Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

UXPA 2019 Validating GDPR and User Privacy Best Practices with UX Influencers and Users

87 views

Published on

The recently launched European General Data Protection Regulations (GDPR) attempt to set new standards for how companies collect, store, manage, and use information about their users. It’s designed to provide more transparency and ensure greater control of user data, by users. But how do users perceive how well social media, e-commerce, and financial services companies are managing this now? How well can users find, understand, and manipulate their own data privacy settings? What do UX industry leaders and key UX influencers believe are the right ways to design and implement a user interface for data privacy controls? And most importantly, how well do user expectations and their actual results line up with what those leaders and influencers say?

  • Be the first to comment

UXPA 2019 Validating GDPR and User Privacy Best Practices with UX Influencers and Users

  1. 1. @AnswerLab / #UXPA2019 UX Dimensions of Data Privacy and GDPR Validating GDPR and user privacy best practices with UX influencers and users AnswerLab @_bobberry Bob Berry Principal UX Researcher
  2. 2. @AnswerLab / #UXPA2019 2 Why are you here?
  3. 3. @AnswerLab / #UXPA2019 OBJECTIVES: Data privacy, GDPR, and UX - where are we, how did we get here, where are we going? 3 … and a challenge.
  4. 4. @AnswerLab / #UXPA2019 AGENDA How did we get here? • What is GDPR? • Why UX, GDPR, and data privacy? Where are we? • Our studies with users, influencers • Key Findings • User Experience Best Practices • Business Best Practices Where are we headed? 4
  5. 5. @AnswerLab / #UXPA2019 5 Bob Berry Principal UX Researcher AnswerLab since 2017 BS Computer Science / Math 25ish years in UX, e-learning @_bobberry AnswerLab.com
  6. 6. @AnswerLab / #UXPA2019 6CONFIDENTIAL Experience
  7. 7. @AnswerLab / #UXPA2019 7CONFIDENTIAL
  8. 8. @AnswerLab / #UXPA2019 8 GDPR? What is
  9. 9. @AnswerLab / #UXPA2019 What is GDPR? The General Data Protection Regulation 9https://eugdpr.org/
  10. 10. @AnswerLab / #UXPA2019 What are the major components of GDPR? 10 1. Consent 2. Right to Access 3. Right to be Forgotten 4. Data Portability 5. Privacy by Design 6. Territorial Scope 7. Data Protection Officers 8. Breach Notification 9. Penalties @AnswerLab / #UXPA2019
  11. 11. @AnswerLab / #UXPA2019 What are the major components of GDPR? 11 1. Consent 2. Right to Access 3. Right to be Forgotten 4. Data Portability 5. Privacy by Design 6. Territorial Scope 7. Data Protection Officers 8. Breach Notification 9. Penalties @AnswerLab / #UXPA2019
  12. 12. @AnswerLab / #UXPA2019 12 GDPR Data privacy issues Data-driven behavioral predictive analytics @AnswerLab / #UXPA2019 Governance
  13. 13. @AnswerLab / #UXPA2019 What does GDPR have to do with the U.S.? 13
  14. 14. @AnswerLab / #UXPA2019 What does GDPR have to do with UX? 14
  15. 15. @AnswerLab / #UXPA2019 15 The goals of UX and behavioral analytics are What does data privacy have to do with UX? virtually identical
  16. 16. @AnswerLab / #UXPA2019 16 GDPR Data privacy issues Data-driven behavioral predictive analytics Influence users UX @AnswerLab / #UXPA2019 Governance
  17. 17. @AnswerLab / #UXPA2019 17 The user What does data privacy have to do with UX? encounters both experiences
  18. 18. @AnswerLab / #UXPA2019 18
  19. 19. @AnswerLab / #UXPA2019 19 We need to guidecompliance What does data privacy have to do with UX?
  20. 20. @AnswerLab / #UXPA2019 20 We create & validate effective data privacy controls and experiences What does data privacy have to do with UX?
  21. 21. @AnswerLab / #UXPA2019 21 We lead the future What does data privacy have to do with UX?
  22. 22. @AnswerLab / #UXPA2019 22 DO The Right Thing What does data privacy have to do with UX?
  23. 23. @AnswerLab / #UXPA2019 Studies and Methodologies 23
  24. 24. @AnswerLab / #UXPA2019 Phase One Results: 3 Levels of User Awareness 24@AnswerLab / #UXPA2019
  25. 25. @AnswerLab / #UXPA2019 25 Phase One Results: 8 Recommendations
  26. 26. @AnswerLab / #UXPA2019 Study Phase One: Spring 2018 26 GDPR Education https://www.answerlab.com/insights/gdpr @AnswerLab / #UXPA2019
  27. 27. @AnswerLab / #UXPA2019 Study Phase Two: Spring 2019 27 Influencers 22 End Users Internal studies Internal experts Secondary research @AnswerLab / #UXPA2019
  28. 28. @AnswerLab / #UXPA2019 Major Findings Phase Two 28
  29. 29. @AnswerLab / #UXPA2019 29 Almost no users are aware of GDPR, And many are not knowledgeable on privacy @AnswerLab / #UXPA2019
  30. 30. @AnswerLab / #UXPA2019 30 In a study on online skills, Privacy was one of 20 topics - but rated the lowest on: • Maintaining privacy • Understanding policies • Ease of changing settings • Confidence in settings • Trust in online services @AnswerLab / #UXPA2019
  31. 31. @AnswerLab / #UXPA2019 31 The Gap Widens between predictive analytics and users’ knowledge, tolerance, and engagement @AnswerLab / #UXPA2019
  32. 32. @AnswerLab / #UXPA2019 32 Why? Users see little or no value, or opt out due to fear and suspicion @AnswerLab / #UXPA2019
  33. 33. @AnswerLab / #UXPA2019 Forgot to opt-in to notifications 33
  34. 34. @AnswerLab / #UXPA2019 34 Effectiveness of data makes people think of eavesdropping and in other cases, what they see is totally irrelevant @AnswerLab / #UXPA2019
  35. 35. @AnswerLab / #UXPA2019 35 Savvy users control their privacy via their behavior, not just their privacy settings @AnswerLab / #UXPA2019
  36. 36. @AnswerLab / #UXPA2019 Power User 36 • Wary of stalking • Checks in after leaving • Keeps it vague • Keeps it anonymous
  37. 37. @AnswerLab / #UXPA2019 37 CHANGES are coming in the U.S. @AnswerLab / #UXPA2019
  38. 38. @AnswerLab / #UXPA2019 38 Best practices start in the operation @AnswerLab / #UXPA2019
  39. 39. @AnswerLab / #UXPA2019 39 Data is more valuable than product, and ‘people have become the product’ One product transaction may be worth $100. An algorithm derived from 1,000,000 user choices that can cause 10,000 users to buy that $100 product is worth $1M! @AnswerLab / #UXPA2019
  40. 40. @AnswerLab / #UXPA2019 40 Overlapping intent of UX and behavioral predictive analytics @AnswerLab / #UXPA2019
  41. 41. @AnswerLab / #UXPA2019 41 Have you changed your behavior?
  42. 42. @AnswerLab / #UXPA2019 How do users react? 42@AnswerLab / #UXPA2019
  43. 43. @AnswerLab / #UXPA2019 43 general attitudes ”Where does this end, and how extensive is it?” ”I don’t mind ads but don’t want to be inundated.” ”Social media is more of a concern. They provide their service for free, so we are the product.” ”When I’m done searching for it, I don’t want to see it anymore.” ”I’m overwhelmed. It’s too much.” ”I’m busy so not real motivated.”
  44. 44. @AnswerLab / #UXPA2019 44 acceptance “That ship has sailed.” ”There’s not too much I can do about it.” “Need to accept a lack of privacy to get the convenience.” “Accept that they’ll use your data, or don’t use their system.”
  45. 45. @AnswerLab / #UXPA2019 45 control ”I have not figured out how to control this. It’s beyond me.” ”Eventually, they will change it and force me to do it again.” ”I’m trying to be proactive about my future, and I don’t see how. It’s all history.” ”Don’t tell me what you think I should be reading or interested in.” ”I prefer companies that leave me alone. I want a choice.”
  46. 46. @AnswerLab / #UXPA2019 46 trust “They say it’s secure, but you’re never 100% sure.” “Negative things could happen and I might not know.” ”Companies will always choose their bottom line.” “What do they mean extra secure? What is less secure?”
  47. 47. @AnswerLab / #UXPA2019 Users’ reactions to their own data privacy 47 aware care attempt find notice understand act succeed trust reflect
  48. 48. @AnswerLab / #UXPA2019 48 Most of these are theoretical to users track my history see relevant content get personal offers see better reviews Potential Benefits for Users get better service discover interests meet new friends save life events
  49. 49. @AnswerLab / #UXPA2019 49 How can we, as UX professionals, enhance this? track my history see relevant content get personal offers see better reviews Potential Benefits for Users get better service discover interests meet new friends save life events
  50. 50. @AnswerLab / #UXPA2019 Best Practices 50 1. User Experience 2. Business @AnswerLab / #UXPA2019
  51. 51. @AnswerLab / #UXPA2019 Know your users: Create personas and maps 51 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  52. 52. @AnswerLab / #UXPA2019 Know your touchpoints: do an omni- channel audit 52 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  53. 53. @AnswerLab / #UXPA2019 Integrate the UX and the analytics experience 53 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  54. 54. @AnswerLab / #UXPA2019 54 USER EXPERIENCE Best Practices • General: how easily can your users find out what you’re collecting and what you’re doing with it, and how easily can they control that? • Consent: what are users consenting to? How do they find out what they are consenting to? • Right to access: how easily can users access their data and get clear descriptions of what it is? How well do they understand it all? Consider: Start with GDPR
  55. 55. @AnswerLab / #UXPA2019 55 USER EXPERIENCE Best Practices • Right to be forgotten: do you allow accounts to be deleted? How else can users choose to ‘be forgotten’ and what does that mean? Under what circumstances? • Data portability: do you allow downloading of user data? How can users interpret that download? Where and why would they do that? • Privacy by design: do you build it in from the start? How ‘integrated’ is your privacy user experience, or is it an after-thought? Consider: Start with GDPR
  56. 56. @AnswerLab / #UXPA2019 Privacy by Design Principles 56 Proactive not reactive, preventative not remedial Privacy as the default Privacy embedded into design Full functionality – positive- sum, not zero-sum End-to-end security – full lifecycle protection Visibility, transparency – keep it open Respect user privacy – keep it user-centric
  57. 57. @AnswerLab / #UXPA2019 Don’t overwhelm 57 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  58. 58. @AnswerLab / #UXPA2019 Provide clear entry points 58 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  59. 59. @AnswerLab / #UXPA2019 Embed controls in the flow 59 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  60. 60. @AnswerLab / #UXPA2019 Layer options for easy access 60 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  61. 61. @AnswerLab / #UXPA2019 Provide clear examples 61 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  62. 62. @AnswerLab / #UXPA2019 Use common language 62 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  63. 63. @AnswerLab / #UXPA2019 Group related settings 63 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  64. 64. @AnswerLab / #UXPA2019 Use colors, icons, and visual cues 64 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  65. 65. @AnswerLab / #UXPA2019 Many more 65 USER EXPERIENCE Best Practices Meta Approaches • Explain the benefits • Provide Help and FAQ • Consider video tutorials • Create wizards or assessment tools • Update your update dates • Inform users when settings or systems change • Check in if users haven’t shown up for awhile • Ensure functional integrity Core UI • Provide access at sign- up and anytime during active use • Summarize policies • Clearly label controls • Minimize steps • Minimize paths • Show progress • Layer complexity • Simplify terminology • Clarify end-points • Reward success @AnswerLab / #UXPA2019
  66. 66. @AnswerLab / #UXPA2019 Top Reasons to create effective experiences for data privacy controls 66 1. Stay out of trouble 2. Acquire, retain customers 3. Sustain customer satisfaction 4. Use analytics well 5. Sustain public image 6. Do the right thing @AnswerLab / #UXPA2019
  67. 67. @AnswerLab / #UXPA2019 Best practices start in the operation 67 For stakeholders: BUSINESS Best Practices @AnswerLab / #UXPA2019
  68. 68. @AnswerLab / #UXPA2019 Data Protection Impact Assessment (DPIA) 68 https://gdpr-info.eu/art-35-gdpr/ For stakeholders: BUSINESS Best Practices @AnswerLab / #UXPA2019
  69. 69. @AnswerLab / #UXPA2019 Know your business model and the role of data Balance investment with business model 69 For stakeholders: BUSINESS Best Practices @AnswerLab / #UXPA2019
  70. 70. @AnswerLab / #UXPA2019 Test, validate, iterate, re-test 70 USER EXPERIENCE Best Practices @AnswerLab / #UXPA2019
  71. 71. @AnswerLab / #UXPA2019 71
  72. 72. @AnswerLab / #UXPA2019 72
  73. 73. @AnswerLab / #UXPA2019 Thank You AnswerLab @_bobberry Bob Berry Principal UX Researcher
  74. 74. @AnswerLab / #UXPA2019 Questions?

×