Tweet
Tweet

Slide 1

Slide 1 text

TRUST UX ann wuyts @vintfalken sentiance customer experience & UX BALANCING PERSONALISATION AND PRIVACY TO CREATE UNDERSTANDING AND TRUST Strata + Hadoop World, 2015

Slide 2

Slide 2 text

HAPPY TO INTRODUCE YOU TO MY NEW BEST FRIENDS THESE THINGS KNOW ME

Slide 3

Slide 3 text

THE FOUR PHASES OF COGNIZANT COMPUTING 1. SYNC ME Store copies of my digital assets and keep it in sync across all end points and contexts 2. SEE ME Know where I am (and have been) on the internet and in the real world. Understand my mood and context to better align services 3. KNOW ME Understand what I want and need and proactively present it to me 4. BE ME Act on my behalf based on learned and explicit rules 94% COMPLETED 82% WEARABLES UPDATE 31% … LOADING DATA INITIALIZING.. 12%

Slide 4

Slide 4 text

Meanwhile, at the Apple Watch announcement, 19× Personal. relevant are you engaging at the right moment? glanceable can you deliver value in milliseconds? personal do you approach people in the right manner? EXPERIENCES FOR THE MOST PERSONAL DEVICE EVER ARE

Slide 5

Slide 5 text

No other Apple device has ever been so connected to the wearer. It is important to be mindful of this connection . Apple Watch Human Interface Design Guidelines, 2015

Slide 6

Slide 6 text

UNDERSTANDING PERSONALISATION TRUST PRIVACY H2H MACHINE-TO-HUMAN RELATIONSHIPS ARE NOW ABOUT HUMAN-TO-HUMAN VALUES M2H

Slide 7

Slide 7 text

2nd Annual Poll on How Personal Technology is Changing our Lives - January 2015, Microsoft   Concern about privacy jumped 5 points between 2014 and 2015. THE PRIVACY CHALLENGE

Slide 8

Slide 8 text

91% of adults ‘agree’ or ‘strongly agree’ that consumers have lost control over how personal information is collected and used by companies. Pew Research Privacy Panel Survey, January 2014 LOSS OF CONTROL

Slide 9

Slide 9 text

MISCOMMUNICATION People are fearful of sharing their data largely because companies and government have not been good at clearly explaining how they use it. The Data Dialog, Demos 2012

Slide 10

Slide 10 text

TERRIBLE HEADLINES In the future your insurance company will know when you are having sex. Kashmir Hill, Fusion.net - 2015

Slide 11

Slide 11 text

38% of those who say not concerned about privacy online say they do mind companies using information about them 71% of those who are happy to share personal information with companies and brands that they like are concerned about how information collected about them is being used by companies Personalisations vs Privacy, Ipsos MORI, 2014 USER INCONSISTENCY

Slide 12

Slide 12 text

THE FACEBOOK PARADOX THE FACEBOOK PARADOX 91% of adults feel consumers have lost control over how personal information is collected and used by companies. 58% of the entire adult population (and 71% of internet users) is on Facebook.

Slide 13

Slide 13 text

Having knowledge of the customer is the only durable competitive advantage for companies. Bruce Kasanoff, the author of Smart Customers, Stupid Companies

Slide 14

Slide 14 text

Increased knowledge of the consumer and the fine-tuning of offers that are perceived as personal and highly relevant should lead to an increase in spend. Gartner on the monetization of contextualization

Slide 15

Slide 15 text

DATA VALUE EXCHANGE insights in own behaviour customer insights peer comparison optimising processes & products personalisation (right message) relevance (right person, right moment) accountability (on ADDD) data driven decisions CONSUMER BUSINESS magic moon standard moon no moon value on the consumer side should be equal or more

Slide 16

Slide 16 text

privacy THE UNTRUTH UX VS The truth is that collecting information about people allows you to make significantly better products and the more information you collect, the better products you can build . Dustin Curtis, “Privacy VS. User Experience” (2014) #FALSE (or at least a very one-sighted truth)

Slide 17

Slide 17 text

Whether or not better products can be made by collecting more user data is a matter of… •  Context •  Opinion •  Causation/correlation •  Data quality (accurate? relevant? complete?) •  Define: better product MORE DATA, BETTER PRODUCTS?

Slide 18

Slide 18 text

BUSINESS VALUE CONSUMER VALUE PRIVACY GREAT UX personalisation PRIVACY AS A FUNDAMENTAL COMPONENT OF THE PRODUCT EXPERIENCE

Slide 19

Slide 19 text

PRIVACY @ SENTIANCE UX DESIGN Businesses  can  deliver  a  grand  user   experience  and  tremendous  value  to   both  customers  and  the  company,     only  if  they  safeguard  their  users’   privacy  and  security.   →

Slide 20

Slide 20 text

Niveau 1 Niveau 2 Niveau 3 aggressive driver … … waking up … city worker sleeping walking running car subway train bus boat zigzagging standing airplane* biking arriving at home, work, the gym, ... shopping lunch inactive noisy environment* in a meeting horse* @home working in company* couch potato workaholic sportive N2 moments N3 profiles N1 events watching tv motorcycle agitated* suddenly stopped tram climbing* SENTIANCE FROM MOBILE DATA TO SMART LIFE

Slide 21

Slide 21 text

why great UX requires privacy what UX & privacy have in common 10 examples to do both Privacy & UX right

Slide 22

Slide 22 text

DEFINE: PRIVACY Personal data is any information relating to an individual, whether it relates to his or her private, professional or public life.

Slide 23

Slide 23 text

(it is however, an essential requirement) SECURITY = PRIVACY “Security is a very important topic, but it’s primarily a technical topic, and to a large extent it’s a very well- understood one. If you pay attention to security, it is possible to get it right, whereas privacy is something that’s much more fluid and is much more about social norms, expectations, implicit contracts between consumers and providers.” Pilgrim Baert – co-founder of AlertMe

Slide 24

Slide 24 text

THE INTERNET OF EVERYTHING: DESIGNER ROLES ARE UNDERGOING CHANGE UX design has been extended to address all aspects of a product or service as perceived by its users – that includes the control they have of their personal dta, their privacy.

Slide 25

Slide 25 text

BEING CREDIBLE useful usable desirable credible valuable findable accessible User Experience Honeycomb (Peter Morville) credible 2004 the information you present to users 2015 taking responsibility to keep personal data safe

Slide 26

Slide 26 text

PRIVACY-BY-DESIGNER: DELIVER BOTH PERSONAL & TRUST We owe it to both our users and the people who hire us to actively think about privacy, and to implement privacy in the flows and designs we deliver. B. We need to deliver trustworthy products. A. We need to deliver great, personal experiences.

Slide 27

Slide 27 text

1. You need to fully understand the end goal (by asking the right questions) WHY Why are we doing this? What do you want to achieve? What is required to achieve this? What is the best way? WHAT WHO Who is impacted by this? What do they expect? GOAL DATA PIA

Slide 28

Slide 28 text

2. There are rules, guidelines, toolkits. (which continuously evolve) UX PRIVACY •  Apple, Android, .. design guidelines •  Interaction patterns •  Best (and worst) practice examples •  Models & frameworks •  User research methods •  Emerging trends •  … TOOLKITS: omnigraffle, illustrator, fireworks, pen & paper, … •  Existing & upcoming EU Law (GDPR) •  Local privacy act & royal decrees •  Local telecommunications law •  Privacy watchdog recommendations •  ToS of the platform (iOS, Android) •  Internal policies •  … TOOLKITS: information classification, risk assessments, privacy policies, PIA framework, …

Slide 29

Slide 29 text

2. There are rules, guidelines, toolkits. (which continuously evolve) General Data Protection Regulation EXPANDED SCOPE any organization processing personal data of EU residents PRIVACY-BY-DESIGN & DEFAULT EXPLICIT INFORMED CONSENT DATA BREACH NOTIFICATION DPA & possibly consumer DPO REQUIRED Users/month threshold or location data DATA PORTABILITY

Slide 30

Slide 30 text

3. Less is More. (value & proportionality) collection processing storing purpose PROPORTIONALITY

Slide 31

Slide 31 text

fewer data fewer less detailed shorter period in time de-idenfity asap Less is more, not just in quantity but also in identifiability & time

Slide 32

Slide 32 text

value of knowing cost of identifying IDENTIFIABILITY Why an IP an sich will no longer be personal data… (unless you are an ISP)

Slide 33

Slide 33 text

avoid when possible geohashes coarse location beware location GDPR: this is ‘special data’ → extra safety measures

Slide 34

Slide 34 text

4. You can not do it alone. (it is multi-disciplinary and cross-departmental) Privacy requires a clear mandate to get things done. Everybody accepts it is important – but not a single department has it as a priority. Have privacy as part as the project plan and estimates as soon as possible. A continuous need to explain the significance of privacy in the overall product & company picture Have privacy as a deliverable, avoids the delays & soring costs of adding it after the facts.

Slide 35

Slide 35 text

Privacy is not only a fundamental right, it can also be a competitive advantage . Neelie Kroes Conform to EU legislation? Ready for the world market, then. People can trust you with their digital identities → sets you apart from competition

Slide 36

Slide 36 text

5. The devil is the details. (and the cost of mistakes is high) •  up to 1,000,000 EUR fine or up to 2% of the annual worldwide turnover in case of an enterprise, whichever is greater (Draft GDPR, art 79) •  customers leaving •  •  customer complaints •  customers leaving UX Privacy

Slide 37

Slide 37 text

Most of these were hacked (security), but as soon as personal data leaks: Privacy & trust disaster too.

Slide 38

Slide 38 text

6. Practice Honest Communication. (from the start) Consider a breach likely – and prepare accordingly. VISA’s ‘Responding to a Data Breach – Communications Guidelines for Merchants‘ guidelines. do not play the victim express regret take ownership be accountable

Slide 39

Slide 39 text

1. What happened? (tell what you know at that time) crisis communications (works for downtime communication too) 2. What is being done *NOW*? (investigate, take systems offline, ..) 3. How does this affect your customers? (both short- and long term) 4. What are you doing to minimize risk? What can your customers do? 5. How do people get more information or updates? (folluw up) 6. What are you doing prevent this from happening again?

Slide 40

Slide 40 text

Privacy does not benefit from a “do first, ask forgiveness later” strategy. (avoid: “Hey, we just lost all this data of yours you did not we had in the first place.”) which data you gather & what for set correct expectations

Slide 41

Slide 41 text

FROM THE START: informed explicit consent (avoid: “Hey, we just lost all this data of yours you did not we had in the first place.”) clear affirmative action use plain language

Slide 42

Slide 42 text

1.  You need to fully understand the end goal – Ask the right questions 2.  There are rules, guidelines and toolkits – Rules & tools evolve. Fast. 3.  Less is more – Value & proportionality 4.  You can’t do it alone. – Multi-disciplinary and cross-departmental 5.  The devil is in the details – and the cost of mistakes high 6.  Honest communications – from the start As designers, then what can we easily do that improves both UX and privacy?

Slide 43

Slide 43 text

GOOD UX AND PRIVACY 10 examples to get it right

Slide 44

Slide 44 text

1. Design for Explicit: Opt-In By signing this contract, you agree we have the right to collect and pass on all your information. In case you do not want your bank to pass on your credit information to third partners and other divisions, please write ‘I do not agree’ on the contract and hand it over to the person behind the till. EXPLICIT EXPLICIT NOT EXPLICIT (hidden opt-out) NO YES IF YOU AGREE, PLEASE CHECK THIS BOX:

Slide 45

Slide 45 text

2. Design for Informed: No Surprises

Slide 46

Slide 46 text

3. Design for Choice: Consent In your designs and flows, take into account both having and not having the data. Design personalized experiences for when you have data. Design good alternatives for not having the data. Today will be sunny Weather for Olen, Belgium where we know you live. Check out the weather! Antwerpen

Slide 47

Slide 47 text

Privacy as a trading function Accelerometer Gyroscope Microphone Camera In-App Usage GPS Expected value User acceptance Wi-Fi Browsing History The more permissions are required, more added value is expected from the mobile app. Calendar SMS Light GSR

Slide 48

Slide 48 text

Clear & consistent, so people can trust you to point out privacy related features & settings. 4. Design for Trust

Slide 49

Slide 49 text

No content

Slide 50

Slide 50 text

5. Design for Because.. Explain your magic. When users know of the existence of a certain algorithm, their satisfaction with the product increases over time , probably as they start to understand its workings better. Yet when they discovered an algorithm they were previously unaware of, users felt betrayed.

Slide 51

Slide 51 text

Worst case scenario “In the extreme case, it may be that whenever a software developer in Menlo Park adjusts a parameter, someone somewhere wrongly starts to believe themselves to be unloved. ” – Eslami et all.

Slide 52

Slide 52 text

Because... allows people to correct you when wrong. Something we best figure out before algorithms get to act on our behalf.

Slide 53

Slide 53 text

6. Design for Transparency Show people their data selfs. If we are going to allow algorithms and expert rules to steer our behaviour, we must know they understand that correctly. Allow for: -  Correction -  Reset

Slide 54

Slide 54 text

7. Design for forming secure habits “Burner accounts” Kinja introduced these for anonymous commenting. They made private keys understandable through metaphor. “…if you lose the burner key initially issued we will not be able to retrieve this information for you or reset the account. Save your key.”

Slide 55

Slide 55 text

Reward secure behaviour Users that enable two-step security on their accounts will now receive a 10% discount off their monthly bill Mailchimp bill.

Slide 56

Slide 56 text

8. Design to encourage privacy Access duration People forget to ‘revoke’ things. Supply limited time access options: -  WeChat: discoverable for 10 minutes (default) -  LinkedIn: access duration settings (weeks → months → years)

Slide 57

Slide 57 text

9. Design for an Exit Offer Alternatives Make it easy to leave, but think about WHY people are leaving, and offer alternatives. Eg. -  “snooze” services -  less-email-option -  reset profile/account -  ..

Slide 58

Slide 58 text

10. Design with P2P privacy in mind Do you want to know if your friends are (action/mood/..) ? Do you want your friends to know if you are (action/mood/..) ? Don’t allow OK

Slide 59

Slide 59 text

We influence what is acceptable.

Slide 60

Slide 60 text

Snowden Challenge at SXSW Combine exceptional ux with privacy at INCEPTION, not afterwards “ Combine exceptional UX with privacy at inception, not afterwards.” Edward Snowden’s Challenge to Startups at SXSW

Slide 61

Slide 61 text

As the need for permanent access to data increases, so does the need for ethics & morality. Weak AI (expert systems) Strong AI (singularity) Machine Learning Deep Learning Recommender Systems Autonomous Systems Transition period (Danger Zone)

Slide 62

Slide 62 text

GOOD UX AND PRIVACY Privacy is about more than data. Privacy does not benefit from a “do first, ask forgiveness later” strategy. It’s their data. Not yours. (Safeguarding it is a joint effort, though). It is their choice. Design the best possible experience, regardless the choice.

Slide 63

Slide 63 text

HELP BUILD THE FUTURE BOLDLY. DO SO RESPONSIBLY ann wuyts @vintfalken sentiance customer experience & UX Strata + Hadoop World, 2015 Thank you.