Thursday, May 25, 2006

Trust Model

Have you ever used an application that violated your trust? Maybe it didn’t save something when you thought it should have or maybe you unexpectedly came across you and all of your living relatives in some online pedigree. One of the subtleties to successful applications is not breaking the user’s trust model. There are numerous ways in which the current array of family history tools violates people’s trust.

As family history applications become increasingly more collaborative in nature one of the primary issues to be considered has to do with sharing data. Using large brush strokes I can describe the trust model that users expect with regard to collaborating on their family history. Users tend to break their data down into three large chunks: my stuff, my shared stuff, and my published/public stuff. Notice that in all three cases they view it as my stuff. The difference is in who they are allowing to see their stuff. If the user were to encounter an application that doesn’t support this model they are likely to either abandon the tool or augment it. For example, if they used a tool that immediately published all of their work to the world, they would likely not use the tool. Instead, they would keep all of their stuff and their shared stuff someplace else until they were ready to publish. If they didn’t realize the tool was going to immediately publish and they used it, they would likely feel so burned by the experience that they would never come back.

The challenge to this is that fundamentally if people will share sooner they will make faster progress on their family history. They will more quickly find others working on the same problems that may already have the answer or can at least offer help. So how do we build a new generation of family history tools that support the user’s trust model but also encourage the user to share and publish sooner? Here are four ideas.

  1. Help the user always feel like it is their stuff. They own it. If they share it with you always allow them to get it back.

  2. Provide at least the three mental buckets: my stuff, my shared stuff, and my published/public stuff. This does not imply complex access control systems. The simplest form can be stuff that only I can see, stuff that people on my shared list can see, and stuff everyone can see. More and more I find complex grouping concepts in sharing to be too much for ordinary people. I really like the way Flickr.com has implemented this. Here is a snapshot of their access control.



  3. Allow the flow of the program to encourage people to move their data from my stuff to my shared stuff to my published/public stuff as quickly as possible. Offer carrots to do it. For example, an application might look at my stuff and compare it to someone else’s stuff and then notify me that it looks like someone else is working on really similar stuff and ask if I’d like to contact that user and share some of my stuff.

  4. Allow the user to say “I think” or “Maybe” about their conclusions. This is an area of functionality that is tempting to make overly complex. You could build a whole feature set around analyzing the quality of evidence, a surety schema, etc., etc. Ordinary people are likely to be driven off by this. One simple way to implement this might be to have a flag or button associated with fields that indicate that the conclusion is really a hypothesis of sorts. This would allow the user to share their work in progress with others without losing that important piece of metadata “I think”. Systems could also be more cautious about how they propagate things marked with an “I think” flag.


In summary…
  1. If an application doesn’t support the user’s trust model they won’t use it.
  2. The user definitely has a trust model around collaboration.
  3. We need to support the user’s trust model while facilitating faster, more frequent collaboration.