7 tips to apply the 7 principles of privacy-by-design
Nowadays, privacy isn’t just a thing that you should care about because of your mom’s intromission in your room, but a more significant issue to manage in our virtual lives. In this connected world, information is more valuable than gold, making huge, medium, and small companies try to capture as much data as they could care. And they can care a lot.
Daily, we are influenced to believe that personal information sharing is trivial to have access to some services offered by brands. We give our data as soon as it is asked for, without even clarifying which will be the data usage propose. By the moment we realize it, the right to control our data is lost.
The struggle for data protection is increasing over the years because of the growth in data breaches and massive data manipulation scandals. With the coming of GDPR (European regulation law on data protection and privacy), there is an increasing concern in big companies about privacy respect. Of course, the main reason for this preoccupation is being compliant with those kinds of regulations or avoiding governmental non-compliance fines.
These measures improve our data preservation, but it doesn’t mean that it will always be safe. We can reduce this risk, even after being compliant with these kinds of regulations, by adopting a privacy-first framework. This framework, known as Privacy by Design (PbD), is about anticipating, managing, and preventing privacy issues before writing a single line of code.
To maximize the respect for privacy, we, as designers, must incorporate this value when working on our projects. Privacy by Design responsibility has been explicitly included in GDPR’s content, too, showing how important these principles have become.
The role of the designer, therefore, isn’t just being compliant with the law but also understanding the problem from the beginning, trying to comprehend the privacy issue, and how it affects everyone.
Realize that the user-centered design is also about what people don’t want to share with others. Privacy respect, besides contributing to a good experience and user’s trust, is an ethical matter, and we, as humans, should fight for this.
Driven by this kind of thought that Ann Cavolkian wrote in the ’90s, her Privacy by Design article that influenced the GDPR itself. In this article, she also defined the 7 Privacy-by-Design principles, which are good-practice directions to promote the right to privacy.
How to apply these design principles in real life?
1. Proactive, not Reactive; Preventive, not Remedial.
“It anticipates and prevents privacy-invasive events before they happen.”
In practice, it means that you, as a designer, should help people to avoid risks in your project. One way to achieve this is by putting barriers in your system in case of risky behaviors, like alerts and double-check verifications. One excellent example of this is Chrome’s alert when you try to access an insecure page. It alerts you for any potential risk and also hides the link for the page, giving more complexity to the action if you want to proceed.
In these cases, you can also use microcopies that draw the attention of the user for some potential risks. At this moment, the designer can even use messages that make users feel uncomfortable (usually not recommended in a non-risk situation) as the classical “are you sure you want to proceed?”.
Google Chrome scares you, in the same example above, writing beside the risky page link, between parenthesis, “insecure”. You will only click it if you’re courageous, right?
2. Privacy as the Default
“Privacy by Design seeks to deliver the maximum degree of privacy by ensuring that personal data are automatically protected in any given IT system or business practice.”
To respect the Privacy as Default, all you have to do is to think about your laziest user. Even if a person doesn’t raise a finger, the system should be respecting their privacy anyway.
For example, one task that most of us, designers, sooner or later, have to prototype is a consent request flow. In this case, one way to preserve this principle is not to previously check permissions. As we don’t know what can hurt the user’s privacy, we must keep, as default, every option unchecked. To have their data collected, the user must actively opt-in.
3. Privacy Embedded into Design
“Privacy is integral to the system, without diminishing functionality.”
Generally, it means we should incorporate privacy as part of the product or systems natively, not as a plugin or a flag. We should always design our products to keep people’s privacy safe. Privacy has to be in mind when building the user experience, and it should not be a secondary thought.
At In Loco, for example, we opted not to show sensitives information in our dashboard reports. There’s no need to identify people to infer tendencies. Limiting analysis only to general data, without pinpointing specific users in an analysis context, is an embedded behavior of a feature that respects privacy.
4. Full Functionality — Positive-Sum, not Zero-Sum
“Privacy by Design seeks to accommodate all legitimate interests and objectives in a positive-sum “win-win” manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made.”
This one is easy to understand but not so easy to apply. People should always have the option to deny access to their data and still be able to use the product. Of course, some features are impossible to work without specific data, so that’s okay if you can’t technically offer the service. However, don’t ever limit access to functionality by forcing your users to give their data. It is an unethical and impolite practice.
A good and clear example of full functionality is the Uber app. Even if someone doesn’t want to concede location permission, they still can ask for a car by typing the pick-up address. There’s more friction, but it still achieves the app’s usage goal.
5. End-to-End Security — Lifecycle Protection
“Strong security measures are essential to privacy, from start to finish.”
Taking care of user data is a necessary responsibility in all its lifecycle, since the capture until discard or third parties sharing. Another important factor is, as previously mentioned, that all company is susceptible to data breaches, so designers have to keep people’s stuff safe in the products they are designing. It means create obstacles to understand any leaked information using techniques, like data encryption or even better: allowing having a no-data collection loophole by providing an anonymous, or a no sign-up navigation option, if possible.
Telegram’s messages service has an exciting feature that accomplishes the end-to-end security principle: you can start a private chat that has a timer for autodestructing its content. Your curious friend will never “unintentionally” read your conversation with that secret crush.
6. Visibility and Transparency
“It’s component parts and operations remain visible and transparent, to both users and providers alike.”
Transparency is one way to make it easy. Easy to find, easy to ask, and easy to understand how your product deals with data. So, to reach this principle, avoid hiding things and invest in an easy to find privacy section. Try to use a clear and straightforward language both when asking for permission and in the privacy policy. Don’t spare explanations: your system is not better for privacy with fewer words. Also, don’t make it long and tiring. Know the public you’re communicating to pass the information better.
Huge companies, such as Apple, are investing in improving transparency on their products. iOS’s privacy settings are an excellent example of that. Other more straightforward attitudes can contribute to helping with Visibility and Transparency. This year, for instance, we rewrote In Loco’s privacy police after realizing the first one was very confusing and hard to comprehend. The number of pages decreased to less than half, and we now discriminate each type of data collected and their finality.
7. Respect for User Privacy
“Above all, Privacy by Design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options.”
This last one is a compilation of all previous principles. It is about caring for privacy and making it a priority. It is about user-centered design respecting people’s lives and choices. Summing up, it is about empathy and ethics. Remember always to make privacy an essential factor in design decisions.
I hope you can apply all of these principles in your process and products, making our lives more private and, consequently, better.
Are you interested?
If you are interested in building context-aware products through location, check out our opportunities. Also, we’d love to hear from you! Leave a comment and let us know what you would like us to talk about in the upcoming posts.
