The move toward a social web doesn’t necessarily mean that everything we talk about online should be public. That’s the argument of a new startup called SecretSocial. The company wants to build a place online where people can feel free to express themselves without worrying that data about each interaction, each click, and each word is accumulated and tracked.
SecretSocial only retains data about conversations on the site for the length of the conversation itself. Users’ information isn’t tracked or sold to advertisers.
I recently spoke with SecretSocial co-founder Zubin Wadia (@secretsocial) about the need for such a service and the challenges he’s encountered while building a site for confidential conversations.
What sorts of problems does SecretSocial solve?
Zubin Wadia: SecretSocial is a place for people to engage in private and authentic conversations on the social web. The social web today is primarily a public affair with a static social graph associated to it. If you “follow” or “friend” someone, they remain in your sphere until you decide to curate your social graph again. At best, many social services offer the ability to create groups to partition your social engagements. We think groups are unintuitive. Human relationships are far too sophisticated and transient to be expressed that way.
SecretSocial makes conversations natural by letting the topic drive the degree of privacy and participation needed. The added twist to this is plausible deniability. No record of the conversation is kept on our servers upon conclusion or termination of the conversation.
We also have a “sudden death” mode where any participant can preemptively terminate a conversation and destroy the data if they’re uncomfortable with it.
What are some of the use cases? Could this be a WikiLeaks-type service?
Zubin Wadia: Initially, we expect this to be popular among users of Twitter who regularly strike up interesting conversations with people they want to know better. It should also be well received by users of Gmail who are initiating emails that may be sensitive in nature. SecretSocial makes transitioning from that initial Twitter skirmish to a relationship extremely simple. You can also invite users over SMS and email.
In the future, we can see SecretSocial being used for journalism, pro-democracy movements and a number of professional use-cases. Our intention is not to be a WikiLeaks-type service, as we are inherently identity oriented. We simply want people to have genuine conversations about topics pertinent to them.
How do you make sure that users’ data is really gone?
Zubin Wadia: For starters, we do not store conversations on disk. Everything happens in-memory within our system architecture. Conversation data in SecretSocial is by default, ephemeral. There is no disk persistence. We take a page out of records management and essentially put a self-expiration tag on every conversation object. Conversations have to last between 15 minutes to 1 week. When time elapses, the objects are destroyed.
Also, traffic is encrypted end-to-end with TLS 1.0 and we take active measures to ensure nothing remains in the browser cache once a conversation concludes.
While we agree with Pete Warden on his assertion that you can’t really anonymize your data, we do not think it applies to us because we don’t aggregate or retain any of the conversation data beyond one week of the initiation. So passive correlations with other datasets to reveal identity are just not possible within the confines of our service.
What are your policies when it comes to sharing information with the authorities?
It should also be understood that we take active measures to monitor, detect and ban users who are engaging in suspicious activities. We also anticipate the community being a powerful force in keeping SecretSocial a safe place for having unvarnished conversations.
How do you monitor? What kinds of things are considered “suspicious activities”?
Zubin Wadia: Monitoring is done through keyword matching right now. We discard all terms once the conversation time elapses or terminates. In the future it is going to get significantly more intelligent, but at this early stage it was the bare minimum we could do to keep people safe and not record or snoop.
Suspicious activities include anything related to terrorism or sexual predators. We have a zero-tolerance policy when proof of this is reported by one of our users or we pick up a pattern in an active conversation.
This interview was edited and condensed.