We need to fundamentally reconsider the way that we think about privacy within apps and services. For too long, the edge case in privacy design has been anyone who is in a targeted group. My talk at BSidesSF aims to show how many tech products and services mainly protect from a threat that is outside the home or inner circle. I would like to see more empathy in privacy design.
A useful example might be the recent issues with Facebook’s privacy have caused many people to pour scorn on those who use Facebook or similar platforms. There are those who proudly state that they warned of such issues long ago and wonder why no one listened then.
I am not here to argue against either point of view. I do, however, want to encourage people to consider why people might use Facebook and Messenger.
For many groups, Facebook is a free, easy-to-use platform to organize events. People already have accounts and can join discreetly. There is no need to explain a new email or app on a device. There are not many services available that offer the same benefits to end users. Many end users are not always able to control access to their devices or even their accounts. Very often I am told that people are afraid of installing something as popular as WhatsApp because a partner or significant other would challenge its use.
Someone who lives with you is able to have physical access to your devices and to you. They can install spyware, use personal information about you to get customer service reps to believe they are you, or track your activity via WiFi or unsecured IoT devices.
We have two jobs to fulfill. The first is to design devices and apps and services that have privacy options built in. So, to make 2FA more common would be a very basic standard. I would add decoy icons and message deletion and also the ability to sign up with false usernames or no cell number.
We have to talk to different targeted communities about what their needs are. We also need empathy to remember that zebra and mice need very different protection.
The second job is to educate people about privacy. We cannot plan for every nuance in human behavior. Some relationships will always involve sharing every last thing. An ideal would be helping society move towards keeping devices and passwords private.
At the moment, we are encouraged to over share, to tag people, take photos of “hot guys on public transport,” and worse. We have developed a culture where the user is the product. Some services are incredibly difficult to unsubscribe from. If we encouraged people to value their privacy and that of other people, we could bring courtesy and safety back. Even just a little more thought and care in our day-to-day virtual interactions could greatly benefit targeted groups.
We can see parallels between bad privacy design and bad architecture, to give just one example. We should design buildings with consideration for the needs of everyone who may use that building. If we make it easy to access for all and secure and safe, if we consider how easy it is for people to find their way around and not get lost… all these things matter.
One of my best examples of this is restroom design. Women’s restroom lines are always long, and this is just an accepted part of life. Why has no one taken the simple steps to consider why and how to improve this experience? Could it be because of who designs buildings? Worth thinking about.
My hope is that my talk will continue the discussions that already exist in this space. I am passionate about listening to and raising the voices of targeted or non-dominant groups We live in a world where many people need a safe place to communicate ideas and feelings, or they are at risk.
Technology is not neutral; it is designed by humans with bias. We have to be the ones that disrupt this and ask for ethical and empathetic design. Because people matter. Because even if it does not matter to you or someone you know today, it might tomorrow.
About the Author: Stella has a background in language and special needs teaching. After working within large companies teaching languages, she developed training in inclusion. Her particular interest autism awareness. She does voluntary work advising targeted groups on privacy and security. All this is fuelled by espresso martini, venti non fat mocha and goldfish crackers. She is possibly a British spy but it is rude to ask.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.