Consumers are a demanding crowd. They increasingly insist on personalized online services, but they loathe giving up their privacy to get it. Digital Catapult discovered that among more than 4,000 consumers in the U.K., 60 percent were “uncomfortable sharing personal data.” Another 14 percent resisted sharing personal data altogether. The primary fear driving this reluctance? A loss of control over how and with whom their information is shared.
Some people have accepted that their increased reliance on the internet means sacrificing privacy. More than 60 percent of Americans aren’t confident that social media sites, search engines, video platforms, and online advertisers will keep their personal data and activities secure.
Fortunately, privacy and personalization can go hand in hand. By developing their user experiences around improved security, companies can deliver systems that feel customized and simple while maintaining privacy and security.
Going on the Security Offensive
Until the past few years, the data security industry has been reactive. Companies relied on network firewalls to protect sensitive information. Every few months, a breach would occur somewhere. Microsoft and other corporations that provide security infrastructures would issue a patch, and businesses would implement them in the hopes the patches would hold.
But high-profile data leaks, such as the Sony hack in 2014, proved that behaving reactively isn’t enough. Even basic attacks cost companies roughly $7 million and enable hackers to steal valuable data. Simply patching these holes as they appear is a losing game.
The Internet of Things is bringing more security risks to the public every day. A few years ago, most people used two or three devices to connect to the internet. Now, it’s not just their phones, laptops, and tablets that are wired. Common appliances in office spaces and homes are increasingly plugged into the web as well.
The widespread availability of the Internet comes with many risks, most of which center on protecting data and preventing misuses of information. As former Google CEO Eric Schmidt said in 2010, the amount of data generated every two days is equivalent to all the knowledge humans accumulated between the beginning of civilization and 2003. The internet’s ecosystem is very different today from even 10 years ago. It’s time that the data industry responded to this proactively.
Solving the Privacy vs. Personalization Conundrum
Digital literacy is on the rise, which is good news for privacy concerns. People are thinking through their privacy needs and what allowances they’re willing to make when they download popular apps. Snapchat, Facebook, and WhatsApp are fun, but users question whether it’s worth trading their privacy to participate in social media.
As the public becomes more educated about data security, companies will begin to offer solutions that balance privacy and personalized functionality to avoid losing customers. My colleagues and I at Ryerson University believe the way to achieve this is through UX design.
For one, we emphasize the concept of data privacy, which means embedding privacy standards into design specifications. The idea applies to technology, certainly, but it works in business practices and physical infrastructures as well. Rather than react after breaches occur, privacy management is written into the DNA.
Beyond that, we see putting control into the users’ hands as the future. For example, Joe works a 9-to-5 job. According to his contract, he must respond if his boss pings him on a social network during those hours. The boss can see granular data about Joe’s location so he can meet with him or give him assignments. However, if the boss pings Joe after 5 p.m., Joe is no longer contractually obligated to respond.
Joe can easily adjust his privacy settings to show vague, generic location data to his boss during his off hours. Instead of a specific address, the boss might be able to see that Joe is in the city but not his precise location. Joe can also enable his settings so his wife, for example, still has access to the granular data.
Because Joe can set his own privacy terms, he trusts the social media network. He gets to say, “This is how I want to share information” on a case-by-case basis. People feel far more comfortable giving out their data when they get to control who sees it and when, rather than when a corporation decides the rules — in a manner too complex for them to comprehend. Understanding context in privacy management is essential.
UX design that puts control in users’ hands should assuage consumers’ fears about how their data is being used. The proactive emphasis on building security into the infrastructure also helps guard against data breaches, which is increasingly important as people share more of their lives online.