Privacy with Backend-as-a-Service

Alastair Aitken 3 June 2013 0

Recently I’ve been attempting to control my inbox by reducing the number of extraneous emails I receive. To effect this I have been unsubscribing from as many email lists as possible. One email list I may or may not have unsubscribed from is the announcements list from Parse, because I’ve only just heard the news that Parse has been acquired by Facebook.

The news came as something of a wake-up call. A few months ago I had tested out Parse on behalf of a small client who didn’t have the resources to maintain an entire infrastructure for their application. I had to double-check that we hadn’t used existing client data for testing purposes on Parse. This probably wouldn’t have seemed such a big issue if Parse hadn’t been acquired by a company that a) makes its money from user data and b) whose attitude to privacy isn’t always easy to figure out at best.

By using Parse, it could be argued that Facebook’s privacy policies will de facto become your organisation’s privacy policies – perhaps not right now but at some point in the future when the terms and conditions are changed unilaterally by Parse’s parent company, which has a well-established track record of doing so, often in the face of end users’ protests.

Some thought that Richard Stallman was being a bit reactionary when he determined that the use of cloud computing is stupid but it was only after reading the news of Facebook’s latest acquisition have the scales fallen from mine eyes. Yes, I understand that Facebook has acquired Parse ostensibly for what it can offer to help developers create Facebook-using mobile applications but do you really want to entrust all your data to such an organisation?

Services such as Parse – along with its rivals such as StackMob and Kinvey – will mostly be used by organisations a lot smaller than Facebook. Which means that Facebook will feel able to make unilateral changes to terms and conditions, much as it did with Instagram after it was acquired. Being smaller than Facebook means that your organisation won’t have the resources to fight changes and, by implication, keep control of its data. The chances are that if your organisation is an SME, it can’t afford to employ a legal team to keep track of changing terms and conditions. If Facebook/Parse have your data and your data is core to your business, who is the real business owner?

South Park doesn’t do subtle but each episode invariably has a message. The episode “HUMANCENTiPAD” warns, in the most offensive manner possible, about the perils of agreeing to unread terms and conditions. I for one don’t want to end up as Mark Zuckerberg’s bitch, never mind in the middle of a Facebook/Parse centipede.

Alastair Aitken (124 Posts)

As a contract developer and manager I’ve worked in a wide range of enterprises in a variety of countries where I’ve encountered everything from great work, awful work, bizarre work, all the way down to quasi-legal work. If you think that you recognise your own organisation within my articles then you’re undoubtedly wrong, where you work isn’t that unique.

Leave A Response »