In an up and down week for the startup, Blippy gained a huge amount of unwanted attention on Thursday and Friday as it was discovered that four (and eventually five) of the company's users saw their credit card numbers exposed, in full, through creative Google searches (since removed). As somebody who has registered my credit card and debit card with Blippy, you might think my knee-jerk reaction would be to pull out my data, but it's not, and I am just as supportive of the creative site for sharing transactions as I ever have been. I will continue to encourage people who want to share this activity to use the site, and I am not any more shy about putting my data into their product than I was before. Similarly, I will continue tracking all my data on Mint.com and other sites, because these companies and others like them, have proven themselves to be trustworthy and innovative - delivering me real value.I joined Blippy in January largely because as I have been participating in and advocating sites that tell people what we like for years, Blippy takes the next step and tells people what we actually purchase, going beyond the "like". I have watched Blippy expand its social capabilities, as you can follow friends, have conversations on transactions, and see groupings of similar behavior, seeing who is buying from specific vendors, or even finding out if other friends are buying the same things you are.
My Credit Cards Go to Blippy Automatically. Zero Concerns.
Unlike some users of the site, I opted to go "All in" with Blippy, sharing not just my soft accounts, like Zappos and iTunes, with the service, but all my purchases. That means you see the boring fillups at Chevron on my debit card, my cash withdrawals from the ATM, and yes, even my wife's Teletubbies DVD rentals on Netflix for my kids to watch. I did this because for much of what I do, I am living life in public. I believe in sharing as much as possible, partly demonstrating that there is little to hide. And while some of my transactions are boring, that's just who I am.
When it was reported this week, by VentureBeat, who, from my understanding, worked on the story for a few days before issuing their initial story, that some cards were exposed, it was quickly shown to have been a limited bug, related to early beta users using a specific card from a specific bank - and was completely out of the ordinary. Blippy quickly responded to the issue, and worked publicly with Google to solve the issue, keeping all of us informed, if we were nervous. (I wasn't)
Mashable's Typical Approach to News Reported by Others
Meanwhile, you saw the typical tech press pile-on from people who had done no original research, flocking to the story like youths at a soccer game chasing a ball, as blood in the water can be exciting. But VentureBeat calmly and professionally kept the story updated, while the Blippy blog did the same, open and with considerate remorse.
There is a huge difference between making a mistake and being untrustworthy - and for me, putting my card data in Blippy is not dissimilar to putting my credit card data into Mint.com, having Intuit find my W-2 data come tax time, or entering my credit card information over and over and over from e-commerce site to e-commerce site. In order for Blippy and Mint.com and these other businesses to succeed, they need to ensure the safety of users' private data, and practically without exception, they have done so. The companies' success will come through their amassing a high number of users, and being able to report trend data based on groups and demographics, not on individuals - and thus, it is in their best interest to keep your data safe and secure.
Google Makes Their Role In Fixing the Issue Clear
ReadWriteWeb chronicled some of Blippy's response to the slip-up today, when they said what to do when a PR disaster strikes your startup. Blippy did the right thing by all accounts, apologizing, making full disclosure, and reporting how the issue was being addressed. Meanwhile, Google's Matt Cutts took to Twitter to explain what that company had done to fix the issue also. That's transparency and a closed loop response.
If I had more options to share even more data with Blippy, I would do it, and getting my e-mailed updates from Mint.com is among the highlights of this data-driven geek's week. It benefits the Web at large to get more real data about our purchases and activities public, and Blippy is one of those making the process interesting. I trust them with my information, and won't be changing a thing. You can find all my data here: http://blippy.com/louisgray.