We made lots of mistakes. And this is a long post that, in great detail, goes over our mistakes and what we plan to do about them.

Start-ups often make mistakes. But millions of users, consumers, bloggers, critics, etc. set us right when we make wrong choices. It shows they care. Good start-ups evaluate the feedback and iterate to receive new feedback … resulting in a positive feedback loop (even when the feedback itself isn’t always positive).

Over the last two weeks, Rapleaf received a lot of feedback. Most of it unsolicited and by people who have no relationship with the company (this is the best kind of input as it gives a much needed and different perspective).

What do we do?

Rapleaf searches the Internet on people much like some of the more well-publicized services such as ZoomInfo, Wink, and Spock. Rapleaf is a giant system that evaluates billions of pieces of information on over 50 million people, growing by a few hundred thousand people a day. This is a lot of information.

People are sometimes taken aback because of the breadth and depth of Rapleaf’s search. Unlike some of the other services that search on name, our search is based on email address. We are essentially the largest, deepest, and fastest email search engine.

But we do more…

We gather this information to allow users to control it. At least, that is what we want to do. But as many people - like Judi Sohn, Marshall Kirkpatrick, and others - pointed out, we definitely made a bunch of mistakes in this realm in the last few weeks.

Our Goals: to encourage freedom of data and allow user data, from profile information to social graphs to user preferences, to be 100% portable.

When we started the company there was a lot of buzz about portable reputations, but we didn’t realize at the time that one’s reputation is not just what someone says about you on eBay, but also who you hang out with, what you participate in, etc. And reputation is very context dependent (Bill Clinton might have a reputation as a good leader but a bad husband).

So in the next few months you’ll see a whole bunch of products from Rapleaf that allow the community to more easily access information and build products on top of this information.

Now back to our mistakes and how we corrected for them…

All this data about me is scary:

There is a lot of information about people living on pockets all over the web. Everyone has an online/web footprint. And it is accessible if someone really wants to research someone – the information is publicly available – but it takes a lot of time to find.

Rapleaf automates this search process. We search billions of pages on blogs, social networks, forums, etc. for information on people. And a little over a month ago, we started making this information public on Rapleaf.com

Some people did not understand how we found their info and were worried that this info was going to be public, even though the info was already public. Others were concerned that their info was just plain wrong. The common denominator was not understanding where this info was coming from.

Yesterday we cooked up an idea to solve this - we are going to tell you where we obtained the info. Essentially all info will be attributed to a source and that way you can correct it at the source. We haven’t started coding this yet, but look for this change in the next few weeks.

“You’ve been searched” emails:

We send emails to people after they are searched on Rapleaf.com. We send the emails every Monday night if they were searched the week before. We do this because we want to give the person who is searched on Rapleaf the opportunity to manage their information and privacy and to give them the opportunity to opt out or to change something (such as not displaying their age). Since we gather this information on people, it is important to let them know about it.

Last week we also made a decision to send the “you’ve been searched” emails to people that were searched for in Upscoop, a service we run that allows you to upload all your friends and find out what social networks they are on. In retrospect, this was really stupid and very wrong for doing this without any controls. Very very wrong. But at the time, it seemed like a really good idea for some reason. The problem is many people who use Upscoop were unaware that their contacts would receive a courtesy email.

Again, we were wrong. Now we iterate. And we ask for forgiveness.

We stopped sending the Upscoop been-searched emails yesterday. If we decide to re-enact this, we will likely give our users the ability to opt-out of sending email to their contacts. In addition, we will likely not send more than one “been-searched” email to someone more than once a quarter.

A few people also asked us to stop sending the been-searched emails on Rapleaf.com. We debated the merits of that request internally and came to the conclusion that this is a good feature (the vast majority of the feedback on this have been very positive). People should know if their information is available for others to see. But we’ll limit these emails to maximum of once a quarter.

Opt-out:

We always had an easy system to get information removed from Rapleaf. You email our customer service and we immediately restrict all your information. Simple. However, we also had an additional (and onerous) system to completely delete the information about oneself. As a start-up, we looked at how some larger, more established companies were handling opt-outs and did exactly what they did.

In retrospect, this doesn’t make sense, as highlighted by Matt Roberts. Since we’re already removing information off the Rapleaf.com site when we get an email, we should just delete the information. So we amended our privacy policy to make it much easier to get out of Rapleaf’s system if you want to.

Multiple privacy policies:

Previously, we had three different privacy policies for Rapleaf, Upscoop, and TrustFuse - our B2B data provider (see below). We originally did this because we thought we would have shorter and easier-to-understand policies which were service-specific. This created a sense of mistrust due to the lack of transparency and just didn’t make any sense. Not at all. It became apparent when I talked to Stefanie Olsen (of CNET) on the phone last week – she was very confused with what info applied to what site. Stefanie is very smart – so we figured that if she was confused, millions of people will equally be confused.

So we changed it. We created one comprehensive privacy policy and released it last Friday (August 31). It is still a serious work in progress and we’ll likely need to make edits to it, but it is a big improvement and we look forward to receiving feedback so we can iterate further.

API v2 and Project TrustFuse:

After working on it for many months, we announced our V2 API (aka Project TrustFuse) last week. We’ve been working on Project TrustFuse for the better part of the year, and we’re glad to get the first rev out.

Our API allows people to do en masse Rapleaf lookups to better help their users. This is an open data platform for developers to build products on top of. For instance, I heard someone was working on a WordPress plug-in to easily attach social network information to blog comments … I’m really looking forward to seeing that.

Like other well-known APIs (for instance, Google Maps API) we give a certain number of searches for free so consumers can build cool apps. People that are doing lots of searches on a monthly basis pay a little bit of money per lookup. This is how we generate revenue.

And we’ll even give heavy users the ability to do batch lookups and provide aggregate reports of the information. And yes, these heavy users and companies may use this information for marketing purposes to give their users and better offers when they visit their sites. But they also use this information to provide a better user experience on their sites, to adjust their fraud algorithms, work on eliminating captchas for the masses, enable political candidates to better interact with voters … to name a few examples.

Rapleaf’s new V2 API is going to help enable the Bill of Rights for Users of the Social Web to become a reality.

But we screwed up here too. We’ve been massively secretive about what we were up to (working in dark caves night and day) to prevent competitors from doing something similar. We should have been more confident in our abilities (we have the best engineers on the planet) and been more public about what we are up to.

We’re doing that now: detailing Project TrustFuse and the Rapleaf V2 API. And we’ll be doing more on this front to build clarity and to let thousands of people write software on top of the data.

What else we need to do:

We’re currently assembling a privacy advisory board to advise us when privacy related matters (such as the ones over the last couple weeks) occur. While we’re confident we’ll make lots of mistakes in the future, we want to ensure we have some trusted feedback on new products and features we are releasing.

We also want to give bloggers and community leaders the ability to get an early preview of the products we are releasing. This way, you can give your feedback BEFORE it happens (and probably stop us from pushing a lot of stupid ideas). If you are interested, email reputation@rapleaf.com and we’ll add you to the list.

And yes, OpenID is coming too.

We sincerely apologize to those that were offended, felt their privacy was violated, or lost trust in Rapleaf. You’ll see, we’ll make it up to you and do you proud.

Overtime we’ll continue to educate and explain the uses of Rapleaf and how individuals empower themselves. Check out our blog over the next few weeks to as we’ll chronicle how others have used Rapleaf for their benefit.

It is humbling being wrong

I remember in high school, I always wanted to be right. You remember when you were younger…you thought you were smarter than everyone and you hated being wrong. But as you get older, you realize it is inevitable to be wrong and if you are trying lots of things, you are going to be wrong often.

It is humbling being wrong, and we’ve been wrong a lot at Rapleaf. This experience of receiving all this feedback has been extremely helpful to our product development and we really appreciate all the time that people spent putting together extremely thoughtful advice. Hopefully we can continue to iterate, respond, change, get feedback back from you, and iterate again (feedback can be sent to reputation@rapleaf.com).

- Auren

p.s. - Special thanks to all those who already and continue to give us feedback including:

Matt Blumberg (http://onlyonce.blogs.com/onlyonce/2007/09/personal-reputa.html)

The Customer (http://thecustomer.co.uk/marketing/customer-20-i-own-my-privacy)

Dean Donaldson (http://deandonaldson.blogspot.com/2007/09/trustfuse-igniting-time-bomb-on-your.html)

David Evans (http://theprogressbar.com/archives/2007/08/reputation_and_social_networking/)

Henry Farrell (http://crookedtimber.org)

Nathan Gilliatt (http://net-savvy.com/jobseeker/marketing/check-yourself-at-rapleaf.html)

Tish Grier (http://spap-oop.blogspot.com/2007/09/perils-of-social-networking-pt-2.html)

Andre H. (http://n0comment.wordpress.com/2007/09/03/the-internet-and-privacy-get-yourself-removed-from-rapleaf-quickly/)

Denis Hancock (http://www.wikinomics.com/blog/index.php/2007/09/01/rapleaf-and-the-growing-privacy-challenge/)

Keyser Infinity (http://keyser-infinity.livejournal.com)

Junkdepot (http://blog.junkdepot.com/browse/updates/junkdepot-fights-fraud/)

Marshall Kirkpatrick (http://marshallk.com/)

Liminal Librarian (http://www.lisjobs.com/liminal/2007/09/walking-line.html)

Adriana Lukas (http://www.mediainfluencer.net/2007/09/master-slave-relationship/)

Natalie M. (http://sevenorora.livejournal.com/42885.html)

Randy McDonald (http://rfmcdpei.livejournal.com/)

Kristen Nicole (http://mashable.com/2007/09/04/rapleaf-privacy/)

Matt Roberts (http://mattroberts.com/)

Stefanie Olsen (http://news.zdnet.com/2100-9588_22-6206023.html)

Akkam’s Razor (http://www.akkamsrazor.com/)

Judi Sohn (http://www.momathome.com/)

Killer Startups (http://www.killerstartups.com/User-Gen-Content/rapleaf–Do-You-Have-A-Bad-Reputation/)

Technology News Daily (http://news.techvine.org/2007/09/05/rapleaf-changes-questionable-privacy-policy-in-response-to-recent-inquisition/)

Weblogsky (http://weblogsky.com/2007/09/being_a_public_character.html)

Lauren Weinstein (http://www.securitypractice.org/2007/09/fw-ip-re-at-rapleaf-your-personals-are.html)

And whole bunch of other blogs written in German, Hebrew, Spanish, Chinese, Japanese, French, Dutch, Italian, and English four-letter words.