Creepy or Clever?
Welcome to Orientation
This is the simple, three-word question I teach all new hires at Jet during the cyber security portion of their first day orientation. While we start out by talking about the importance of only storing data on authorized servers and apps (i.e., where we store data), I spend a lot more time on the what we do with data aspect.
Creepy or Clever is all about doing the right thing to protect and respect our customers. At Jet, we retain our startup mentality to craft new ideas, to experiment, and to seek ways to truly personalize your shopping experience. At every orientation, I like to start with a softball: “And while I know it’s only your first day, what kind of ideas do you think we want here at Jet?” Sometimes, I see puzzled faces in the crowd — what kind of weirdo goes out of his way to come up with a creepy idea? Well you see, that’s the point; it’s really easy for an idea to start off clever, but quickly veer off the path toward Creepy Town. And that is why I stress to new hires that you always need to be vigilant, you need to question yourself, and you need to do right by our customers.
Here are two other questions I recommend the associates ask themselves, and ask their teams, as they are tinkering away and brainstorming new ideas:
1. Are we using data in a fair and responsible manner?
2. If this was your personal data, would you be okay with its usage?
That last one is really important to me as a Jet.com shopper — I usually say it twice.
At Jet, our goal is to be on the front page for our great shopping experience, not for data breaches or deceitful business practices. The velocity of the news reports emerging about companies sucking up data in inappropriate and unsettling ways continues to pick up pace every month it seems. You can trade short term profits for long term reputational damage, but that probably isn’t the best strategy for a going concern. It’s not the place I want to shop or work.
But, I mean — Creepy or Clever? — Seems like a pretty straight-forward question — right?
Ah, confidence, I like that about you.
But indulge me for a moment and consider this trip from Brainville to Creepy Town with one of my favorite hypothetical scenarios:
On an eCommerce site like Jet.com, its not uncommon for people to spend hours browsing and building the perfect cart; however, sometimes a user forgets to click that pay button, and we actually don’t make any money until the shopper follows through. We call this situation “an abandoned cart.”
Now, there are all sorts of ways to address this business problem, and maybe this will sound like a pretty good idea to you:
Why don’t we turn the abandoned cart into a wish list if it sits abandoned for 48 hours? See, with the power of the web we can mash up customers with their social networking profiles, find all their friends and family, and then send them this abandoned cart wish list.
See, we’re providing value here: (1) we solve our abandoned cart problem and (2) we are helping family and friends find the perfect gifts for their loved ones !
I mean they more than likely wanted those things, right?
Everyone wins — we profit, the shopper gets stuff, people feel good about buying the right present!
…EXCEPT THIS IS CREEPY
Wait, did you miss that? Let’s review.
Did you hear any mention of the shopper opting in to this plan? Do you expect your shopping history or shopping not-yet history to be shared or exposed to others? Yeah, this is a big step up from that fancy $500 shoe ad following you around on every website. Oh yeah, why are you contacting my friends and family without asking me first? And further, I don’t know about you, but I don’t want my friends or family — especially my mother — seeing what I do on the Internet.
Turns out this idea is certifiably creepster.
Advanced Clevernomics 1337
Most of us like to think that we have such great moral fiber, and therefore we would never ourselves propose or allow others to bring to life a creepy idea. But in the moment, you can’t enjoy the benefit of hindsight or the view through the two-way mirror. That is why it is so important to internalize this guiding question — it should be right up there with Wax on, Wax off for all of us.
The last thing I tell people during this section of the security new hire orientation is:
I want you to feel empowered to speak up — it’s like on the subway, if you “See something, say something.”
If people around you are leaving Brainville, help them find their way home. People need to be told that they can act and they can make a difference (I recommend watching this awesome episode of Mind Field, How to Make a Hero (S2 (Ep 5) to see some great examples of this concept at work).
We also recognize that sometimes people need help. At Jet, our support network includes the Walmart Ethics hotline as well as the local security team. I tell new hires, “Sometimes when you speak up, it may feel like no one is listening. But we have your back, slack us or stop by — we will help you to protect our company and our customers.”
We want people to move at speed here at Jet, but the security team is not afraid to step in when necessary. When we see trouble coming, we take proactive steps to step up protections and we will gladly explain the risks and consequences to anyone who wants to tread on our customers. We are also sensitive of the need to protect those who speak up, in order to allow them to still be treated fairly by their teams. Our approach to building community and connections really helps Jet preempt some less-than-clever ideas and unnecessary data handling risks.
Creepy or Clever — The Game
Good, you’re still here. So what’s the deal with the teaser graphic at the top of the article?
Last week, on Monday, January 28th we celebrated Data Privacy Day. We know that your first day is a bit overloaded, so we’re always looking for opportunities to remind you — “Ask yourself — Creepy or Clever?” (see like that).
This year, for Data Privacy Day we hosted a drop-in session where you could meet the security team, ask us questions about how to protect yourself, and also pick up some tip sheets and team swag (#securityR̶o̶l̶l̶e̶r̶Coaster). While we wanted people to better protect themselves, we also wanted to help people learn to better recognize creepy ideas when they come-a-creepin’.
I built a simple retro-style video game where all you had to do was read the scenario and then choose — creepy or clever (we even made these sweet arcade consoles with giant buttons, trust me it makes the whole thing a lot more satisfying). Each player is presented with five new business ideas proposed by a virtual colleague. Some of these ideas seem straightforward, but you better read carefully… With whom is that information being shared? Was this an opt in or reasonable usage of the data? Answer correctly and get a thumbs up and a point added to your score. Missed the boat? That’s okay we’ll show you the hitch and help turn you into a first class watch dog.
The team and I loved doing this event live. It was a great opportunity to interact and help a lot of people protect themselves. It was also a lot of fun watching people read, process, and react in real time. Giving people the opportunity to discuss the scenarios with us provided an immersive and natural learning experience and we were pleased to watch people develop their ninja-detective skills with each question. It’s a good feeling to know how to protect yourself, and an even better feeling knowing how to protect others.
You don’t need to wait until the next Data Privacy Day, here are some great resources to help you armor up and protect yourself: