Rethinking product in a privacy by design world

1
medium.com/@nobleackerson
@nobleackerson
Rethinking product
IN A PRIVACY BY DESIGN WORLD

View Slide

2
Hi, I’m Noble!
Recovering Startup founder, GDE,
Independent Software Engineer

View Slide

3
Sparrow

View Slide

4

View Slide

5
5
Why innovate around data privacy, why now?
Help you understand the evolving data
landscape
Provide examples via design guidelines
to support positive sum experiences
Today’s Goals

View Slide

6
EVOLVING DATA LANDSCAPE
Vulnerabilities and breaches cause
Governments to view data as a human right.
Growth In Regulations
Massive amounts of our personal data is
given up for convenience.
Growth In Data
Users don’t have to sacrifice privacy
at the expense of services.
Positive Sum Opportunities

View Slide

7
EU
379.7M Labor
Market
GDPR IS A GLOBAL STANDARD

View Slide

8
GDPR Consent Definition
“ any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a
statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”
GDPR consent guidance — https://ico.org.uk/about-the-ico/consultations/gdpr-consent-guidance/

View Slide

9
Information in profiles Allowing face recognition

View Slide

10
DEMAND FOR DATA PRIVACY CHANGES HOW WE BUILD
Progressive disclosure not only limits collection g information you might not
need. It also introduces decluttered interfaces and focuses your user.
Only collect information when you need it
Look at disclosure of what you're using your customers data for as your value
proposition. An opportunity to be transparent and earn trust.
Clearly communicate justification of storing data
Not for the sake of compliance with regulation but understanding that giving
users access to what you store provides users with additional value.
Give users agency over their data

View Slide

11
Progressive Disclosure
COLLECTING INFORMATION ONLY WHEN YOU NEED IT

View Slide

12
User visits social media monitoring app, Politifilter
1
User is prompted to login and authenticates to the Social Media Monitoring app
2
User searches content, filters the analysis they need
3
User saves report so that they can access that information again.
4
Common User Journey

View Slide

13
www.yourcompanyname.com
13

View Slide

14

View Slide

15
Clear reason why you need my data

View Slide

16
Common Design Pattern
User want’s to know about events on campus, discovers CampusEvents App
1
User registers for a Campus event web application
2
User searches events and subscribes to an up-coming event.
3
User is given a list of other events they may be interested in.
4

View Slide

17
What information is needed?
When?
Why?
IMAGE CREDIT: UI8, SAN FRANSISCO, CA

View Slide

18
BUT I JUST WANT TO USE WIFI...

View Slide

19

View Slide

20
Give me agency over my data

View Slide

21
?
Right to Access
Where would you expect to request
access or deletion of your data if
not Account?

View Slide

22
The Data Liberation Front is an engineering team at Google whose singular goal is to make it easier for users to move their data in and out of Google products. DLF’s
efforts rolled into Google current Takeout initiative. But is that enough?
Google Takeout

View Slide

23
POLYMER + FIREBASE CODE LAB
Access to info
A lens into what data
is being collected.
Contextual Features
Don’t overwhelm the user with
information all at once.
Privacy Promise
Snackbars provide brief
feedback about an
operation through a
message at the bottom
of the screen.

View Slide

24
24
PREFERENCES
C.R.U.D
ONBOARDING
DISCOVER
Is our privacy promise clearly
articulated? Is there an option to
opt out of tracking?
Are we clearly communicating
how the users data will be used? Are we diligently asking for
specific information we need?
Is there an accessible settings or
account section giving the user
agency over their data?
DISCOVER
LEARN
USE
GOAL
DATA TRANSPARENCY
CONSIDERATIONS
USER ACTION
STAGE

View Slide

25
25
INSTALL DEPENDENCIES AND INITIALIZE
console.firebase.google.com
npmjs.com/package/bower
1
2
3
4
$ npm install -g bower
$ npm install -g firebase-tools
$ touch public/manifest.json
$ touch public/louisiana-notes-app.html
$ firebase serve
PRIVACY PROMISE SNACK BAR OPT-IN
install the Bower package manager using
Node.js and NPM. The Bower package
manager will be used to install further
dependencies for the browser
BOWER
Setup CLI and initialize Firebase for your
local environment. Select the default
options you need for your apps functions.
FIREBASE

View Slide

26
26
DECLARE APP DEPENDENCIES

1
2
name="notes"
api-key="YOUR_API_KEY_HERE"
auth-domain="YOUR_AUTH_DOMAIN_HERE"
database-url="YOUR_DATABASE_URL_HERE">

3
4
Full source code on the last slide. For more information see
polymer-project.org | firebase.google.com
CONFIGURE YOUR SERVICE WORKER, FIREBASE APP, CREATE AND STYLE YOUR APP
SNACKBAR VIEW
Incorporate view into app
element.

View Slide

27
Privacy and utility are complementary.
POSITIVE-SUM, NOT ZERO-SUM
Inform your stakeholders to gain user confidence.
MAINTAIN VISIBILITY &
TRANSPARENCY
Privacy is a human right.
PRIVACY AS THE DEFAULT SETTING
Privacy, choice and access are core to
value proposition, not add ons.
EMBED PRIVACY INTO DESIGN
All data is secure at reset and in motion.
Erased when no longer required.
ENSURE END TO END SECURITY
Take action before the fact, not after it.
PROACTIVE NOT REACTIVE
It’s about the user. Not the data alone.
RESPECT USER PRIVACY
PRIVACY BY DESIGN PRINCIPLES

View Slide

28
Call to arms
What future do you want to
build for...
Agency over data or the status
quo?

View Slide

29
THANKS
QUESTIONS?
@nobleackerson @nobleackerson @stigsfoot/ Poly-Notes-with-Firebase

View Slide

Rethinking product in a privacy by design world

Rethinking product in a privacy by design world

Noble Ackerson

More Decks by Noble Ackerson

Other Decks in Technology

Featured

Transcript