I think someone, and I think it will start with ME, should contact Google and let them know that their API is being abused like this. I didn't use a GMail account when I responded/signed up the site, and chose not to import from my Google account. Wow, talk about killing your company in under a day. They can never recover from all the bad press they are getting from spamming emails like this.

These are all valid points Chris except for two things - not everyone is as savvy as your good self and in this particular case, it was not made clear that Quechup would farm every email address from the individual's contact list without giving the user the choice as to which persons you'd like to invite. In my case, I didn't see anything other than 'me too' written over the service so didn't bother when I received an invitation from someone on my network. But then as you know, many of us are looking for the next shiny new thing so it is hardly surprising that folk got caught out. Nevertheless, a timely reminder.

I was quite aware of the step and let Quechup import name from my gmail - the only thing was, it displayed 0 addresses as if it had been unsuccessful in finding any email addresses.

Luckily it is just as easy to unsubscribe to Quechup as it was to sign up for it - and no 3rd party will get an email. Go under account, cancel membership.

This may be the most short-lived bonanza in social media history - good name though - that's why I joined, I liked the name.

kh

You quote :

"Congratulations! Welcome to Quechup. Find out which of your friends are already members. Choose the address book with the most contacts and we'll search for matches so you can add them to your friends network and invite non Quechup members to join you. By inviting contacts you confirm you have consent from them to send an invitation. We will not spam or sell addresses from your contacts.”

This obviously is read as :

"Choose the address book with the most contacts and we'll search for matches so you can add them to your friends network and YOU CAN invite non Quechup members to join you. By inviting contacts you confirm you have consent from them to send an invitation. We will not spam or sell addresses from your contacts."

Although it deviously can be read as :

"Choose the address book with the most contacts and WE WILL search for matches so you can add them to your friends network and WE WILL invite non Quechup members to join you. By inviting contacts you confirm you have consent from them to send an invitation. We will not spam or sell addresses from your contacts."

However, even in that interpretation, "By inviting" does not refer to the previous sentence, since the meaning "Because WE invite your contacts, YOU confirm (etc)". At no point in the procedure does it say that Quechup will send mails to each and everybody in the address book. At no point in the procedure does the user get a list of people that will be sent an email. At no point in the procedure can the user select anybody to invite or not.

Moreover, the email that IS sent, is sent AS IF the user sent it. This is not only dodgy, it is even illegal in most European countries. Member-gets-member campaign mails should originate from a mail address within the same domain as the website they originate from. In Germany, you even have to send a blank email to the invitee first, asking him whether he / she wants to receive the invite.

I did not consent to anything, as I didn't invite anybody. I did not send any email.

So, no witchhunt on my part. Just trying to do my best and get these bastards out of business.

Chris,

I agree with much of what you said. I am one of those who got sucked into signing up. I received the email invite and it came from a very trusted source, one who I would expect to share something like this. I was doing a variety of other things but decided to give it a shot, see what it was about.

We all suffer from Yes Syndrome, that disease we get from installing too much software (yes, yes, accept, yes, ok, accept, yes, yes, done). I also noticed that it would import things for me but believed that I would have control over what got sent out and when.

Will I read something more carefully next time, no matter who it come from? Yes
Will I even perhaps write to that person and confirm they meant to send me something? Yes
Are there any number of other "freshman" mistakes I'll make? Yes
Will I ever send an email to a whole listserve instead of just to one person? Yes
Do I believe this company is innocent and this "just happened" accidentally? No
Do I think both the incident itself and what followed it are learning experience and possibly ways of teaching/reminded us of how to ride our bikes without the training wheels? You betcha!

Yep, I didn't read, and not knowing that I even had anything in my gmail address book, I clicked through it. Turns out, the SLED list was the ONLY entry in my gmail address book! What can I say? I usually read first...

First of all thank you Chris for a fair review that is intended to open a discussion rather than as you say "witch hunting" - which is why I'll bother to put a comment on here.

I will state my opinion as someone who works for the company, which is NOT to be taken as the official company position as this will, i know, have to be vetted and approved by lawyers, at any rate it would not be down to me to be stating the company's position.

Quechup has had the "check who you know" option since mid 2005, before many other social networking sites had similar options. It has always operated in the same way on Quechup, has always been optional with a link to skip it and has always carried the explanatory text. The statement of use and how it works were placed directly on the page rather than hidden the terms and conditions or privacy policy as many users do not read them despite having to tick a box stating "I have read and I agree to the Terms and Conditions".

The system has worked with few incidences of confusion as to what is entailed since that time. Recently with the growing popularity of social networking sites a "standard" as to how these features work seems to have emerged and the standard is different from how the feature works on Quechup. This causes problems with users expectations.

From the amount of time users spent on the page it appears that most members used to read the statement, rightfully wanting to make sure what was going to be done with their personal details when asked to provide personal login and password information for other sites. Given how commonplace such features now are it seems most users are used to and happy to give these details without reading such statements first.

This has caused problems with users expectations and while the site may have gained some extra users from unintended invites going out, these are out weighed by dissatisfied users who feel their expectations haven't been met.

The Quechup development team are re-developing the system to be inline with the "standard" method for such systems. This was due to be released along with several other new "web 2" style features as a new redeveloped version of the site. Given the recent "Quechup bashing" its now being given top priority to be retro-fitted it into the existing Quechup structure and should be in place very soon. Until it is released the wording on the page will be altered to avoid any ambiguity, this will be live on the site once it has been approved by legal council, which should be Monday 3rd September.

Unlike many sites Quechup will only send 1 invite per member to a given email address and we do not send period "reminders" at 3 days, 5 days 1 week etc. as many sites do.

Finally the way Quechup sends its invites is by using the FROM as the inviter - this is in part because Quechup uses an alias system for members to help protect their privacy and the invitee may not recognize their alias name. However the invites use the SENDER as Quechup in the mail headers, this is the same as Hotmail uses and in most email applications including Hotmail is shown as "FROM Quechup ON BEHALF OF xxxx".

I hope this answers a few people's questions.

Why would anyone, signing up for an untried service, give out their email password? And people are surprised that bad things happened?

Simple rule - do not give out your password. Ever. Easy, huh?

It's nice that the Quechup folks admit that their site is at least confusing. It's much worse than that but at least one of them is talking.
HOWEVER, every invite I get has the username and password of my friends on the site. Not only is the site spamming but it's sharing private info. That's beyond negligent. I wasn't up for a witch hunt until I saw that.
Now I'm ready to get my pitchfork.
Intellagirl

Quechup has changed their wording. Yesterday I was scammed by it. I'll admit, I've done the whole "friends search" on other sites and have never had an issue so I did it again on Quechup. So today I created a new email address at yahoo (so no one would be in my address book) and I reregistered (ironically with the username "QuechupSucks")

Here's their wording today....emphasis added by me:

Check who you already know that's using Quechup and
invite them directly to join your friends network
making Quechup an even friendlier place! Complete your
account details below & we'll check your contacts for
matches on Quechup SO YOU CAN CHOOSE WHO TO INVITE
TO YOUR FRIENDS NETWORK invite non Quechup members to
join you. By inviting contacts you confirm you have
consent from them to send an invitation. Don't want to
check contacts now? Quechup will not spam or sell
addresses from your contacts. See our privacy policy.

This is different than I'm seeing quoted on the web today. The screen shots and quotes I've seen do not have the "so you can choose" option. Maybe they've changed? Who knows.

Rather than resorting to a witchhunt perhaps it is best to go to the source to get the answers?

According to their website, www.idatecorp.com, their CEO is Mark Finch and can be contacted at mark@idatecorp.com. Glen Finch is the Vice President and can be contacted at glen@idatecorp.com.

The site also has other useful information including their advisors which lists addresses of legal counsel, accountants and others in both the US where they are incorporated under Idate Corp. and the UK where they are known as Idate Ltd.

I am sure that as a socially responsible company they are going to be interested in hearing everyone's views about the quality of their service.

Good luck!

I suppose Quechup took a gamble when it decided to call it "search for friends" rather than "Send Invite to All Contacts". And the deal with gambles is, sometimes you loose. Just ask millions that took ARM mortgages that will re-adjust over the next 18 months.

Of course, people like me who had never heard of Quechup - now do. So may be, its paid off. Kinda like some people will end up owning expensive homes that they couldn't otherwise have qualified for - but will have pay through their nose to keep.

Good luck, Quechup. Or may be, visit us again next year....

It states that "In no circumstances will your username or password be stored or saved." and also that "Quechup will not spam or sell addresses from your contacts." I feel like they have not kept their word. I used the feature to search for people I know who already had accounts, I had no intention to invite anyone.

Chris,

I think you've got this wrong. I didn't get stung by this -- I don't have my contacts in any online mail account -- but I would not have expected this no matter how carefully I read the Quechup statement. I think the relevant sentence is "...so you can add them to your friends network and invite non Quechup members to join you."

"You can." Not "we will" or "you must." At least to me, the implication of this sentence is that there is another decision point coming where I would decide who gets invited. You know, just like every other service I've ever seen works.

This just is not an adequate warning. The only thing remotely fishy here to me is the next sentence: "By inviting contacts you confirm you have consent from them to send an invitation." Quechup knew this was completely inappropriate and that tons of people would receive invites from folks they barely knew. And rather than clarify what was going to happen when you click the button, they chose to put a CYA disclaimer -- in effect saying, hey, you already said you had permission to send all these people an email.

Utter scumbags.

These guys must have inspired Upscoop. They let you search your contact list for people who have joined social sites. Upon doing a search they spam your entire list with a link sending them to their other website rapleaf. These guys didn't used to do it, they just changed their mind one day, and don't put this warning anywhere in their sign-in process. Blech.

I've been around the web for a long time, and I fell for this one too, because I was expecting a further screen where I could choose which contacts to invite. I guess we think we see what we expect to see. I do feel dumb, but it's good to know that I'm not the only experienced netizen who fell for this.

I'm certain that it is a delibertate policy. ZeroDegrees Inc. (Barry Diller's IAC/InterActiveCorp acquired them in 2004) had exactly the same policy and you only found out that your entire address book had been spammed when it was too late to do anything about it. I took the matter up with their then CEO, Jas Dhillon, and he gave a similarly wishy-washy explaination to the above.

It's very poor practice and really makes us users look stupid in front of our contacts, but I reckon that they've take a hard-nosed decision that ultimately while it damages YOUR credibility it does result in more sign ups for them which is of greater (overriding) importance. Yes, some individuals get very angry and un-register but so what? On average they probably have another 5 people at least sign up. If their social network grows and reaches market dominance in it's niche then those people will be back and will sign up. At the end of the day the owners of a social networking business are interested in one thing and one thing only - Market Share. They live or die by that and this late in the game you are going to get cowboys cutting corners.

I know the owners and founders of at least 3 of these businesses.

a friend of mine just reported that he skipped the part where you give them your gmail login info, but it used the cookie from his open gmail firefox tab to steal the info anyway? Any other reports of this going on?

While I do agree that I should have read the fine print it does not mean I give up the right to either delete my account or allow me change my preferences to who else I may want to join my network. In other words doing damage control. The significant problem in my opinion is that they do not say up front that it might be a dating service, I know, I know, there were questions in the sign up page that should have set off alarm bells, but yet I signed up because I believed the person who sent me the invite was savvy about spam networks and I implicitly trusted him. He's a good guy.

While some of my friends were amused, most were annoyed and some of my professional colleagues (I use this gmail a/c for my start-up) were very upset. Some who signed up because they trusted me had their gmail accounts invaded as well. This betrayal of trust is not easy to repair.

So this is where I differ with you. There is no way in hell I'll use this service, I have warned my friends not to join, and I think the Quechup/iDate owners are a bunch of bottom feeders. The fact that their application would not allow me to delete my account means that my gmail account is now hostage to their future crawling and so I delete all my contacts as soon as google/gmail creates them - very annoying. I have asked a few friends inside google to see if they can either blacklist Quechup or at the very least enable gmail user to atone for their mistakes and add a feature in "Contacts" to not automatically add names when an email is sent.

what is the appeal of yet another social networking site anyway? if you have myspace and/or facebook what would make you join Quechup? this is the first I've heard of it and while you might be working for the 'competition to quechup' and thus might be deliborately leaving out the 'amazing' features that make quechup worth joining, I don't see the point of it at all.

has social networking just become a game of being everywhere? finding as many gateway sites to your main blog as you can? This puzzles me....