Designing Trust: Context, Choice, Control...and Respect

Designing Trust
Control, Context, Choice...and Respect!
prepared for Fluxible 2019

View Slide

Today’s Goal
Help you understand how the evolving
privacy landscape affects shipping code
Provide examples via design guidelines to
support positive sum experiences

View Slide

Hi, I’m Noble
Product Strategy focused on
Web, Immersive, & Emerging Tech
We’re hiring! @nobleackerson @nobleackerson @stigsfoot

View Slide

Back to the future
1990
Static content
2010
Interactivity
2019
Smart agents
2025
Smarter personalized
agents
“Thanks, Gartner
Innovation trigger Peak of inflated
expectations
Trough of
Disillusionment
Plateau of great data
stewardship

View Slide

privacy =
context +
choice +
control + respect

View Slide

trust = data
transparency +
value delivery +
consequence
acceptance

View Slide

● Names
● Addresses
● Email addresses
● IP Addresses
● National ID #
● Banking information
● Social media posts
● Photos
● Medical Information
● PII of Children
PERSONAL DATA
Data elements that are not privileged under the GDPR,
but release would not require notiﬁcation or cause
individuals drastic harm. For example
● Place of Birth
● Mother's Maiden Name
● Photograph
● Race/Ethnicity
SENSITIVE DATA
Data Categories

View Slide

Back to the future
1990
Innovation trigger
2010 2019 2025

View Slide

Data retention
$3000
5MB

View Slide

2019 2025
Back to the future
1990
Innovation trigger
2010
Peak of inflated
expectations

View Slide

View Slide

A glasshole’s journey to
data privacy awareness
https://www.nbcnews.com/tech/tech-news/watch-where-you-point-your-head-google-glass-begs-new-flna

View Slide

no consent

View Slide

Security vs. Privacy
ON BEING GOOD STEWARDS OF USER DATA

View Slide

Minimize Data

View Slide

Zero Trust
Humans
Data
Applications

View Slide

2025
Back to the future
1990
Innovation trigger
2010
Peak of inflated
expectations
2019
Trough of
Disillusionment

View Slide

Data trust is broken

View Slide

Positive Sum Opportunities
Vulnerabilities and breaches
cause Governments to view
data as a human right.
Growth In Regulations
Massive amounts of our
personal data is given up
for convenience.
Growth In Data
Evolving Data Privacy Landscape

View Slide

Credit: Wired: Guide to Personal Data

View Slide

View Slide

CONTEXT CHOICE CONTROL
Adapt design for trust

View Slide

View Slide

Clear reason why you need my data
CONTEXT

View Slide

19,972
To read or not to read
Apple iTunes Terms &
Conditions word count

View Slide

View Slide

ALLOWING FACIAL RECOGNITION

View Slide

View Slide

32
1 2
Credit: Shpetim Ujkani via DRIBBLE
Progressive disclosure

View Slide

Give me agency over my data
CHOICE: THE RIGHTS TO RECTIFICATION, DELETION, AND INFORMATION

View Slide

?
Right to Access
Where would you expect to request
access or deletion of your data if not
Account?

View Slide

The Data Liberation Front was an engineering team at Google whose singular goal is to make it easier for users to move their
data in and out of Google products. DLF’s efforts rolled into Google current Takeout initiative.
“Liberate” the data

View Slide

Easy access to my data
CONTROL

View Slide

www.lynxﬁt.com

View Slide

OneTrust, CookieBot, Nymity, etc.
Image Credit: Siddarth Kengadran - Dribbble
Choice and control for users
Privacy Promise Banner or Dialog

View Slide

Privacy integrated throughout
Initial
Insight
Plan
Ship &
Respect
Discovery Delivery
Ideation/Generation
Iterative design
Definitions/Requirem
ents
Im
plem
entation
Research
Data
Discovery
Risk
Assessment
Remediation
Plans
Data
Cataloging
Product
Integration
Build
User Tests
Prototype
Solution
Refine

View Slide

RESPECT
GOAL
Are we proactive about being
data minimalists and do we do
enough to secure and purge
data.
USE
Are there accessible settings
or an account section giving
the user agency over their
data?
CONTROL
CHOICE
LEARN
Is our privacy promise clearly
articulated? Is there an option
to opt out of tracking?
Privacy in your Design Process
TRANSPARENCY
CONSIDERATIONS
DESIGN STAGE
Key Measure
ONBOARDING STAGE
DISCOVER
Are we clearly communicating
how the users data will be
used?
CONTEXT

View Slide

Back to the future
1990
Innovation trigger
2010
Peak of inflated
expectations
2019
Trough of
Disillusionment
2025
Plateau of great data
stewardship

View Slide

View Slide

Try it out github.com/google/differential-privacy/
Respect
Differential privacy allows you
to send back aggregate
patterns of datasets without
PII or PHI

View Slide

Context
What does your role as
product practitioners look like
when your users command
their own terms and
conditions?
Credit NEURALINK

View Slide

Choice
What does your user
experience look like when your
customer has the agency to
give up only the data they are
comfortable with?
Your life feed
Credit Tanner Wayment - Dribbble

View Slide

...and respect

View Slide

classified
classified

View Slide

KEEP CALM
AND
ASK CONSENT

View Slide

What future do you want to build for...
Agency over data or the status quo?
Call to arms
Credit: https://dribbble.com/napsys

View Slide

This presentation was made possible through extensive research by the following entities and individuals
Acknowledgements
● 2002 European Union ePrivacy Directive
● General Data Protection Regulation
● IEEE Standards PDP Working Group
● NIST Privacy Framework
● Dr. Anne Kevorkian - Privacy by Design
● Nathan Kinch - Founding Partner, Greater than X
● Clayton Christensen (Jobs to be done) - The Christensen Institute
Standards and regulations
Inﬂuencers and individuals R T
G
I
S
E
D
T U
N
● Noun project
● Dribble (dribble.com/napsys)
● TensorFlow Privacy - https://github.com/tensorflow/privacy
● Envato Market (Graphic River user Mo_Np)
Assets and resources

View Slide

View Slide

@nobleackerson @nobleackerson @stigsfoot
youtube.com/c/nobleackerson
Thanks!

View Slide

Privacy and utility are complementary.
POSITIVE-SUM, NOT ZERO-SUM
Inform your stakeholders to gain user
confidence.
MAINTAIN VISIBILITY &
TRANSPARENCY
Privacy is a human right.
PRIVACY AS THE DEFAULT SETTING
PRIVACY BY DESIGN PRINCIPLES
Privacy, choice and access are core to value
proposition, not add ons.
EMBED PRIVACY INTO DESIGN
All data is secure at rest and in motion.
Erased when no longer required.
ENSURE END TO END SECURITY
Take action before the fact, not after it.
PROACTIVE NOT REACTIVE
It’s about the user. Not the data alone.
RESPECT USER PRIVACY

View Slide

users of our products care about their data
entrepreneurial activities differ substantially depending on the type of
organization and creativity involved. entrepreneurship ranges in scale from
solo. entrepreneurial activities differ
growth in user data
company’s competitive advantage to hold on to data
organization and creativity involved. entrepreneurship ranges in scale from solo.
entrepreneurial activities differ
company’s face rising legal data governance risks
increase in data privacy standards
growth in data privacy regulations
Push & pull

View Slide

Credit: Wired: Guide to Personal Data

View Slide

Designing Trust: Context, Choice, Control...and Respect

Designing Trust: Context, Choice, Control...and Respect

Noble Ackerson

More Decks by Noble Ackerson

Other Decks in Technology

Featured

Transcript