User-centred privacy
Learning more about data, privacy and consent – but actually designing for it, for the users, not just for legal and security bits.
I thoroughly enjoyed two talks in recent weeks on related topics around designing for data, privacy and consent – but actually designing for it, for the users, not just for legal and security bits.
The first one was by Georgina Bourke from the Information Commissioner's Office (ICO) who took us through a really interesting look at how to design privacy into digital experiences, including the Children’s code that they’ve made for companies making apps aimed at them.
They’ve created practical guidance on how to translate GDPR requirements into good design decisions, with 15 standards around governance, transparency and design of choices. The ICO is recognising that design impacts people’s rights and is actively doing something about it.
This was pretty uplifting news for our team and I’m sure for many who work in the public sector space. At Made Tech, we have years of combined experience of working within the public sector, in organisations where outputs involving legal and data protection are rarely given to designers.
There’s often a substantial gap between the perception of legal and information management and digital teams on the role of design and how it can help, which is understandable. Design doesn’t just make things a bit easier or modern looking for the user – it can more effectively protect data, and have a huge impact on the uptake of vital services by developing trust.
The ICO is to information management and security teams what GDS is to public sector digital teams: a trusted source for best practice in their particular field. So if the ICO are championing the importance of design, then the message will be heard by more people than just design advocates. We talked about how as a next step, a design standard from the ICO would be a welcome shift towards a more aligned collective future.
It made me think – where else could this be applied? What about planning, parking or – most importantly – bin collection! Organisations need to understand and champion design and how we make that happen.
We often talk about how design thinking needs to spread further across leadership and service teams before we see the kind of widespread uptake of policy design, user-centred design and iterative delivery methods that will turbo boost transformation. What other major players could we try and reach out to?
The second talk was Designing for relationships, not just for users with Lisa Talia Moretti from the Ministry of Justice. This led on nicely from data protection design and focused on designing supported journeys.
We know that when it comes to filling in forms, the applicant is often helped – older people by their children or carers, for example. But we don’t actually openly acknowledge and design for that fact, even though we know it’s happening. Why don’t we do that?
Lisa shared the MoJ work around modernising lasting power of attorney, including some of the problems that not designing for this reality brings. Like applicants having real stress and anxiety that they’re doing something illegal by getting help to complete the form.
So they put off filling in these really important legal documents and the forms get filled in incorrectly because the person helping fills their own details in. The MoJ is doing brilliant work redesigning processes to include options for both the supporter and the supported.
The world of data and privacy design has taken some great leaps forward. It’s brilliant to see and I will be spreading the work within our teams to make sure that when we deliver user-centred design, we make sure that we include these important elements.
Annie is UCD Principal at Made Tech, experienced in local government and design management.