We believe that personal information is exactly that — personal — and organisations need to take that into account when designing new products or service offerings. Privacy is a core component of people trusting and being willing to engage with an organisation – not simply a nice-to-have or a value-added service.
Organisations who don’t build privacy into their design process now will soon find themselves swimming against the tide of customer expectations.
Why does it matter?
There are numerous benefits available for both individuals and organisations when personal information is used to tailor product and service design. We work with organisations to unlock the potential within their data in a way that is respectful of the customer.
People are willing to share and use their personal information to access better quality service or benefits, and they have been for years. For example, supermarket loyalty schemes are a classic case where shoppers are allow chains to collect and analyse purchase information in exchange for discounts on their groceries.
However, not all customers sign up for a loyalty scheme and it isn’t mandatory to join to be able to shop in the store. The customers have choice.
The element of choice can significantly impact a customer’s perception of a product or service, and their uptake can be as individual as they are. There are huge opportunities for organisations that take this into consideration from the start of the design process and build it into their products and services.
Of course, it’s not feasible to attempt to design a solution that will cater to everyone, and finding the right balance for optimal design requires a high level of empathy and emotional intelligence. Organisations must also find the right way to communicate with customers about how their information will be collected, used and protected, and the resulting benefits. It requires effort but significantly improves the likelihood of positive outcomes for all parties.
Apple is a great example of an organisation that has seen the benefits of designing privacy controls into their products and clearly communicating these strategies. Since 2014, Apple CEO Tim Cook has been leading a visible and consistent campaign about the brand’s respect for its customers’ privacy. During the Apple Worldwide Developers Conference in 2017, they stressed privacy benefits and enhancements in almost all of their new product and feature announcements. Apple understands people have a choice to use their products or those of a competitor and that privacy and security are core expectations of customers in modern markets. The brand actively uses the privacy and security of their products as a point of strategic differentiation.
How can we do it?
So how does an organisation without the resources and visibility of Apple use privacy and security as a point of differentiation?
It starts with getting privacy right at the design stage. Traditional approaches to privacy centre on completing a Privacy Impact Assessment. These are typically completed at set milestones in the life of a project and focus on ensuring that the change is compliant with relevant legislation. In many cases, assessments are completed from a ‘no more risk than the previous process or system’ perspective rather than taking a holistic, or system-level, view. They can represent a significant project overhead and are completed at a stage when most of the material design decisions have already been made.
We believe there is a more effective way. It starts with building privacy into your design processes, and we have developed an approach that builds on the established practices and concepts of design thinking to put your customers’ perspectives on privacy at the centre of your design processes.
The good news is, it’s not difficult if you follow a structured process and apply an agreed set of principles. Our process comprises four steps and can easily be integrated into an existing design process or project management methodology:
Four simple steps to build privacy into your existing design process
DEFINE occurs at the idea generation stage and involves clearly establishing and documenting what you are trying to achieve and why. The goal here is to ensure you remain focussed on your goals throughout the change being considered. Document clear, concise statements that describe what the outcomes will be for your customers and organisation, as well as any greater social good outcomes.
Clearly define what you are trying to achieve and why
The ‘define’ step occurs in any change or project, but is not always clearly and concisely captured at the right point in time. If missed, it is easy for your core goals to get diluted through funding and change management processes. Defining is also essential to being able to effectively baseline and challenge thinking during the design and validate steps.
CONSIDER involves taking an open and empathetic approach to examining the outcomes you are trying to achieve. Considering is at the core of putting the customer at the centre of your design process and examining the potential impact of the proposed changes for customers, both positive and negative. It requires an understanding of the emotional connection between your customers and your organisation, and with the product or service you are planning to change or introduce.
Inserting empathy into your privacy processes
This step is the time to leverage existing information about your customers, as they are likely to be impacted by the change. In particular, try talking directly to customers through workshops or surveys, or involving frontline teams to identify potential sensitivities that will need to be managed.
Likewise, taking the opportunity to consider any impacts on your own staff and key stakeholders will provide valuable insights for subsequent steps. A key point to capture here is whether there is likely to be any new information required to implement the change, as this will need to be explicitly considered later on.
By the end of this step, you should have a matrix covering each group affected by the change that will outline the expected impact, sensitivities, changes in information, and benefits or outcomes for each.
At this point it is beneficial to step back and examine the insights you have gathered and challenge your thinking. In particular, do the outcomes and benefits captured through the consider phase still hold true to the statements from the define phase? What are the sensitivities you have captured and how are they balanced against the benefits and outcomes? If there are high sensitivities and limited benefits for particular customer groups, this could be an early reality check that making the change and seeing it adopted could be harder than expected.
DESIGN is integrated into your existing processes for creating new products or services. It builds on the principles of Privacy by Design to ensure appropriate treatment of personal information throughout any changes, and allows for a real-time capture of privacy decisions.
This is your opportunity to use the insights found through the prior two phases to challenge thinking and ask constructive questions to ensure personal information is treated with respect.
Designing with privacy in mind is not as hard as it might seem!
The important element of this step is that it needs to be completed through your existing design and development processes.
All too often, privacy assessments are completed after the majority of the thought process is complete, leading to missed opportunities and potentially increasing the overall risk profile of the change. This is where the insights gathered in the consider step can be explicitly tested, which is especially powerful for organisations using design processes where customers are directly involved or engaged.
The design stage is the time to implement appropriate safeguards and controls to protect personal information. For example, ensure that you only collect the information required to achieve the outcomes documented through the define step, and that it will be appropriately stored and secured, especially where third parties are involved. Also be sure to use the information in a manner that is consistent with the purpose for which it was collected, and that it is protected against future inappropriate uses.
Most important is the ability to communicate changes to those who are impacted so they can make informed choices about interacting with your product or service. This is especially important if you found sensitivities in the consider step. The ability to be open and transparent, and to provide real choices is essential for your customers, employees and external stakeholders.
We have all seen the news stories and loss of brand trust that occurs when an organisation fails in this space. The impact can take years to recover.
At the end of this step you will have captured and documented the privacy and information-based decisions you have made with the ability to directly link them back to the outcomes and insights derived through the design and consider steps.
VALIDATE is where plans are set in motion and you can build a learning model into your design processes. This should be integrated with your existing post-implementation review or other learning processes to ensure privacy learning is an explicit consideration for future changes. This step is typically missed in traditional privacy impact assessment processes which are usually archived as soon as they are signed off.
Building a learning model into your privacy assessment processes
The validate stage is an opportunity to test the decisions and assumptions made during the design step to learn and improve your processes for next time.
Were there any aspects of the change that generated a reaction that you hadn’t anticipated?
Why was that and what can you do differently to avoid it happening for your next change?
Are there any areas where customer, employee or stakeholder attitudes were expressed in ways that you hadn’t predicted and how can you cater to this going forward?
Also assess whether your communication and engagement with those impacted by the change were up to your standards. Analysis of reactions, complaints, and queries will enable you to determine whether you are on the right track and provide people with the ability to make informed choices in a trusted and effective manner.
Privacy as a Competitive Advantage
Privacy is increasingly a factor on which people make decisions about the organisations they engage with. Organisations that build an open, transparent and learning-based model of privacy assessments may be able to get ahead of their competition and build an advantage.
If you would like to hear more about our methodologies, or if you would like help in transforming your existing privacy impact assessment processes, don’t hesitate to contact us. You can also follow us at INFO by Design and on Twitter for further updates and insights.