How we think about privacy and safety at Kalido
Recently, public awareness of internet privacy and safety issues has increased tremendously. At Kalido, we care deeply about balancing strong privacy protection and creating value through information sharing. This also extends to accepting responsibility for shaping an environment that is safe, inclusive, and respectful.
Serving our users effectively this way is complicated, since they include: service providers who want the broadest possible reach; service seekers who only want to be matched with people they can get a reference for; service seekers who just care about getting the fastest or nearest result; and generally privacy-conscious individuals who love the value that Kalido provides them, but want to manage how accessible they are to others. So, here’s how we do it:
How we protect you, and the data you share
For privacy to be effective, you need to feel comfortable using Kalido, know that your data is safe, and that what you share is used for your benefit. The legal bits are in our Privacy Policy, but that doesn’t cover the philosophy behind it, which is what this post is about.
Your location: No Kalido user needs to know exactly where you are
You only see truly relevant information. This is most obvious for location data: There are many pinpoint-accurate location-sharing apps, which are great for teens, families, and close friends, but can be uncomfortable for colleagues and fellow alumni you may only see infrequently. So, for Kalido to be valuable, we had to focus on sharing less location data. That means we don’t share pinpoints or street addresses. Matches you don’t know personally will never see your location, only an approximate distance, to increase everyone’s personal safety. And the closest distance we will show is 200m, to give you personal space. From there, we leave it to you to decide if a walk is worthwhile. Kalido is for finding opportunities to connect with individuals, so there is also no map view — a bird’s eye view of your contacts might be cool, but it’s not that helpful in this context, and it certainly doesn’t contribute to protecting everyone else’s privacy or safety, so we left it out.
Kalido even deliberately chooses whether to show you a country, city, or neighbourhood name for someone else’s location. If you’re in London, someone in France doesn’t need to know exactly where you are, just that you’re in England. But someone also in London might find it helpful to know that you’re in Westminster or Soho, so we vary what we share to maximise your privacy and your opportunities to start meaningful conversations.
One of the things we think is coolest about Kalido is our Nearby Notifications feature, which automatically tells you when someone you haven’t seen in more than a month is around (we figure anything less than a month means you probably already know they’re around). We could have built this feature by logging your entire location history and comparing it with everyone you know, but that would have deeply violated your privacy and our philosophy. Instead, Kalido just makes a note of when you are in the same location as someone you know, and if it happens again, checks whether it has been more than a month, and notifies you appropriately. This means that we have no idea where you were last together, which means we can’t tell anyone else, either. And despite this, Kalido is still smart enough to know whether we should tell you when a friend lands in the same country after a month, or only when they pop into the same city.
Contacts: How do we make sure your contacts are your contacts?
You may never notice it, but Kalido proactively protects your privacy when someone you know changes their phone number. If this happens, and the new owner of their old number joins Kalido and has you in their phone book, we still let you know that someone with a different name has joined Kalido using a number in your phonebook, and let you verify their name before sharing any location data.
Storing your data: Reducing risks
Starting with the basics, we won’t sell your email address, share your contact details without your permission, or sell personally identifiable information to advertisers. Everything you tell us is stored and transmitted using industry-accepted encryption mechanisms, and we take care not to transmit data (like location coordinates) to devices that could be reverse-engineered by malicious parties — instead, all distance calculations are done server-side.
Getting deeper into the technical details: we encrypt API keys for our servers and other sensitive strings on user devices. Our server-side workers only accept access from whitelisted nodes, and all of our device to server connections are encrypted. We haven’t managed to implement true end-to-end chat encryption with perfect forward secrecy due to the need to insert custom data into chats (like the reasons why you started a chat with someone else), but as soon as we are able to do so without compromising the value of your experience, we will. Internally, we use two factor authentication where available, and ensure strong passwords for all critical services.
Building a useful app with these kinds of restrictions often requires additional engineering effort, but we are committed to building a tool we ourselves are happy to use every day, and not the kind of tool that lets us find revenue as quickly as possible by (literally) selling you out. Every day, we try to find new ways to do better on this front, and as always, your opinions and ideas are welcome.
Creating a safe environment
Safety at Kalido goes far beyond simple data protection and letting you manage who can reach out to you: it means that everyone must feel included and respected, no matter who they are or who they are talking to.
You choose what you display
At the core of our philosophy is the principle of total individual control over privacy settings. You can block anyone you want so they never see you or match with you. Or you can just prevent them from receiving any location-related updates. You can even set your matching so that only people who know people you know, or have a school or workplace in common with you will match with you. And if you have a sensitive goal (like looking for an oncologist), you can indicate this, so Kalido will only match you with people who can provide oncology advice, and your contacts will never be notified (unless they’re oncologists). We also believe you should be able to share your goals only with people belonging to specific groups that you belong to, and we’re working on getting that implementation just right, so stay tuned.
Preventing abuse: Intervening beforehand, providing reporting tools
Managing abusive users is incredibly important to us. One of the most important benefits of having a South African team is that we work in a country whose Constitution is relatively young, and extremely well thought out. In contrast to the blind defence of free speech as an inalienable right, South Africa places human dignity first, which is a perspective that has profoundly shaped the philosophy of the Kalido community — speaking freely is important, but unlike platforms such as Twitter (until recently) we are happy to make it a secondary priority to ensuring our users feel respected and safe.
For any community, abusive users will eventually show up. If you’re lucky, like us, they only represent a small minority of users, but they can still have an outsize impact on everyone’s experience. We deal with abuse in multiple ways, starting with user registration. We require a working mobile number to register an account, which means that truly anonymous accounts are impossible. We are working on allowing guest users, so that people can see the power of Kalido before we ask them to share their personal data. However, guest users cannot chat to others, request introductions or make introductions until they have provided a phone number at a minimum. And to prevent the abuse of location data by guest users, no locations are shown, and the minimum distance shown for any user is 50km.
We’ve also developed Community Guidelines, so that everyone can share the same starting expectations. Every user sees a link to these guidelines in their Chat tab if they haven’t started or received a chat yet. If someone directs clearly abusive language at another user, we do our best to detect it and launch a gentle reminder asking the sender to acknowledge the Community Guidelines. In the extreme, further infractions may result in a user being banned from Kalido.
It would be impossible to flag all abusive language, since people may just choose to replace letters with special characters (f*ck), omit certain letters (fck), or use regular words in hurtful ways. So, we proactively signal users who have been identified as potential recipients of abusive language that they can easily block people if they feel uncomfortable. We do this without notifying the sender, and without showing the recipient any known abusive language, so that no one is explicitly judged, but recipients are still aware of the tools available to them.
Kalido also has a full suite of reporting tools built in, so that you can report offensive services, profiles, content, or behaviour. At the moment, these tools are relatively basic due to the fact that we’re a small team with many competing priorities, but they are constantly being improved. Recently, for example, we implemented automatic image scanning to flag potentially offensive or inappropriate imagery. Obviously, this has some drawbacks, but because we are a platform for connecting people who could work together, we prefer to err on the safe side, and encourage moderate behaviour.
If you have a privacy concern, or a suggestion for how we can make our users feel more included and respected, please don’t hesitate to reach out.
