Last Week in Tech Law and Policy, Vol. 21: Peeple – the “Yelp for people” App

(by Jim Murray, Colorado Law 2L)

“Yelp for People” is Here

This week saw the unveiling of a new app called Peeple, set to launch in November. The app bills itself as “Yelp for people.” The app provides a place for people to view and create reviews of other people. Those reviews can be submitted by anyone who knows the target’s phone number, including ex-girlfriends, former co-workers, and anyone else who may happen to come across that number.

In an interview with CNBC, one of the developers of this app labeled it as “a positivity app for positive people.” So is Yelp “a positivity app for positive people” too? Visitors to the Yelp page for a restaurant with predominantly negative reviews might say otherwise. The purpose of Yelp is not to promote happiness, but rather to provide warning flags for people interested in checking out a restaurant they have never been to before. For example:

Please, DO NOT order from here.
I am half surprised you guys have not banded together and headed down there with torches and pitchforks in hand yet.
Pizza was the worst i ever had, and was cold, and oddly shaped.

These reviews are for the unfortunate restaurant that landed on the top page of a Google result for “worst Yelp reviews ever.” One can imagine what a similar page might look like for people.

As applied to people, “cold, and oddly shaped” could double as a review from someone’s ex-boyfriend or girlfriend. Former co-workers and ex-bosses might post “Do not ever hire this person”; Internet bullies might simply say “This person should be excluded from society.”

Is Peeple really  “an online village of positivity?” The developer  replies that this platform helps some people by providing them with “better job opportunities, better networking opportunities, better dates, and better connections.” Certainly, if every review submitted was positive in nature, then that might be the result. But negative reviews are allowed, encouraged, and permanent—and some worry that worse job opportunities, worse networking opportunities, fewer dates, and lower quality connections may be the result.

Integrity Features and the Communications Decency Act

The developer maintains that there are rigorous “integrity features” in place to prevent bullying and harassment:

  1. Users must be 21 to use the site;
  2. Users must have a Facebook account;
  3. Users must make reviews under their real names;
  4. Users must affirm they actually know the person as either a personal, professional, or romantic contact;
  5. Users must have a person’s cell phone number to be able to review them; and
  6. Reviews must avoid prohibited categories of content, including profanity, sexism, and private health concerns.

Even if all of these safeguards are 100% effective, a 21-or-older user with a Facebook account who is willing to post his/her own name in the review publicly and can affirm he/she actually knew the target at some point may still post false comments about that person. In many cases, it may be difficult for Peeple to fact-check the assertions made by its members.

This inability to fact-check the submissions of users could allow Peeple to take advantage of Section 230 of the Communications Decency Act (CDA) – which provides websites that host user-generated content general immunity to prosecution (users themselves can still be sued).

Suing an anonymous poster for libel is not easy and can be impossible because of how apps and websites track users. Suing a member of Peeple might be made easier by the requirement that users post under their real names, connected to a real Facebook account. Then again, Facebook still has not figured out how to eliminate fake user accounts.

A remaining barrier to creating a negative comment about someone on Peeple is knowing his or her phone number. But it is easy for a would-be enemy to post a person’s phone number elsewhere on the Internet with a request to bomb that person’s Peeple account with negative reviews. Suddenly, strangers who are friends with the target’s enemy would satisfy Peeple’s core requirement to create a post.

The Real Privacy Concern

Peeple points out that unless users opt-in to the site, negative reviews about them will not be made public. The Washington Post reported that negative reviews are queued in a private inbox “for 48 hours in case of disputes.” After 48 hours, if no action is taken by a registered user, the negative review becomes permanent, providing it satisfied the site’s rules, but is not posted if the user does not have an account.

Even for non-users, the site’s retention policy for negative reviews leaves open the possibility of abuse. Potential users could be frightened into joining the service if Peeple sent marketing messages to individuals like “You have 100 negative reviews! Join now to dispute them!”

More generally, if Peeple retains the negative reviews of anyone who has not opted into the website, they are risking the privacy of non-users. How so? Consider what happened to iCloud, Sony, Ashley Madison,  eBay, or any company from the ever-growing list of hacked websites. When companies store private information about non-users, they run the risk of it being hacked and disseminated without the consent of non-users. If Peeple were hacked, people who had never even heard of the site would be negatively affected.

Epilogue

Hours after this post was written, various news sources are reporting that Peeple seems to have disappeared from the internet, prompting mass-speculation that it was a hoax. The founder denies all accusations of it being a hoax. Peeple’s website appears to be working for some users and not others, which could simply be a sign of heavy traffic. Time will tell whether Peeple will launch or ultimately cave in to public outrage.