Article No :1302 | September 5, 2014 | by Joseph Dickerson
If you were paying attention to pop culture news this past weekend you’ve seen that a whole lot of photos of female celebrities in various levels of undress, leaked onto the Internet. The photos—illegally taken from the iCloud accounts of these very famous people—were the subject of many conversations online, though one topic was rarely discussed.
That topic is my bread and butter, the way I make a (pretty decent) living: user experience. While many people (very wrongfully) “blamed the victim,” I see another source of blame: bad user experience design. Bad design because it took choice away from these people. Bad UX, because it allowed hackers to access these photos way too easily. And this bad user experience came from a company renowned for it’s great user experience: Apple.
Let’s tick off the instances where Apple has failed these (and other) users, shall we?
UX Fail #1: Automatic photo and video backups to the cloud
Apple, in their desire to keeps things simple, defaults the choice to save photos and backups to the cloud. This means many people don’t even know that their photos are saved somewhere else. When the user selects something, even if they are distracted, they are still making that decision. By taking the decision away from the user, even if you tell them you did something on their behalf, they are much more likely to forget. And most users aren’t “tweakers”—they don’t go in and change settings to customize their experience. Apple, of all companies, should know this.
When it comes to this type of decision—moving important personal content to another location—complexity needs to be a part of the experience. Simplicity, for all its virtues, can result in lack of understanding and awareness. The right thing to do is to make things just a little more complicated: make users have to opt-in, not have to opt out. This needs to change, Apple. Now.
UX Fail #2: Lack of visibility
How many “backups” did these celebrities have saved to the cloud? Who knows, especially the end users. Go to your various iDevices and try to quickly discern how many backups you have “up there.” Go ahead, I’m waiting. Yes, you can eventually find this, if you access your iCloud directory through a file explorer … but how many people know how to do that? Many, if not most of these stolen photos were taken from backups—the actresses deleted the nude photos, but the backups still had them.
UX Fail #3: Keeping (almost) everything
How many backups does iCloud keep? How many photos? In their desire to be competitive with every other cloud service, they keep a lot, instead of intelligently purging old files. And, as referenced above, users have no idea what is up there unless they go look. I bet a lot of people are a little more curious today.
UX Fail #4: Unlimited password retries
Apparently the hackers (or perhaps hacker) got into many of the accounts by using a “brute force” attack, which meant they entered multiple password attempts without being stopped. Apple needs to lock this down, hard, and do what many in the tech and banking industry do: Three strikes, and your account is locked. And if you want in, you have to enter a code that is texted to your device and your correct password.
UX Fail #5: Lawyerly language, instead of apologizes
The press release Apple put out after this news broke was … well … it was a big ol’ pile of CYA (cover your ass). It basically blamed the victims, and implied that their passwords weren’t strong enough. It was written by a room full of lawyers, instead of an empathetic human being. What they should have done was say how secure that the iCloud was, how upset they were, and how they will be making their secure system even more secure for users everywhere.
Thankfully for Apple, only the tech media paid attention to this release, so it wasn’t as bad a PR blunder as it could have been—but we’ll see how Apple handles things next week, when it is scheduled to announce a new iPhone or two.
So, where does this leave Apple? Best case scenario, their reputation has taken a temporary hit that has impacted the biggest and best “feature” Apple iDevices have: Trust. Users trust Apple and Apple devices.
Apple has long understood that these were not consumer electronic devices—they were personal devices, with an emphasis on personal. When the first iPhone came out a friend of mine said that it was like “an extension of my own hand.” It was a trusted extension of his self.
If Apple can’t protect celebrity pictures, how can protect user’s bank accounts, or health information? Once trust is lost, it is hard to recover. Time will tell how many users will no longer trust their iDevices because of this, and go to the many alternatives out there. I know some celebrities are probably looking very closely at the newest Android phones right now…