I’ve noticed lately that I’m hesitant to install new apps on my devices and use new services online. I’ve distilled some of the reasons why this is the case.

Yet Another Account

If I have to create an account and new password, I think twice. I’ll have to remember another set of credentials. A password manager like 1Password, makes this less troublesome, but there’s still some amount of set-up.

What about when they authorize through another service like Google or Facebook? It’s nice that there’s not another password to remember, but will they require access to additional information from those accounts? If it’s more than my email and name, I’m skeptical of what they’re using it for.

Data Breaches

If they get hacked, my credentials could be stolen. One hears of huge companies getting hacked weekly, so it’s not a large jump to assume that smaller services will eventually be hacked too. Especially as their popularity increases.

If you use the same password across sites, one site’s breach can make other accounts vulnerable. One of my favorite features of 1Password is that it generates random , unique passwords. If this practice is used everywhere, a single password being stolen won’t affect your other accounts. That’s a godsend.

If the service contains other sensitive data, like billing, financial, or personal information, them getting hacked is even more of a disaster.

Information Leakage

If it’s an app on my phone, will it ask for access to sources of data like location, photos, or contacts? Some services have a legitimate use case, but it’s not always clearly communicated. This makes it hard to tell what an app will do when you grant access to a resource. Especially if they barrage you right after installing and first opening the app.

Fortunately, some developers have improved how they ask for permissions. This helps separate an invasion of privacy from what’s actually useful.

Trusting a Black Box

Software that’s closed source means no one can investigate the code to see if they’re being honest. Without this transparency, we’re stuck with believing what the company tells us. Omissions, incorrect statements, and outright lies are obvious sources of concern here.

Large corporations like Microsoft, Google, and Facebook have been exposed for doing questionable things with data they’ve collected. It’s even trickier when the company isn’t well-known.

Even More Notifications

If they’ve got a marketing team, I’m going to get a deluge of emails after I sign up. They’ll be emails to help on-board me, re-engage me after a few days use, try to convert me to a paying users, retain my dollars going forward, and generally market new features and other stuff to me.

Do I want to fill up my inbox with additional, distracting material of marginal value?

Push notifications on mobile might be even worse with all the banners, badges, lock screen appearances, and items in the notification dropdown.

Acquisition Doom

If the service is popular enough, will they get bought out? If so, will my data be owned by some faceless gigacorp? What will they do with it? Leak it to other affiliate services and do who-knows-what kind of data mining on it?

Or maybe the service will be shuttered. Great, I bought into an app, used it a lot, and now it’s gone down the drain.

If the service is kept alive, will it be in maintenance-only mode? That’s not such a bad option, but it’s typically a signal that the team and application are walking the plank. The only unknown is how long that plank is.

Monetize It All

After an acquisition or IPO, will they finally try to monetize the service? If so, what path will they choose? The seemingly-only option of advertising? I’ve reached the limits for my toleration for ad-supported services.

I have paid accounts for quite a few services, but I’m sure there’s an upper limit on how many, different services I’ll pay for. Paid accounts seem to be a hard sell in the consumer space anyway.

Even worse, will they turn my usage data into a product to be sold to anyone with a buck? The legalese-ridden terms of service and privacy policies give services enormous leeway on what they can do with the data they collect from you.

Finite Lifespan

Nothing lives forever; even if it’s enormously popular. It’s as true for companies as it is for people. Xanga was big and MySpace was even bigger. They’re still alive, sure, but they’re past their prime and hobbling along. Twitter and Facebook are the social-media-du-jour, but who will fill that role (or invent a new one) a few years down the line?

In reality, the incumbents aren’t the most worrisome thing. That title goes to the startups that rise and fall by the day. Startups live to be acquired or IPO, or die trying. Putting my trust in a service seems silly when they’ll be acqui-killed, or explode in a ball of flames once their funding runway ends. Hypergrowth seems a good model for the people running the company, but not those whom that company supposedly serves.

Data Graveyard

Using proprietary formats or giving up control of my data is unnerving. Sure, the service allows me create and put data in it, but can I ever get it out? If the service doesn’t have a way to export or backup my data, then I don’t have any control over it.

Only In; Never Out is an awful data model from a consumer standpoint. Perhaps, as the service grows, it’ll add on features to get my data out, but if it doesn’t already exist, don’t count on it.

Combine this with the finite lifespan and possibility of acquisition, and it’s risky to give sole control of my data to new services.

Conclusion

These topics run through my mind each time I consider signing up for or paying for a service. There are, of course, apps I use and find incredibly useful, even if they have downsides.

Loads of startups exist out there, with more to come. But considering the above criteria helps separate the wheat from the chaff. It’s a way to know who to support with my limited time and money.