Usability Professionals Don't Care About Privacy

Usability Professionals Don’t Care About Privacy (but we should) Nika Smith, User Experience Consultant Prepared for InfoCamp Seattle 2008

cloud computing

software as a service

the social web

“ Nothing you do ever goes away, and nothing you do ever escapes notice… There isn’t any privacy, get over it ”

“ Nothing you do ever goes away, and nothing you do ever escapes notice… There isn’t any privacy, get over it Vint Cerf, Internet Evangelist Google ”

60% of users are not worried about the information available about them online

1. Users often don’t read

1. Users often don’t read Dialog boxes Privacy policies Instructions Warnings

2. UIs for managing privacy settings are often painful to use

standards

Notice / Awareness Choice / Consent Access / Participation Integrity / Security Enforcement / Redress

4 major principles: 1. Support awareness and notification 2. Ask for consent and offer choices for participation 3. Offer granular levels of control 4. Protect the user from harm

1. Support awareness and notification
Uses clear and consistent terminology
Makes the user’s current privacy settings visible throughout the system
Provides help from anywhere

Makes privacy policies available from anywhere
Ensures privacy policies are accessible to all users
Displays changes to privacy policies, settings, and defaults prominently

Discloses what information can or will be made public BEFORE the user enters or submits it
Discloses who has access to user’s information
Discloses how information the user provides will be used

2. Ask for consent and offer choices for participation
Obtains informed consent before collecting and using private information
Obtains consent before transferring or making available information to others

2. Ask for consent and offer choices for participation
Defaults to the highest level of privacy and protection
Provides an opt-out at any time, without penalizing the user
Opt-out applies to all previous actions and previously-entered information

3. Offer granular levels of control
Allows user to view and modify settings at any time
Gives the user a preview of how information will be used before saving
Allows user to modify personal information at any time
Allows user to delete and restrict access to information at any time

4. Protect the user from harm
Uses secure protocols for transmitting personal information
Clearly warns the user of privacy-invading actions they are attempting to take
Refrains from offering any seriously harmful or destructive options

Thoughts?

Usability Professionals Don't Care About Privacy

by Nika Smith on Sep 28, 2008

Accessibility

Categories

Tags

Upload Details

Usage Rights

1 Embed 1

Statistics

Usability Professionals Don’t Care About Privacy — Presentation Transcript