Simplicity and privacy can co-exist in good app design
Lessons from developing the Safe Queue app to help with the COVID-19 pandemic
This story was written by Dave Chura, developer of Safe Queue.
Through the COVID-19 pandemic, many of us now find ourselves trying to maintain social distancing while queueing outside establishments like shops, pharmacies and restaurants. We have to trust a lot on those around us to maintain distance and if the weather is bad, well the experience is less than delightful.
Enter Safe Queue: a web app developed for the Call for Code challenge that replaces the physical lines at these establishments with a virtual line you join from your phone, allowing you to queue from stay in the comfort and safety of your car or other safe place nearby.
And some cool news — Safe Queue is now being deployed! Learn about how Safe Queue is being implemented across Waffle Cabin establishments to keep customers socially distanced and safe as they wait in line here.
Safe Queue’s premise creates a new behavior for users, who don’t have built-in knowledge of how something like it should work. I had to make the app itself as simple as possible or users will simply not use it.
Customers join the virtual line, and the business manages the line with the same mobile web app. One primary innovation of Safe Queue is that it is based upon GPS location — you can join a virtual line (a Safe Queue) only when the app detects you are within 1,000 feet of the business. No reservations, no downloads, no registrations, no logins and no advertising — just be physically close to the business and use your phone to get in line. It takes just a few seconds. This hopefully builds on people’s expectation of what to expect when they go to a store. That is, who would expect to sign up or log in just to go to a store? Well, they don’t do so with Safe Queue. The byproduct of this is strong privacy; Safe Queue does not store any of kind of personal data that most other services will sell and/or share with third parties. There is no personal data that can be compromised when a cloud service is hacked or compromised by an insider. Furthermore, once you’re done with Safe Queue, there is nothing left behind.
Be unobtrusive
A dictum that often comes up from design gurus is the concept of the best design being invisible and ‘just working’. Dieter Rams calls this being unobtrusive. You can see it expressed in the concept of the Norman door. I approached Safe Queue this way focusing solely on only what users need to join a line using Safe Queue. I didn’t need to think about what to strip away from the design, because I didn’t start from the assumption that every service needs to collect information or that there is some reason for authentication. Granted, there is some simplicity to using 3rd party authentication like Facebook or Google but they are completely incompatible with strong privacy. With Safe Queue, no one ever has to say: ‘Why do I have to register?’ or ‘how is my data being used?’ or ‘I forgot my password’
I devised a system for Safe Queue that doesn’t require the user to authenticate. Authentication is essentially proving you are who you say you are. However, in Safe Queue it doesn’t matter who you are! It only matters that you are physically close to a store to get a place in it’s line. Furthermore, you don’t disclose anything that would require protection with a password.
However this doesn’t mean Safe Queue doesn’t have an internal notion of identity used to track users and confirm managers are legitimate. The internal notion of identity is a combination of random numbers and GPS location that produces a unique ID when the user takes their place in line, access to GPS location to ensure they don’t leave the location and a QR code issued when its your turn to enter that a manager or host at the establishment can scan for confirmation.
The conservation of complexity
I have had a long career in the design and development of enterprise-grade applications and one thing I have found — which you might want to refer to as Chura’s Law — is the “conservation of complexity.” What do I mean by this? Basically any system that you are developing will have a constant level of complexity based upon the function it is trying to achieve. The design of that system will undoubtedly include multiple elements. So (to steal from chemistry terminology) conservation of complexity states that the “sum” of the complexity of those elements is constant, regardless of design. That is, any effort to simplify one element will shift complexity to another element, essentially “conserving” complexity. In the case of Safe Queue, the app simplifies the user interface by removing a log in, but the function of identity remains and must be handled elsewhere as a unique ID for each user. Also, a store manager has ownership of a Safe Queue yet the user interface doesn’t require a password to protect that ownership. Nonetheless, ownership must still be protected through another means in another element of Safe Queue.
There are other designs of Safe Queue that have logins and passwords, but the “law” would predict they are equally complex developments. However, they are not equally attractive to users or to the market. My deliberate design choice was to hide complexity from the end user, which means there’s more work going on in the backend to deal with unique IDs, ownership, tracking, and fraud. The cost and complexity in managing user data does not go away: it just shifts from the user to the developer but this is a deliberate choice I made and I encourage others to do so.
Where simplicity meets privacy
There are a number of privacy features in Safe Queue which are born out of its apparent simplicity. To notice them, you have to imagine what is not there! There is no registration or login. Your GPS position is all that is needed to get in line. There is also no data collection or tracking or advertising. Safe Queue’s privacy policy is one sentence that simply states nothing is collected so nothing can be shared or leaked. Users don’t need to trust that we’ll keep their data private, because they never give it to us! There is one exception, which is that the user must allow the app to use GPS position because the app will not function without it. The user must trust that we will follow our privacy policy and not collect, store or share their GPS data.
I would recommend looking for ways to avoid data collection and provide alternative ways to operate without making the user enter personal data. This is exactly how I think about privacy in development. That is, does the user understand exactly why I would ask him to enter data and what I’m going to do with it? Are there alternatives that are anonymous? Think whether the data you are gathering is to make the app useful or because you want that information for your own business opportunities. If its for the latter reason, ignore it: just focus on the data the app needs and see if you can anonymize it for the end user’s peace of mind.
A growing list of use cases
Since originally being recognized as a top project in the Call for Code COVID-19 challenge in May 2020, I have talked to numerous organizations that have expressed an interest in Safe Queue. From the early list of shops and pharmacies, I have talked to agencies here in the US trying to maintain social distancing in the balloting process, especially as we enter election season here. Through the Call for Code ecosystem, I have connected with first response organizations that are interested in using the technology at evacuee centers and other places we have to gather after disasters. The simplicity of the app does mean that there are also many use cases outside of the initial purpose of helping during the COVID-19 pandemic. From queueing at a rollercoaster ride in a theme park to taking a place at a busy deli counter in a superstore, Safe Queue has an ever-growing list of uses.
Want to try it out?
If you would like to trial Safe Queue technology, either for yourself, or for an establishment that you think might have an interest, there’s no need to ask. Just go to www.safequeueweb.com and use it. No registration, no sign-up, no download, no advertising — just an App that that does exactly what it says it does and nothing else.
+++
Be sure to attend the Awards Celebration on October 13th to find out the winner of the 2020 Call for Code Global Challenge! Want to make an impact today? Get involved and contribute to an open source project today.
If you liked the story, be sure to give it a clap and follow Call for Code Daily for more tech-for-good stories!
