Practice privacy by design, not privacy by disaster!
See the talk here: http://caseorganic.com/articles/2014/02/12/1/designing-for-privacy-in-mobile-and-web-apps-at-interaction-14-in-amsterdam
Almost every application requires some gathering of personal data today. Where that data is stored, who has access to it, and what is done with that data later on is becoming increasingly important as more and more of our data lives online today. Privacy disasters are costly and can be devastating to a company. UX designers and developers need to have a framework for protecting user data, communicating it to users, and making sure that the entire process is smoothly handled.
This talk covers best practices for designing web and mobile apps with the privacy of individual users in mind. Privacy has been an even bigger issue with location-based apps, and we ran into it head-first when we began work on Geoloqi (now part of Esri). Designing an interface that made one's personal empowering instead of creepy was our goal. The stories from our design decisions with our application will also be included in this talk.
10. caseorganic.com
Privacy on the Web
Old Web:
Social silos don't exist. Where you go on
the web is not tracked
New Web:
Logged into FB, Google: everything you
look at is tracked
11. caseorganic.com
“We invest much of our lives into
virtual ‘condos’ that anyone can
walk into and do what they like.”
-@rahulsen79
14. caseorganic.com
How can we design for
privacy?
1. Temporary Solution (Privacy by Design)
2. Longer term Solution (Data Ownership)
Privacy by Design: Ann Cavoukian, Ph.D. Information & Privacy
Commissioner, Ontario, Canada. http://www.privacybydesign.ca/
23. caseorganic.com
Half of privacy is perceived
The idea of privacy is socially created and
attached to behavioral norms.
Behavior can change when norms change.
27. caseorganic.com
1. Get a privacy policy
Privacy policies are regret
management tools.
Only 30% of mobile app
developers have one.
28. caseorganic.com
Minimum Viable Privacy Policy:
Who you are (identity and contact details),
Categories of personal data the app wants to
collect/process,
Why the data processing is necessary (for what
precise purposes),
Whether data will be disclosed to which third
parties
Data withdrawal rights and account deletion policy
https://www.iubenda.com/blog/2013/06/10/the-need-for-privacy-policies-in-mobile-apps-an-overview/
29. caseorganic.com
2. Simplify and Consolidate
Privacy policies should be easy
to understand
Create two sections – Plain Text
and Legalese
30. caseorganic.com
Terms of Service; Didn't Read
MEDIUM
Reserves the right to use your name and content for
any purpose forever, even if they get acquired in
the future.
Wikia
Communities don't own their content and can't
transfer it off their site.
tosdr.org (thanks bret.io!)
34. caseorganic.com
4. Privacy by design vs. privacy by
disaster
Privacy consideration should be
incorporated into every aspect of
your app.
Web, legal, user experience, messaging,
marketing and development.
Act now or be forced to act later.
37. caseorganic.com
7. No one is perfect
Hosting user data is a
privilege, not a right
Apologize immediately if
you make a mistake. Fix
the problem immediately
41. caseorganic.com
10. Be Clever: Accomplish your
goals in the least amount of
moves*
*even/especially if it takes more time
to think about the solution.
45. caseorganic.com
Own your own data
Build your own website
Use social networks for
distribution
Web frameworks will emerge
that will make this easier
51. caseorganic.com
Picking up from where 2003
left off
. Need a way to own our data
1. Learn and improve on what
we're doing!
2. Just implement something
52. caseorganic.com
POSSE
Publish (on your) Own Site, Syndicate
Elsewhere
Tweet is published to your own site and sent by
your domain to Twitter
indiewebcamp.com/POSSE
57. caseorganic.com
Why do we need an IndieWeb?
Afraid of losing your photos and files
1 Frozen account due to violated TOS
2 Lost content due to acquisition
3 Silos profiting off your data
4 The ability to create again
indiewebcamp.com/why
59. caseorganic.com
Freedom!
The freedom to decide what content and
what types of content to publish, and to
store over time
Control your UI/UX – you decide
Own your content forever
indiewebcamp.com/why
60. caseorganic.com
Homestead, don't Sharecrop!
A home for your data
•
Your blog becomes a creative outlet
for you + learning place for new stuff
•
Hyperlinks on the open web, giving
web back its richness
www.onebigfluke.com/2012/07/focusing-on-positives-why-i-have-my-own.html