A recap of Kelly Huang’s January presentation on avoiding weak privacy and a link to the full recording.
To kick off the year, the Beer and UX community was joined by Kelly Huang for a virtual presentation on privacy. Kelly is the VP of Product at Ethyca, an automated data privacy SaaS company.
Kelly opened her talk with some statistics about user trust to set the stage. According to Pew Research Center, most people believed that what they did online was being tracked, but that there was little they could do about it. People know their data is being collected or purchased, and trust has been eroded as a result.
That same survey found that 72% of Americans report feeling that all, almost all, or most of what they do online or while using their cellphone is being tracked by advertisers, technology firms, or other companies. Another 19% think some of what they do is being tracked. Close to half (47%) of adults believe at least most of their online activities are being tracked by the government.
As people working in tech, we have both an opportunity and responsibility to help users avoid this learned helplessness.
As people working in tech, we have both an opportunity and responsibility to help users avoid this learned helplessness. Read on for a few takeaways from Kelly’s talk. To get all of the insights, advice, and resources shared, watch the full presentation on YouTube.
Keep your privacy policy up to date.
This one is simple but easy to forget. It’s important to update your privacy policy as your business evolves. If you are adding features, consider the privacy implications and update your policy accordingly. Every single piece of personally identifiable information (PII) is a potential point of contention.
Designers: Put the facts (and the power) in users’ hands.
Reduce the cognitive load and work to gain or retain user trust wherever possible. This begins with transparent design systems and copy to make the facts clear. Choose simple typefaces and advocate for clear explanatory copy and visual tools to help people understand how their data is used. Lastly, remember that friction isn’t always a bad thing. Where consent is required, creating a bit of friction can ensure it is given intentionally, not passively.
Marketers: acquire, activate, and retain trust.
It’s important for marketing teams to offer their users transparency. Tell users what you’re selling their data for, regardless of whether you’re required to. Secondly, Kelly recommends reading your own privacy policy. If it’s not consumable, speak up and look for opportunities to work with product and legal teams to make it legible. Remind yourself and others: we are looking to restore trust in online businesses.
Product managers: work with your legal team to make sure your privacy policy is easily understandable.
Once marketing teams have done the work to acquire, activate, and retain trust, product managers need to remember that we can monetize because we are trustworthy and gain referrals because we are trusted.
Move beyond the bare minimum of making the required information available and make it legible and understandable instead.
In addition to keeping privacy policies up to date, it’s crucial that they be legible. Solid, user-centered privacy policies and practices are not inherently bad for business. Starting with the words themselves, Kelly frames this as an opportunity to take on a challenge. Using plain English empowers users to make informed decisions about what they will consent to. Move beyond the bare minimum of making the required information available and make it legible and understandable instead. Pinterest is one company that Kelly applauds for writing a privacy policy that can be both read and understood.
While legalese can protect a company from liability, Kelly offers this advice for anybody struggling to convince a colleague in legal: approach and pitch plain language for policies as being rooted in a desire to ensure the words are read and understood. Start with “let’s try to find a way to make this consumable.” To this end, she recommends using the Maze test, which is typically used by educators to understand reading fluency and reading comprehension.
Kelly also recommends that product managers embed privacy governance in their software development processes. Lastly, consider segregated data architecture not dependent on PII data for primary keys, partition keys, etc. (More on both of these points in the video.)
For everybody: embrace the responsibility.
Quite simply: Don’t shy away from your responsibility to other internet citizens.
Beer and UX is a Meetup group with more than 1,800 members. Hosted by Neuron, this community of design enthusiasts meets regularly to hear from industry professionals, debate, and collaborate.
Neuron is a San Francisco-based UX/UI consultancy that creates best-in-class digital experiences to help businesses succeed in today’s digital world. Learn more about our services and explore our work.
Comments