Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Designing Trust, Building with Privacy as a Basic Need

Designing Trust, Building with Privacy as a Basic Need

Personal data privacy is a hot-button item today because consumer trust with the services we use online is at an all-time low. For developers, tech founders, and product teams, this adversely affects the success of our products so we need to foster an environment of mutual trust and bridge the trust gap that exists today.

It can often seem overly burdensome for the software developer looking to change the world. Developers and designers may look at regulations and current trends in data privacy as negative impacts on product innovation.

This is the wrong lens by which we should look at this.

In this talk, Noble shares opportunities to innovate around the growth in data, the growth in regulations like the GDPR. He shares insights on human-centered design opportunities that can help both the independent developer or an established corporation. He presents practical examples to minimize the data you collect and best practices on asking for data in software only when it provides value for the user.

Noble Ackerson

August 22, 2019
Tweet

More Decks by Noble Ackerson

Other Decks in Technology

Transcript

  1. Designing Trust
    Positive Sum, Building with Privacy as a Basic Need

    View Slide

  2. 01 TRUST IS BROKEN (We’ve Awoken)
    02 DEFINITIONS (Rise of Data, Data Privacy, and Data Trust)
    03 CONTROL
    04 CONTEXT
    05 CHOICE
    07 RESPECT
    Contents

    View Slide

  3. Today’s Goal
    Help you understand how the evolving
    privacy landscape affects shipping code
    Provide examples via design guidelines to
    support positive sum experiences

    View Slide

  4. Hi, I’m Noble
    Product Strategy focused on
    Immersive & Emerging Tech
    @nobleackerson
    @openARCloud

    View Slide

  5. Data trust
    is broken

    View Slide

  6. A glasshole’s journey to
    data privacy awareness
    https://www.nbcnews.com/tech/tech-news/watch-where-you-point-your-head-google-glass-begs-new-flna

    View Slide

  7. no consent

    View Slide

  8. View Slide

  9. Cheap Storage & PII
    1990
    The first 5.25-inch 5MB
    hard disk drives cost more
    than $3,000
    1996
    NAND Flash Solid State
    Storage, SSD. Today’s
    cost: $90+ for 512GB to
    upwards of $4,400+ for
    3.84TB
    2013
    Western Digital HGST
    Helium-Filled Hard Drive
    (6TB) cost $350+
    2018
    Toshiba 14TB Internal
    Hard Drive costs $600+

    View Slide

  10. Rise data privacy awareness

    View Slide

  11. 0
    Definitions

    View Slide

  12. trust = data
    transparency +
    value delivery +
    consequence
    acceptance

    View Slide

  13. Positive Sum Opportunities
    Vulnerabilities and breaches
    cause Governments to view
    data as a human right.
    Growth In Regulations
    Massive amounts of our
    personal data is given up
    for convenience.
    Growth In Data
    Evolving Data Privacy Landscape

    View Slide

  14. privacy =
    control +
    context +
    choice + respect

    View Slide

  15. RESPECT
    GOAL
    Are we proactive about being
    data minimalists and do we do
    enough to secure and purge
    data.
    USE
    Are there accessible settings
    or an account section giving
    the user agency over their
    data?
    CONTROL
    CHOICE
    LEARN
    Is our privacy promise clearly
    articulated? Is there an option
    to opt out of tracking?
    Privacy in your Design Process
    TRANSPARENCY
    CONSIDERATIONS
    DESIGN STAGE
    Key Measure
    ONBOARDING STAGE
    DISCOVER
    Are we clearly communicating
    how the users data will be
    used?
    CONTEXT

    View Slide

  16. Context

    View Slide

  17. Clear reason why you need my data
    CONTEXT

    View Slide

  18. ALLOWING FACIAL RECOGNITION

    View Slide

  19. The Data Liberation Front was an engineering team at Google whose singular goal is to make it easier for users to move their
    data in and out of Google products. DLF’s efforts rolled into Google current Takeout initiative.
    “Liberate” the data

    View Slide

  20. Positive
    Sum
    Opportunities

    View Slide

  21. View Slide

  22. Choice

    View Slide

  23. Give me agency over my data

    View Slide

  24. ?
    Right to Access
    Where would you expect to request
    access or deletion of your data if not
    Account?

    View Slide

  25. Progressive
    disclosure
    COLLECTING INFORMATION ONLY WHEN YOU NEED IT

    View Slide

  26. 26
    Credit: Shpetim Ujkani via DRIBBLE
    1
    2

    View Slide

  27. Control

    View Slide

  28. 19,972
    To read or not to read
    Terms & Condition
    words via
    Apple iTunes

    View Slide

  29. View Slide

  30. www.lynxfit.com

    View Slide

  31. www.lynxfit.com

    View Slide

  32. www.lynxfit.com

    View Slide

  33. Respect

    View Slide

  34. Security and privacy
    DESIGN TO MAKE IT EASY TO KNOW WHAT'S GOING ON

    View Slide

  35. Privacy by design and
    zero trust

    View Slide

  36. Credit: https://dribbble.com/maserafi
    Differential Privacy

    View Slide

  37. Differential Privacy

    View Slide

  38. Privacy and utility are complementary.
    POSITIVE-SUM, NOT ZERO-SUM
    Inform your stakeholders to gain user
    confidence.
    MAINTAIN VISIBILITY &
    TRANSPARENCY
    Privacy is a human right.
    PRIVACY AS THE DEFAULT SETTING
    PRIVACY BY DESIGN PRINCIPLES
    Privacy, choice and access are core to value
    proposition, not add ons.
    EMBED PRIVACY INTO DESIGN
    All data is secure at rest and in motion.
    Erased when no longer required.
    ENSURE END TO END SECURITY
    Take action before the fact, not after it.
    PROACTIVE NOT REACTIVE
    It’s about the user. Not the data alone.
    RESPECT USER PRIVACY

    View Slide

  39. classified
    classified

    View Slide

  40. Data Trust, the sum of data transparency, value delivery, and consequence acceptance
    Key Takeaways
    Help you understand how
    the evolving privacy
    landscape affects shipping
    code
    CONTEXT
    How to address your
    users’ growing need for
    control over their data
    CONTROL
    Provide examples via
    design guidelines to
    support positive sum
    experiences
    CHOICE

    View Slide

  41. ...and respect

    View Slide

  42. What future do you want to build
    for...
    Agency over data or the status quo?
    Call to arms
    Credit: https://dribbble.com/napsys

    View Slide

  43. @nobleackerson @nobleackerson @stigsfoot
    youtube.com/c/nobleackerson
    Thanks!

    View Slide

  44. View Slide

  45. users of our products care about their data
    entrepreneurial activities differ substantially depending on the type of
    organization and creativity involved. entrepreneurship ranges in scale from
    solo. entrepreneurial activities differ
    growth in user data
    entrepreneurial activities differ substantially depending on the type of
    organization and creativity involved. entrepreneurship ranges in scale from
    solo. entrepreneurial activities differ
    company’s competitive advantage to hold on to data
    entrepreneurial activities differ substantially depending on the type of
    organization and creativity involved. entrepreneurship ranges in scale from solo.
    entrepreneurial activities differ
    company’s face rising legal data governance risks
    entrepreneurial activities differ substantially depending on the type of
    organization and creativity involved. entrepreneurship ranges in scale from
    solo. entrepreneurial activities differ
    increase in data privacy standards
    entrepreneurial activities differ substantially depending on the type of
    organization and creativity involved. entrepreneurship ranges in scale from
    solo. entrepreneurial activities differ
    growth in data privacy regulations
    entrepreneurial activities differ substantially depending on the type of
    organization and creativity involved. entrepreneurship ranges in scale from
    solo. entrepreneurial activities differ
    Push & pull

    View Slide

  46. This presentation was made possible through extensive research by the following entities and individuals
    Acknowledgements
    ● 2002 European Union ePrivacy Directive
    ● General Data Protection Regulation
    ● IEEE Standards PDP Working Group
    ● Dr. Anne Kevorkian - Privacy by Design
    ● Nathan Kinch - Founding Partner, Greater than X
    ● Clayton Christensen (Jobs to be done) - The Christensen Institute
    Standards and regulations
    Influencers and individuals R T
    G
    I
    S
    E
    D
    T U
    N
    ● Noun project
    ● Dribble (dribble.com/napsys)
    ● TensorFlow Privacy - https://github.com/tensorflow/privacy
    ● Envato Market (Graphic River user Mo_Np)
    Assets and resources

    View Slide