Dear startups and other relevant parties: It's 2012. It is no longer ok to


  • Not offer a way to download our data in some sort of a standard, transparent, and at least somewhat human-siftable format
  • Hide or otherwise be opaque about precisely what personal data you smuggle out of our devices
  • Not offer a one-to-two-click process for deleting our accounts
  • Fail to actually remove our data from your servers after we delete our accounts (while complying with applicable regional laws governing data retention)
  • Believe that taking VC and selling your customers’s private information is the only way to get a company off the ground, let alone run a successful business
  • Not use SSL for passing even the slightest bit of private information
  • Offer Facebook Connect as your only signup option [hat tip to Zwei in the comments]

Did I miss anything?

I wholeheartedly agree.

Alex Hoffmann @mangochutney