Is it a privacy risk at all, though? Instagram starts uploading after you click the green check mark, which presumably says, "Hey, upload this for me," and continues uploading while you dilly-dally over the photo metadata sheet.
I'm a complete paranoid when it comes to privacy issues, and I don't see any issue with an upload that starts after I click a green check mark that, to me, means, "Hey, upload my photo, please!" There's the question of what happens to the uploaded photo on their servers when you cancel at the metadata stage, for sure, but that's a data retention question, not acquisition.
From what I've used of the Android app, there are enough warnings that notify you that the photo is being uploaded.
After taking a photo with your camera (or selecting one that you have stored locally), you get to a details page with a big button that says "UPLOAD" at the top right. So assuming that one does take naked photos of oneself or someone else, you'd have to confirm the upload. I only bring this up because FTA, the iOS screenshots just say "Done".
Now, if Instagram does indeed upload before you press the big green "UPLOAD" button, I'd say that's a breach in trust with the app.
Which is exactly how Facebook works... i.e. you select some files and then you mess around with the album properties, like date/place take, album notes and whatever else there is. Granted you need to explicitly choose the photo's in the first place, but that's the green button you speak of.
No, you're not. Several answers of this sort, ignoring the expectation that apps to disseminate information without your permission. This is a general expectation, but in particular on iOS there is a clear tilt towards ensuring the user is happy with such actions.
You know that Instagram can load photos from your camera roll, right? "what would this nude photo look like with that filter?" is a common use-case, I'd guess. And a strong expectation that it would not be sent to an outside party as a result.
That's a pretty damn presumptuous thing to say... have you seen any studies or conducted one yourself where people admitted to leaning towards user-experience benefits about online photo sharing at the expense of privacy?
I agree with your point though that users have a responsibility to figure out the objective of the app in order to understand the context of its intended use.
I think Facebook is an excellent piece of evidence that users are generally concerned about UX over security.
Just because you and I are are thinking about security, doesn't mean most people are. And I don't even feel like this is a horrible thing for Instagram to do. It is an app specifically for uploading and sharing photos.
There are concrete studies (search Acquisti) that shown Facebook users have a big disconnect between what they want as privacy and what they do. And that disconnect has , in more than one top journal papers, been attributed to a lack of total grasp of the privacy settings and its implications by the common public. So I think one should refrain from making bold claims like "users are generally concerned about UX over security" (I believe you meant privacy and not security).
I totally agree with the philosophy behind your claim that users see privacy as part of a utility function where sometimes the value of the experience trumps privacy controls and it also depends on the value one attaches to the information he/she is sharing. So from that perspective, especially given the publicly accepted norm that everything on instagram is public (like in Twitter), this "privacy calculus" will probably work out in favor of Instagram's decision here. And yes, it is not a horrible thing for them to be doing either.
But it does break the trust for those who are accustomed to the connotations of certain UI features (like "Done" button and progress bar).
Instagram will get away with this, but if somebody with a less trust level was engaging in such pre-"Done" uploading activity, there would be pushback. What I fear is that the co-founder by sharing this with the developers community will encourage this behavior in other startups/apps and this will then become an industry best practice even for the shady apps (just like it did for the address book).
You probably wouldn't use Instagram for taking all your photos.
On the iPhone at least, it only saves photos if you post them. You wouldn't be able to use it as a camera for private photos unless you didn't want to keep them.
There is one work around - you can get it to save the photo if the upload fails, so if you put your phone in airplane mode, you can take a private photo. Apart from that, Instagram only works as a sharing app, not a general camera. I think since it works this way, 99% of people won't care.
The Android version saves all the photos I've taken with Instagram locally. Of course I don't know whether there are copies of these images on their servers, not published to my public stream, as the app doesn't show anything like that.
It saves the local copy after you apply a filter, so at the same time it is uploaded but probarbly before the user is "finished" with the upload process (screen 2 after applying filter is to add a caption, and while that is happening the photo is uploaded).
But then again that is like writing erotic short stories in your twitter apps drafts and be outraged that they are saved online.
Instagram is a photo sharing service. They've never hidden that aspect. The default user expectation is uploading and sharing. I don't see why immediately initiating the upload would be unexpected for the user.
Because, uploading before pressing the "save this publicly" button is counter-intuitive to most people. Much like if texts were sent before I pressed the send button -- until i press that button there is the option to change my mind, edit what i say, etc. This is the mental model most people will have, way more so when presented with a "publish" button (akin to a send mms button).
> Much like if texts were sent before I pressed the send button -- until i press that button there is the option to change my mind, edit what i say, et
Except that analogy doesn't fit. Other users cannot see, nor do you see on your account, the uploaded-but-not-explicitly-published photo. It only appears publicly when you choose for it to be.
A text message that was sent before you pressed the send button would have to be held at an intermediate (such as BBM servers or iMessage servers), and of course makes little sense due to the size of a text vs. the size of a photo.
I understand the technical aspects of it. There is still no guarantee that they delete the photo. They say they do, and I don't seriously doubt them, but the possibility exists that they keep them around for whatever reason. Further, there is a real possibility that an attacker could find a way into the Instagram systems or hijack the communication streams between users and the servers, and then you have a leak. It is a potential privacy concern that is caused by the "upload everything and throw away some of them" algorithm.
There is a difference between upload and publish. The app might be uploading the photo in the background, but that's to get it over the wire to instagram. The publish isn't being made (aka, the photo being visible to anyone) until you complete the upload process.
Uploaded doesn't mean it's permanently stored, it only means that part of the file might have been uploaded already by the time you confirm the upload.
If your intention was in fact to upload the photo, good on you, you save a few precious seconds.
If your intention was not to upload the photo, then they simply cut the connection, send a delete order and move on.
What if I, a regular user, uses instagram for taking all my photos.
What if I take nude photos of my wife. Should I really expect instagram to upload them without my permission?
I'm guessing 99% of people would not only be surprised by this behavior, but also outraged.