How can we use icons to communicate about security and privacy? An IconLocal event

Given that the protections security tools offer to users are nearly unique to them, it would make sense that these tools would use different graphics and terms to communicate to users these protections. A number of people and projects have proposed icons and other graphics to communicate security concepts. At the moment, these have not been widely adopted, standardized, or tested with users.

In an attempt to make graphics more consistent across secure tool projects, and to improve icons’ ability to communicate things users need to hear, OpenITP’s Secure User Practices (SUP) project is preparing an event for Friday, March 6 at the Circumvention Tech Festival. This will be an IconLocal, an icon-development event in the style of the Noun Project (a community effort to collaboratively develop Creative-Commons-licensed icons). Anyone is welcome to attend!

IconLocal events are organized to develop icons to express particular ideas or “referents.” To prepare for the event, we gathered both existing proposals for graphics and attempts to communicate the characteristics of security software to users. We identified referents these projects had in common — concepts like “this software protects your identity” or “this software is only using wifi.” The projects we considered included:

and icons proposed by

The list of referents this produced was really, really long. It was also full of concepts which are too technical (or phrased too technically) for most users, like “this tool does not throttle or cap data usage” or “the architecture used here is decentralized.” So how could we narrow the list down to the most important concepts? Which would those be?

Trainers of journalists and activists have a well-tested sense of which ideas are easy and hard to communicate to software users. We asked trainers which concepts they thought were most important to try to communicate to users, which ones they thought users would be seeking out, and which were not important to explain. Two trainers cited keys, in particular, as hard to explain to users. One said missing, expired, and revoked keys were “all just ‘bad key’ to the user, ideally.” Forward secrecy, decentralization, and throttling/capping were all cited as too confusing.

User personas — refined, anonymized, aggregate descriptions of particular users and the situations they face — have also been useful to identifying specific actions or qualities that users would want from the software. Short user stories, in the format “As an X, I want to Y, because Z,” are particularly useful in expressing users’ needs clearly.

The following list of referents is the result of taking the original long list, running it by trainers, and comparing it to user personas. We will develop icons for these concepts at the IconLocal.

  • Protects/reveals/tracks your identity
  • Protects/reveals/tracks your location
  • Protects/reveals/tracks your contacts
  • On my device
  • On a server
  • Data in transit
  • Identity un/verified
  • This message will be encrypted/clear
  • Data stored on this device is encrypted/clear
  • Data transmitted is encrypted/clear
  • Data stored remotely is encrypted/clear
  • Data will be kept X length of time
  • Data will be sold or shared
  • Destroy sensitive information
  • Emergency contact
  • Malware
  • Spy
  • Your half of the secret
  • Their half of the secret
  • Bad secret

While the icons we will develop to communicate these concepts should give developers a tool to get a message across more quickly and easily, they are not a magic bullet. Usability research has identified the following drawbacks in using icons to communicate:

  • Physical objects differ greatly worldwide; for example, mailboxes and houses.
  • Physical objects drift in or lose meaning over time (and there have been some great observations about the drift in icons meaning “voicemail” or “save,” for example)
  • There’s always the danger that you’ll invent a symbol that someone already used for something else.
  • Icons on their own are not recognized as quickly as icons with a text label.
  • It takes users a while to learn the meaning of a new icon. Once they’ve learned it, though, an icon can be a powerful means to help users carry their understanding to other tools.
  • Icons have to be able to scale to different sizes, some of them only a few pixels in size (presenting a particular challenge to the icons previously proposed by Mozilla).

We will try to be attentive to these issues as we design new icons at the IconLocal, and in the follow-up process, which will involve refining the graphics. Additionally, we may do user tests on icons, for which user research offers a number of existing tools. User tests can give a sense of how likely it is that users will misunderstand the meaning of an icon, illuminate how they would explain an icon to their peers, or measure how long it takes users to recognize an icon.