PRIVACY LABEL — Part IV: Crafting a Universal Privacy System

Part IV of a blog series about privacy, and how we can raise awareness through a universal privacy label.

Illustration by CLEVER°FRANKE

Our final phase of research consisted of compiling and analyzing pre-existing visual communication systems and privacy awareness products. The aim was to see what works best when communicating complex ideas such as privacy implications.

This post provides an overview of our design process in developing a visual, universal privacy language based on our research insights and ranking system.

Before delving into the design process of our universal privacy system, it’s important to revisit why we began this project in the first place. In CLEVER°FRANKE’s smart technology initiative Sensor Lab, we’re eager to push technology to its boundaries, exploring new possibilities along the way.

Both countries where our offices are situated, the Netherlands and the United States, are among hundreds of countries around the world home to an ever increasing number of “smart cities” which collect just as much personal information about us as online services, but often with even less of our awareness or control.

There’s an overt problem today online and offline with how, why, and where our personal information is collected, processed, and used. Provoked by the current state of privacy, or lack thereof, our goal is to simplify privacy implications in the same way that Creative Commons has simplified copyright licenses or energy labels have simplified appliance energy ratings.

How can we design a standard, actionable, and universal way to inform a general audience about data collection usage and privacy?

Establishing Design Guidelines.

Having looked into already existing products which aim to address the online side of things, let’s not forget the four key takeaways we established when analyzing already existing privacy awareness products:

1. The simpler the better: More people are able to grasp a complicated concept when it’s communicated in the simplest way possible
2. Avoid further complicating the problem: Many of the solutions don’t empower users to take control of their personal data any more than without them
3. Provide a meaningful value: Labels like those for energy appliances have proven successful because when people shop for new appliances, the energy rating is one of the many other factors like price that influence their decision
4. If it works, it works: Laundry labels have proven successful because of clear industry and consumer incentives rather than legal compulsion

The only additional criteria is that since we’re aiming to design for both online and offline spaces, the form will need to be vibrant enough to stand out in an urban environment yet modular enough to be implemented digitally.

With these five principles clearly articulated, we held a design ideation workshop to quickly brainstorm concepts.

Initial Privacy Label sketches from an ideation workshop.

We had many concepts ranging from straightforward ones, explicitly visualizing our ranking system to ones more abstract, which similarly to Creative Commons, encouraged users to learn a new system to fully understand. We decided on developing two versions, one on each side of this spectrum.

After much debate, we determined that the best mediums to communicate our ranking system across digital and physical environments were a website, browser extension, and sticker design. Since others had already tried to address the online part of privacy awareness, we primarily focused on the design of sticker labels for physical environments first.

Designing the Simple Label.

For our straightforward concept, we experimented with many different layouts, color combinations, symbols, and more but ultimately decided to leave our creativity behind and stick with a familiar form.

Left: Simple label try-outs. Right: “Final” label design.

While the “final” design lacks originality, our intention was to create an instantly recognizable label for the general public within Europe. Taken out of context, we surveyed several individuals about what the label depicted. The majority immediately got the point.

Though the categories weren’t clear for those uninformed, we made the decision to highlight the ranking and utilize a QR code, pointing towards a specific page for the entity. This would provide users with additional information to learn more in case they wanted to.

Designing the Generative Label.

For our other version of the ranking label, we wanted to get more creative. We picked and chose from different sketches in our concept ideation workshop and experimented with several different concepts.

Three initial generative label visual directions.

After provoking debate with several team members, the last one seemed to have the most potential impact. The concept behind it is that at the center of the circle is our personal information and the more points earned by the entity, the more rings there are to “protect” this information.

The concept fit, but there were many visual distractions within the design. How could we lose unnecessary shapes, text, and more that took attention away from the rank, the most important element? And more importantly, how could we create a simpler, more recognizable design realistic for a sticker? We went through many iterations, removing unnecessary elements one by one.

Getting closer to a “final” generative label sticker design.

In our “final” design, we kept the elements down to the minimum we thought necessary to get the message across. The result was a new, generative symbol based on the entity’s rank.

The “final” generative Privacy Label sticker design.

Six sticker templates could be printed to distribute around Utrecht and based on experts evaluating different entities, they could be filled in by data privacy advocates or the general public interested in spreading awareness alike.

Each sticker would come with 15 white stripes on the circle depicting each of the sub-questions of the categories. If the stripe is left white, then the entity would have gained a point for that value, ultimately leading to a decentralized way for individuals interested to mark stickers accurately. That being said, there are many holes in this first version of the design, leaving plenty of room for improvement in future revisions.

Our System’s Real World Implications.

Despite the holes in this system, you can already begin to imagine what living in a world that widely implemented these labels could suggest. If you think about your daily routine, there are hundreds of possible instances in which this system could seamlessly integrate within.

When I wake up, one of the first things I do is check the news. What if it was mandatory for websites to display their privacy rank? Sites that are proud of their ranking could display their score in their header while sites with poor rankings could display it in their footers.

How our Privacy Label could look implemented on websites.

Having read the news, I hop in the shower and get dressed before biking to the train station since I’m commuting to our office. Getting on the train in the Netherlands, I have a personal card which I swipe in and out when entering the station. Since each swipe is customized to the individual, a log is kept anytime I check in and out of a station. As far as how and why that information is used, I’ve seldomly stopped to consider.

Even though I’m in a rush and don’t get to scan the QR code to see what exactly the sticker means, seeing that it said something about privacy ranking, I begin to consider taking the train from a different perspective.

When I’ve arrived in Utrecht, I swipe out of the station and quickly grab a coffee at the nearest store, Albert Heijn. Again, I see these labels on the door and think twice about entering when Jumbo, another grocery store across the street has a better rating.

Finished with my breakfast, I find the nearest trash bin to throw out my coffee cup. In Utrecht some trash bins require citizens to scan their ID before it opens. I don’t have an ID from Utrecht so I continue along searching for another trash bin, but question why my identity would be associated with the waste I throw out.

You can quickly see that if a system like this was further developed and implemented, our aim would be to provoke people to re-evaluate and think about their online and offline experiences from a new perspective. Like energy labels have added an additional criteria to shopping for appliances, this privacy rank could add an additional criteria to where we spend our time and money.

Proposed size scale for Privacy Label stickers.

Notes.

We hope that from reading this series you’ll walk away with a new perspective in your online and offline experiences. Look around your city, are there any sensors that you’ve passed dozens of times? On your daily commute, if you try counting how many sensors you can spot, how accurate do you think you are?

Most importantly, if a system like ours was implemented in your city and online bubble, would you interact with your surroundings in a different way?

Reading more
Continue reading with Part V about Next steps.

And read previous articles exploring the current state of privacy in Part I, what privacy is, why it matters and how we rank it in Part II, and visually communicating the complex ideas of privacy in Part III.

Contact
For more information please contact Gert Franke via gert@sensorlab.nl. We’re also happy to share our knowledge.

The ‘Demystifying the Smart City’ research program is supported by the Creative Industries Fund NL.