An invitation to troubleSocial network invitations: Rules for services and users

Share |

I knew it was only so long before I'd succumb to the insidious, criminal forces that lurk everywhere online. Kleptomaniacal hacker, intrusive snoop, indy pornographer....I could take my pick of evils.

And tonight, I chose to become a spammer. Or more precisely, TripIt chose for me.

TripIt is a travel planning site that a number of my friends use to organize their business travel. I logged in tonight because I was planning to include it in a (positive) round-up post and wanted to take some of its features for a spin.

Like a lot of social media services, TripIt's value lies largely with its social dimension. Sure, it can organize your itineraries very nicely, but what's very cool is that TripIt can plot your travel against your friends' travel plans, and let you know when you have a chance to intersect.

Which is why I found myself using the "invite your friends" feature that is key to unlocking TripIt's social value. You've probably used a feature like this on Facebook or LinkedIn: it connects a site (in this case TripIt) to your external address book or email service (in my case, Gmail) and imports your contacts so you don't have to start from scratch.

It's the quick way of finding out who else is using the latest social tool you've signed up for, so you can get up and running with a network of friends very quickly. Since so many of these sites rely on network effects to deliver value, it makes a lot of sense to offer an easy way of finding the people you know who are already using the same site.

But TripIt doesn't limit the invitation process to people already using the site. Once it's gotten you to unlock your Gmail contacts, it also encourages you to invite everyone else you know to sign up for TripIt -- a nice way for them to use your hard-earned contact list for their direct marketing.

Again, I'm afraid, this is not usual behaviour. But where TripIt crosses from the annoying to the egregious is in its inviation interface. Check this out:

TripIt's evil invitation process


It was only after I clicked that GIANT blue "continue" button that I realized that I was in the process of spamming everyone I know. I quit Firefox abruptly (reflexively, in truth) but it was too late. When I logged back in I checked out the invitation process and noticed that what I should have done is click the teensy weensy "skip this step" in the upper right (highlighted with an arrow by me so you won't miss it).

Just for comparison, I had a look at Facebook. I don't think Facebook wins too many prizes for transparent user agreements, but here's one case where they come out way ahead in terms of the clarity of what they are asking.

Facebook: Actually, not that bad

Compared to TripIt, Facebook's invitation process is a model of transparency. Yes, the invitations still default to sending, but the cancel button is nice and obvious -- you'd be hard pressed to click "add' without also spotting "cancel". Plus the "Your Gmail Contacts" is to me a red flag -- whereas it was only on re-reading that I saw TripIt was showing me a list of friends NOT on TripIt. (Yes, I'd already clicked through the window with friends on TripIt...but it didn't jump out at me.)

By the way, the reason for all the lines in the images above is that i didn't want to disclose the personal info and addresses of the folks who appear in my contact list and expose them to more spam. (With the exception of Absolutist: man, do they ever send me a lot of e-mail. So e-mail them to your heart's congtent.)

From this experience I'm extrapolating a few rules of thumb for social web service invitations. To web service companies, let me say:

My contact list represents my accumulated social and professional capital. Your job is to help me strengthen and leverage it, not undermine it.

So please offer:

  • Opt-out invitations for people already using your service. I'm probably happy to connect with anyone already on your service, and to opt-out/uncheck the invitations for anyone I don't want to connect with.
  • Opt-in invitations for people you want me to invite but who aren't yet on your service. Yes, I might actually reach out to a handful of people who I want to share my travel info with. But that's a third-date kind of thing, whereas connecting with your existing members is a first-date activity.
  • Don't trick me into inviting people. There are times when you want to steer your users towards certain behaviours by making some buttons larger than others. This is not one of those times. If you're asking me to dip into my capital on your behalf, don't get me to do it by accident. Make the process clear and the "skip" or "cancel" buttons really obvious.
  • Ask me again. Once I've been using your service for a while, I probably want to check for other people who've joined more recently. I might even invite some non-users in, now that I know you well enough to recommend your service. So by all means, ask me again in a few months whether I'd like to invite more friends...and make sure that it's easy for me to find a way to do so if I think of it on my own.

For social web users, a.k.a. note to self:

  • Pay careful attention when you're using a site's invitation feature. Your contact list is your responsibility, and you don't want to expose your personal or professional contacts to spam. Before you click a button in an invitation process, double-check that you're clicking the right one.
  • Don't connect with everyone who's on the site already. Read through the list of contacts, and think about whether each person is someone you want to be in touch with in this specific context. Do you want your weird cousin to know your travel plans? Do you want your client to see your puppy pictures?
  • Send invitations yourself, not through the system. If you are using a service that you genuinely think is useful, and you'd like to share it with colleagues or friends, by all means invite them to join and let them know how to connect with you. But you may find your e-mail is better received if it's sent by you directly, rather than through the service. Yes, it's a bit of a hassle, but you don't want your contacts to feel like you're spamming them.
  • Keep your API-friendly contact list at its slimmest. Part of what made this TripIt thing a nightmare is that more than half my contacts are in Gmail: 1300 compared to about 2400 on my laptop. A lot of those are contacts who I really don't need to be inviting to Facebook, TripIt or anywhere else: people like my dentist or my ex-boyfriends. If you (like me) often use Gmail to kick-start your social network buddy lists, consider trimming it down to the people you might conceivably want to be buddies with.
  • Apologize. If you do stumble into spamming people, a short explanatory note is the best way to go. Don't be evasive, just offer a short apology and reassure them that you will try to be more careful in the future.

In keeping with that final piece of advice, let me apologize to all the contacts I (and TripIt) spammed tonight; you'll also be hearing from me directly (and briefly). If I'd been more attentive, this wouldn't have happened -- but the process of writing this blog post has reinforced my commitment to a more cautious approach in future. Ensuring you don't spam your friends ought to be one of the cardinal rules of netiquette.

I hope it does the same for TripIt. Their current system is an invitation to trouble.



David Drucker says

February 22, 2009 - 2:01pm

It happens to the best of us. For me it happened with Bebo, who pulled the same UI shenanigans.

BTW, Thanks again for your very fun session on setting up TV at NV09. I'm really bummed that I was sick on Saturday (of all days of the year to get the flu!!!) and missed what I heard was a hilarious talk by Rob.

m b says

February 22, 2009 - 3:25pm

Don't panic. You're not the first. A prof at SFU got UI-jacked into spamming all her contacts with Bebo, and had to send out the retraction email, too. Looks like you've done a nice job of parlaying the occasion to drive a little traffic to your blog. Lemons --> Lemonade!

Will Aldrich says

February 23, 2009 - 1:59pm


Thanks for all the detailed feedback. We appreciate the valuable perspective and constructive criticism you shared in your post. 

First off, we want to apologize for any frustration caused by our invite process. As you can imagine, we keep a very close eye on this process for all of the reasons you outline above. We want to make it easy for people to make connections and share our service with others, in a useful and meaningful way.

The data we capture about the invite process shows that a large percentage of the people who go through the flow click on the “skip this step” link, which suggests that the link is more discoverable in practice than you found it to be, but we also think that you make a very good point.  We are planning to make the “skip this step” link more prominent in our next release, and we hope that this helps create a friendlier invite process. 

Will Aldrich
VP of Product, TripIt


Anonymous says

June 15, 2009 - 4:33pm

Dear Ms. Samuel,

Thanks so much for this valuable, detailed post.  I got a TripIt invitation today and tried to research the site to see if this was a real invitation or some kind of scam.  I'd gotten the same kind of bogus invitation, purportedly from friend, to a photo-sharing site the other day, so I was wary. 

After much digging, I found a few posts like yours about the inappropriate (I say "unethical") approach that TripIt takes to capturing new "users."  According to other posters, TripIt assigns you a login and password as soon as the invitation is sent, which nicely pads their stats for advertising purposes, I'm sure.  I was appalled to see how many reputable websites and media sources are promoting TripIt's service.  

Although their VPs seem to jump on every negative post with an apologetic response, their unethical behavior continues.  What does it say about a site/service that posts an apology on your blog in February but by June still hasn't changed its product to eliminate the offending behavior?  What it says to me is that they have no intention of changing their approach and that this service is no better than any other malware or virus designed to capture private information through deception.  

Therefore, TripIt isn't getting one bit of personal info from me.  Despite the fact that the trip-info-sharing concept appeals to me, I won't be signing up with TripIt or any other site that has to trick me into promoting it.  In fact, I’m actively encouraging my friends and colleagues to avoid it as well.  So, good luck with that, TripIt; ticking off the people most likely to use your service and promote it to their friends is a fabulous business model.

Anonymous says

August 4, 2009 - 1:55pm

This was the most embarrassing experience as it not only sent to my email address books, and Linked IN connections BUT to any groups I was a member of on Linked In.  This has not been fixed by Trip-It and Will Aldrich is sorely mistaken if he thinks we even believe him for a moment....

Anonymous says

October 3, 2013 - 8:30am
Tripit wants access to and control over way too much of my personal information for me to feel comfortable using it. Not only does it want access to my mail account and contacts, it wants access to all of my frequent flier accounts also. How about access to my bank account? The keys to my house, perhaps? You always need to think about and balance the potential loss of control and privacy you have versus the value of the app requesting it. This is way out of balance for me, unfortunately.

Social Signal on...

RSS feedTwitterFacebookGoogle+

Work Smarter with Evernote

Get more out of Evernote with Alexandra Samuel's great new ebook, the first in the Harvard Business Press Work Smarter with Social Media series!

Available on Amazon, iTunes and HBR.

Join Newsletter

Alex on Twitter