Unroll.me’s Screw Up: Lessons In Brand Management
These days, it seems startups fall as quickly as they rise. The recurring problem? Revelations about customer data use.
The latest example is Unroll.me. The service started in 2011 as a convenient way to mass unsubscribe from newsletters, corporate mail-outs and spam emails you no longer want—or never wanted to begin with. The controversy arose when it came to light that Unroll.me had a side hustle: selling user data to third parties. This practice arose when the company was acquired by the shopping app Slice in 2014. Clearly, Unroll.me saw another way to be lucrative and took the opportunity, assuming users wouldn’t mind.
Owning Personal Information
Was Unroll.me doing this illegally? No, not at all. In fact, it was written right in the T&Cs of the service, so users were, in effect, consenting. But the problem is this:
The assumption that just because you’ve put something in your T&Cs means your customers will be okay with it is deeply flawed.
The reality is that most users fail to read even one sentence of the dense terms and conditions statements they sign regularly.
User’s Responsibility
Now, some might argue that users should know better. If you’re using a free service—there very well might be a catch. As The Verge notes, “By now it’s safe to assume that almost every free internet service that provides some kind of utility isn’t really “free,” and that the price you pay, if it’s not in the form of an actual withdrawal from your bank account, is in the currency of your personal data.” Unroll.me was a perfect example: it offered a helpful ‘free’ service that required permission to access user data.
Public Relation Nightmare
While there may be some truth to the statement that users should be more savvy, that fact won’t save a company from a PR crisis that ensues when news leaks. When a headline in The Intercept read: “Stop Using Unroll.Me Right Now. It Sold Your Data to Uber, the scandal reached the mainstream and Unroll.me’s CEO took to a public post to express his “heartbreak” at the controversy. He wrote:
“We need to do better for our users, and will from this point forward, with clearer messaging on our website, in our app, and in our FAQs. We will also be more clear about our data usage in our on-boarding process. The rest will remain the same: providing a killer service that gives you hours back in your day while protecting your privacy and security above all else.”
But the damage was already done. Users began revoking access to the app from Gmail that was allowing it to run in the background, without users knowing. Unroll.me, an ostensibly earnest company that provided a useful service, found itself firmly on the defensive, hemorrhaging users in an alarming manner.
Lessons Learned From Unroll.me’s Mistake:
Be Transparent
These controversies seem to happen so often now, it’s worth asking what can be learned from a debacle like this one? The most important lesson is simple: be transparent.
While Unroll.Me did put this permission in their T&Cs, that’s not the same as being upfront with it. As The Verge noted:
“Unroll.me never made it abundantly clear that it was looking at other emails in your inbox, like receipts, and selling that data to other firms. And the company’s apology, issued earlier this week, reads more like a “Sorry we’ve been caught” note (We don’t read Terms of Service agreements either! But really, you should) rather than expressing any kind of chagrin over its practices.”
Be Trustworthy
The second may be more difficult for companies to stomach: just because you think making use of your customers anonymized data is harmless, doesn’t mean they will agree. Distrust of corporations, the government, and the misuse of consumer data is at an all time high. Just because founders of a company can sleep at night knowing how consumer data is being used doesn’t mean they should tell their users. In reality, more companies need to be transparent about the transaction that’s really happening when users download a so-called “free” service like Unroll.me. For all of us the lesson is very clear: we need to check exactly what we are agreeing to and take privacy seriously. If consumers take the initiative, companies will know that they can’t operate under the radar.