location, lighting, past interaction with people, and even ambient noise (yes, the app apparently turns the microphone on).
That doesn’t sound like something that might be worth $10 billion one day. But, the VCs backing Color are not mediocre people. So I think it’s natural that we give Color the benefit of the doubt and assume that the initial app is just scratching the surface of what the team in downtown Palo Alto want to accomplish. Let’s let our imaginations run wild and see how the premise of the current app could bloom in the future.
Interviews with CEO Bill Nguyen disclose that Color is not really about sharing photos. It’s about a “new way to build spontaneous social networks – and collect massive amounts of data about what people are doing and where they’re doing it.” Once we frame it in that light, we start to see a few use cases that may be possible in the future.
The most cited one is people attending the same event, for example a concert or a sports game, who will be able to see the event from different perspectives. This then extends itself to news reporting, and for search and rescue in natural disaster zones. Something happens in the world that breaks on Twitter (“massive hailstorm in Sydney happening now”), and you skip over to Color, zoom in on the affected area in Sydney, and then get instant access to photos of the event from different people who are there.
Another use case is to connect strangers who are physically close, but with whom you would otherwise have no reason to come into contact. For example, apartment buildings or public transport. I’m a little dubious about this, but as inhibitions regarding privacy drop, some people will definitely make use of this. To put it bluntly, it’s entirely possible that someone has already gotten laid by someone who they met through Color.
At the moment, Color collects a lot of data. A lot. It is basically building up a repository of media items which are geotagged, timestamped and associated with an individual. Image recognition will enable people and objects to be automatically tagged, and other semantic meaning can be embedded into the media.
This all reminds me about a book co-written by Arthur C. Clarke and Stephen Baxter called The Light of Other Days. (A similar premise was depicted in the movie Déjà Vu, featuring Denzel Washington.) In the book, a technology exists which allows someone to open up a “read only” wormhole into any past point in the spacetime continuum. In other words, you can pick a time and place and then watch what happened there. This is one place where Color might be headed. You can relive a night on the town, or a vacation with friends. A high school class could explore future historical protests similar to the one in Tahrir Square, or journey through the bloodied streets of Benghazi in real time as seen through the eyes of those at ground zero. This idea has already been explored in some ways – Microsoft’s Photosynth technology stitches together geotagged photos on Flickr and recreates 3D scenes from photos that were taken at the same location.
That is the promise, but Color has some work to do to get to that stage. I installed the app when I was at work. I immediately saw a group of about 30 users and their photostreams. It was mainly headshots of people – people eating in restaurants, people in the street, people in offices. But I was most amazed because there were 30 people in my vicinity that were already using Color, and every minute or so, another photo would pop up on my screen – it seemed like user adoption had blown up overnight. Alas, I later found out that Color’s offices were literally a block away from ours, so I had inadvertently gotten to “know” half of Color’s staff.
The trouble was that I had no context for the photos. I didn’t know these people, they didn’t know me, and I guess I could have started commenting on their photos, but that seems like a creepy thing to do… like hanging around a clique and trying to break in when you clearly don’t belong.
I tried it at home on a weeknight. Within sniffing distance of downtown Menlo Park, no one was using it.
What’s that you say about a business model?
Color is apparently one of those businesses where the idea is so appealing that the business model is just a detail that can come later. “Build it and they will come… we’ll monetize it later.” The app is free and the company intends to make money via location-based advertising. Color is going to be competing in a space which is going to be crowded: Foursquare has been working on this for a while, and Groupon is apparently trying to muscle in on it as well.
I have a feeling that Color has the potential to become an important part of the internet, but only in the same way that Twitter has. Twitter has little revenue to show for its circa $5 billion valuation, and it has been “experimenting” with different business models for years. Twitter received enough funding and revenue to get it through to profitability (maybe?), but at $5 billion you’d expect it to be earning profits somewhere in the low 9-figure range. On the other hand, it’s now part of the plumbing of the net. It’s vital infrastructure. There is another infrastructure-style site that provides a valuable benefit – Wikipedia, which is a non-profit organization that runs on a budget of only $10-20 million a year.
I believe that Color was invested in at a very overvalued price, but there is a reason for this – the wisdom of which I have mixed feelings. This trend seems to have been growing over the last year or so as investors clamor to get in to companies at the ground level. I attended a Y Combinator Demo Day last year and the start-ups there were routinely raising angel funding at $5+ million valuations.
Perhaps it’s a side effect of what’s been happening with Facebook. Even if you wanted to invest a lot of money in Facebook after you saw The Social Network, you couldn’t. This seems to have pushed Facebook’s valuation way up. Private stock is normally valued less than public stock (all other things being equal) because of the benefits that liquidity offers. Perversely, the opposite seems to be true – it is because the demand for Facebook stock is so high, and the supply so tight, that the lack of liquidity is actually pushing prices up.
It still makes some kind of sense, though. Let’s say, for the sake of argument, that Facebook is worth $20b and you had the opportunity to invest at a $30b valuation. The 50% premium may still be attractive since you might not actually have the chance to buy it in the future. By the time the private stock becomes available, or the company floats, the company’s “true” valuation may have grown to $100b. You’ve still made money hand over fist because you managed to get in early.
It seems that angels and VCs have cottoned on to this a bit. It’s a bit of FOMO. Better to get in now at an overvalued rate, than get in later when the valuation has skyrocketed. And it’s easier for a company to double $10m in revenue than $100m in revenue. Of course, investing early at high valuations just pushes both sides of the risk/reward equation up. (There’s nothing wrong with a bubble from a personal investment sense… just make sure you get out of it at the right time. I have a friend from high school who made 100x on a sizeable punt on Rambus, having sold out shortly before its stock price crashed.)
But I’m going to move on now – many people have written more about the viability of Color in much more depth, and there are a lot of other interesting issues that they cover, such as the perils of choosing a generic word as a company name (it’s going to be challenging to trademark, not to mention issues with SEO), the app’s UI, who comprises Color’s team, and so on. In the next part of the post, I want to talk about privacy, because Color raises a few fascinating privacy topics.
stuloh RT @cederman: Some snarky color.com backlash. Amusing. https://docs.google.com/present/view?id=ajdtctfhv4hn_264g329gwcc&pli=1
stuloh I am beginning to see more and more startup funding news where the implied valuations seem, quite frankly, really overvalued.
Bronnie Ware, a nurse working in palliative care, tended to patients in the final 1-4 months of their lives. She asked them to share with her what their biggest regrets in life were – what they would have done differently if they could have changed something. Then she condensed it down into a list of the five most common regrets. In summary form, they are:
1. I wish I’d had the courage to live a life true to myself, not the life others expected of me.
2. I wish I didn’t work so hard.
3. I wish I’d had the courage to express my feelings.
4. I wish I had stayed in touch with my friends.
5. I wish that I had let myself be happier.
The full article is well worth a read. (Thanks Ros for the link!)
stuloh So, the NY Times is introducing a paywall... well that sucks.
In the online world, all you really deal with is information, and so figuring out how personal information and other data flows can be an intricate task. It’s tricky enough for people working inside an organization to figure this out (imagine how the privacy people at Facebook feel when all the engineers are working on 101 new features at once and they are trying to keep up with where all the data is going). So, when it comes to communicating all of this to an outsider, you can imagine the difficulty this presents. This is why you end up with privacy policies many thousands of words long. They’re virtually useless in the real world.
The world is gradually beginning to realize that privacy is actually about helping people to understand what is happening to their information. Not just in theory, but in practice. Just because the information there, but buried somewhere in that policy, doesn’t mean it’s going to be helping anybody understand anything.
So now we see the gradual introduction of condensed privacy policies, layered privacy policies, and more interestingly “just in time” privacy notices. For example, when you have an iPhone App that wants to grab your location, you get a popup asking if you want to disclose it. The thing is, people only care about certain things, and most of the time it’s obvious.
When I install a Facebook App, my most immediate concern is: is it going to post stuff on my wall without asking me first? And then, what profile information is it going to grab from me? Facebook’s JIT notice doesn’t do a very good job of answering these two questions.
If you use Foursquare, your main concern is: exactly who is going to have access to my location information and how can they use it? And then, if I decide to leave after I try your service for a day, will you delete all my data?
Of course, there’s a tension between what the business guys think will increase conversion rates, and what’s good privacy practice, but that’s another topic for another day.
Why don’t more privacy policies have pictures? Videos? Interactivity? Why aren’t they structured in a way that makes it easy for people to zero in on what’s really important to them?
Instead of burying the important stuff, bury the boilerplate – the stuff everyone already expects (e.g., everyone tracks visitors using web bugs, this is not a surprise to most users). Answer the customer’s most burning questions clearly and you’ll implicitly be conveying that you acknowledge what the customer really cares about. That sounds trust-building to me. If your privacy practices, when disclosed upfront, turn a customer off – then imagine how they will feel if they sign up, use your service, and then find out about it later?
stuloh EU website cookie laws. Seriously, Europe, what's up with that?
stuloh Ugh, terribly complicated tax returns this year, but I found a great Aussie tax agent who does tax for expats who's on top of his game!
Some industries are known for their brutal work hours. For example, if you’re a service provider involved in helping large cap companies with their M&A transactions, it’s likely that you’re not a stranger to the 100+ hour work week. Although the remuneration for these jobs is usually very high relative to other occupations with more reasonable hours, cash compensation is often normalized by converting it to a per hour metric. Take your salary+bonus and divide it by an estimate of the number of hours you work per year. If you work 50% more hours than your peer but only get paid 20% more, your peer is actually making 20% more than you when you convert it to an hourly rate. Of course, absolute remuneration still counts for something – if you are making 20% more per hour, but are limited in the number of hours you can work, you can’t really take advantage of that better rate to make more money. And salaried workers don’t get paid by the hour, so the question is moot – you can’t make more money in your job by working more hours. You have to use the extra time you have to find another source of income.
But back to the idea of calculating an hourly rate. On reflection, I think that this simple calculation doesn’t take into account quality of life considerations. After all, an hour of work spent between 3-4pm is a lot different to an hour of work spent between 3-4am. It’s far less enjoyable when you’d rather be in bed, for one (I always say, I don’t care how much you enjoy your job – it’s hard to enjoy anything at 8am when you’ve just pulled an all-nighter). To account for this, we need to assign a greater value to time which is outside of “normal” working hours. For example, outside of the usual hours most people work, say 7am-7pm, you start to give up things that most people don’t. Dinner with friends, your own free time, sleep, and, potentially in the long term, health. So, if you work from 8am to 11pm, that 15 hour day should actually be considered to be worth more than 15 hours, because at the end of the day you begin to sacrifice things that most others don’t. I think there needs to be a graduated scale, with abnormal working hours being weighted with a multiplier.
One model of this could be as follows:
|7.00am-7.00pm||1.0||Typical working hours|
|7.00pm-10.00pm||1.25||Giving up free time for meals, socialising|
|10.00pm-1.00am||1.33||Giving up free time for R&R, hobbies, etc.|
|* Additional 25% added for weekend work during these hours.|
For example, if you typically work a 70 hour week, with 12 hour days from 9am-9pm and 10 hours on the weekend, then each weekday would actually be considered to be a 12hr 30min day, and work on the weekend would count as 12.5 hours, giving a total of 75 hours. Another example is if you pull a 9am-3am day, the 18 hours actually counts for 22h45m (12h + 3h45m + 4h + 3h). The result is a decrease in your effective hourly rate of compensation.
The numbers I have picked are arbitrary, but my main point is the concept. Ultimately if you genuinely love your job and there’s nothing else you’d rather be doing (as is the case with many entrepreneurs), the hours don’t matter as much. However, weighting hourly calculations this way is a good way to quantitatively factor in other important things in life, like health, relationships, and so on. Different people may choose to weight numbers differently depending on what’s important to them in life. The next time you try and figure out if a job has really been “worth it”, consider the quality of the hours you’ve had to give up.
stuloh I wonder what the going price for a second-hand iPad 1 is now?
stuloh The ACC mailing lists could be an even better resource if you could drop all the Q&As into a system like Quora. Maybe when Opzi releases?
There is a group of people called the Tarahumara living in Mexico who are well known for their long distance running.
The statement that, “The Tarahumara may be the finest natural distance runners in the world”, made by University of Arizona archeologist Michael Jenk inson, offers some insight into just how good the indians are at running. The Tarahumara routinely run distances only covered by only the most advanced ultramarathon runners today. … While on foot, the Tarahumara do not stroll from one place to their destination, running is used to perform everyday tasks. It is not uncommon for a Tarahumara to travel between fifty and eighty miles everyday at a “race” like pace.
Tarahumara running is based on endurance not speed. This fact is exemplified by their hunting practices. In order to catch such wild animals as deer, wild turkeys, and rabbits, the Tarahumara simply chase after the animal until the animal drops from exhaustion. Their hunting practices are widely known in Mexico and ranchers have been known to hire the indians to chase down wild horses. It is also said that a Tarahumara once ran six hundred miles in five days to deliver a very important message.