Many designers don’t work with data directly. So why should they care about the通用数据保护法规,欧洲有远见的新隐私法?简而言之,GDPR将使隐私成为强制性设计原则,并且这样做可能会重新定义该行业。
To prepare for the GDPR’s May 25th deadline, the vast majority of companies that you interact with on the internet are already altering their products, from internet giants like Facebook and Google to small startups. You’ve probably noticed the barrage of emails noting how they’re changing their privacy policies and even their designs. The GDPR will likely fundamentally alter how products are developed both in Europe, where the law applies across every country, and in the United States, where many companies have European customers.
那么,GDPR实际需要什么?设计师将如何重塑工作人员?www.vwinchina.com与设计机构,数据保护官和隐私倡导者进行了交谈,介绍了欧洲这些变化将如何影响全球的设计师。如果您听说过浮动的首字母缩写词,但太害怕问它是什么,那么您来了。
基础知识
First things first: There aresix key components to the GDPR建立欧盟公民的数据权。
First, citizens have a right to be notified within 72 hours if a company has been hacked and the breach will risk their personal information, to prevent situations likeYahoo’s massive data leak人们只有几年后才发现。用户还有权访问公司对他们的数据,并了解其使用方式和如何使用。人们有权被遗忘 - 意味着,如果您不希望公司再拥有您的数据,则可以要求他们从系统中删除其所有痕迹。这也意味着,即使您没有要求他们这样做,公司也有法律指令删除数据。同样,必须以易于访问,易于理解的方式征求用户捕获其数据的同意。
该法律的另一个关键要素是“数据可移植性”。这意味着能够以机器可读格式(例如CSV文件)从一个地方下载数据,以便您可以根据需要将其带到另一个运营商。如果您在剑桥Analytica丑闻后从Facebook下载数据,则您正在行使此权利 - 尽管下载主要包括您与Facebook明确共享的数据,并且不包括公司根据您的活动所做的所有推论。
Worth noting: Right to access and right to portability are slightly different. Right to access means a company has to provideall它拥有您的数据,包括使用的数据,公司将存储多长时间,源(如果不是您来自您),有时还会提供有关如何使用您的数据做出自动决定的信息。但是,如果您要求下载数据,则该公司只需要提供您明确提供的数据即可。
至关重要的是,一个称为“设计隐私”的概念是GDPR的一部分。它要求所有利用用户数据将隐私作为设计和开发过程的一部分的产品,包括仅捕获其功能绝对必要的数据。根据法律,使用大量数据的大公司需要雇用数据保护官员 - 这导致了招聘争夺as companies move to comply.
这些要求中的一些不一定是新的,但是它们首次在整个欧盟始终应用。那么,为什么非欧洲公司关心GDPR呢?由于《全面法规》适用于所有欧盟国家,这意味着任何在欧洲或欧洲分支中拥有用户的公司都必须遵守这些特定人的GDPR;公司还可以在美国提供不同的服务,而无需与欧盟公民有权获得的数据保护一样。
公司已经惊慌一年多about complying because the GDPR mandates serious repercussions for failing to do so. Companies can be fined up to 4% of their annual global turnover, or as much as $23.8 million (20 million euros), whichever fee is larger. And while the stakes are high, theexact legal details of the regulation are muddy, adding to the confusion.
Though the regulation was ratified in April 2016, companies are still struggling to comply–and the deadline is just weeks way. Emily Hancock, the newly hired data protection officer at the internet services company Cloudflare, thinks much of the panic is coming primarily from U.S. companies, where data policy has been far laxer. “It applies to all countries across Europe, but it’s an evolution of a directive that was put in place in 1995,” she says. “In Europe, companies have been dealing with these kinds of data protection regs for a long time. It’s the added penalties and the extraterritorial scope that’s causing people outside of Europe to panic.”
考虑到所有这些新法规,这是设计师和隐私专家对GDPR改变业务的方式所要说的。
1.设计师不能再对数据无知
Thanks to GDPR, designers will be forced to reckon with the underlying technology that powers their products–namely, databases. “We’re looking at a place where it’s no longer okay for designers to not understand what a database looks like or what goes into it,” says Sarah Gold, the CEO of the London-based privacy and design organizationif项目。
黄金认为,在通知人们如何从机器学习驱动的系统中删除其信息时,设计师面临巨大的挑战,这些系统变得越来越普遍。她说:“对于设计师来说,这将意味着了解他们使用的数据库以及服务中使用的技术类型。”“您需要对此有更大的了解,以设计可用,可理解,可访问的设计模式。”
2.隐私必须是设计过程的一部分
GDPR准备成为设计过程本身的关键部分。产品团队将无法忽略其产品收集和共享的数据,然后在发布前几周去律师,说:“您看到这有什么问题吗?我们将在几周内推出。”汉考克解释说。
相反,考虑隐私应该在设计过程中发生。Yashoda Sampath, group director of research at New York-based design agency Huge, says that the data privacy conversations that tend to currently occur “closer to the build and implementation phase when we’re ready to put in the ad-tech and the partners and the business model, versus now we’re going to start having those conversations much earlier in design and development–even in the ideation phase.”
这意味着在集思广益期间,GDPR在桌子上,这与从一开始围绕HIPAA等法规构建的医疗保健产品如何。
至少根据马克·罗斯顿,Argodesign的创始人兼首席创意官。他说:“事情要花更多的钱,而且确实是财富500强公司are spending billions改变他们的系统。然而,这是未来的必要一步。“我还可以。我很兴奋地在世界成长的意义上发生。我们处于这个少年舞台的比赛,其功能比我们尊敬的更多。”
3. Bad Design Will Become A Pricey Liability
A key part of designing for GDPR will be answering this question: What data should this product collect? The designers I spoke with all had an easy answer: Don’t collect data if it doesn’t make the UX better.
罗尔斯顿说:“有很多[公司]收集数据,他们不知道自己在做什么。”“那将停止。我们担心4%。”
Laws like GDPR could spell the end of business models based purely on data collection–mostly because the risks and costs will be too great. “Here in the Valley not so long ago, I’m talking about a year or two ago, you would hear executives talking about how they package and sell users’ data and how this is the core valuation factor in their startups or established companies,” saysGadi Amit,总部位于旧金山代理机构NewDeAldesign的创始人和负责人。“我认为跟踪所有法规的成本只是在上升。显然,保留用户数据会有好处,但是与之相关的成本和职责会有很多好处。”
In practice, Cloudflare’s DPO Hancock says that deciding what data to collect means asking questions like: If I pull data from an API, do I really need all the fields of data that I could get, or do I narrow it for the specific purpose of this product? When thinking about geolocation data–do I really need it? And if I do capture geolocation data, what are the risks associated with that? “That’s the thought process you’d want developers to go through earlier in the cycle rather than after the product is built and ready to ship and someone just wants to get a sign off,” she says.
在由数据科学家,法律专家和研究人员主导的对话中,Sampath认为设计师是提出这些问题的合适者。
“下一步是授权设计师参与这次对话:这些是我需要改善个性化的数据。这些是我需要提高预期的数据。这就是我们真正可以使用数据添加价值的地方。”她说。“在这方面,让他们既是拥护者,又是一项检查,并且说,这种数据将使用户对我们的经验保持警惕,并减少我们经验的乐趣。”
4. Design Could Help Solve One Of Today’s Biggest Problems–Or Not
The new directives have created a serious design challenge: creating better, clearer interfaces that make navigating privacy easier for users.
Today, privacy settings are often buried deep inside apps where no one can find them, and privacy policies are没人读的一团糟。新政的阿米特(Amit of New Deal)认为,设计师在这方面是部分同谋,并指出Facebook’s acquisition of WhatsApp to illustrate.“您必须非常深入地挖掘prevent WhatsApp from shifting all your contacts and sending them to Facebook,“ 他说。目前尚不清楚UI是否在GDPR下合法不合格,但是WhatsApp的UI当然并没有使这种重要的数据共享易于理解或访问,从而使获得有意义的同意是不可能的。阿米特补充说:“我和朋友们签到了,大多数人不知道whatsapp正在捕食他们的联系人列表。”这一切都是由UI和UI设计师完成的。这是误导和掩埋非常重要的东西的显然设计的。因此,我认为我们需要在设计行业中就合作以及愿意与这些陷阱一起玩耍进行真正的讨论。”
Many companies facing GDPR are relying on a familiar interface design to comply: the “settings” screen. These ubiquitous screens don’t do much to functionally protect users, though they may be technically compliant.
“ GDPR的主要响应是建立一个仪表板,人们可以从一个中心位置调整数据共享权限。对我来说,这真是一个耻辱,”戈尔德说。“偏好中心是GDPR的简便方法,但是我们没有进行的研究表明,任何不是隐私专家的人都可以进入这些设置。[这是一个真正的浪费机会。”
Rather than relying on these old solutions, Tiago Luchini, a partner of technology at the New York-based agency Work & Co, believes in something he refers to as “micro-consent,” where users can learn what each piece of data they’re giving up is going to be used for–and how their experience might suffer if they decide not to provide it. He uses the example to illustrate: He recently signed up for an app to run a marathon, which asked him for his ethnicity.
“我想,我真的不愿意为您提供此信息。作为用户对我有什么影响?”他说。不幸的是,该领域是强制性的,没有解释。“我的全部观点是,从应用程序的角度和网络角度来看,我们应该能够进入新一代的设计 - 这与雨伞的同意无关。应该非常清楚,就像微观的一样。我给你我的性别 - 我从中得到什么,我从不告诉你我会失去什么?”Luchini看到网站上的弹出窗口中的相似之处,这些网站要求您使用cookie的权限。“对于用户来说,这是什么含义。如果我不按不,会影响我的经历吗? If I say yes, what kind of information am I giving away?”
He prefers a system where users can determine what information they want cookies to have on a service-by-service basis. “Maybe you’re fine with Facebook, but not one of the retargeting programs they use,” he says. “It’s a fascinating design challenge. You have to communicate back to the user every time those take place.”
罗尔斯顿同意。他说:“我们将不得不更好地使这些数据事件透明。”“隐私成为通过界面传达的美德。”
5. GDPR还不够 - 设计文化也必须改变
尽管GDPR可能是朝着正确方向迈出的一步,但有些人认为法律还不够。进步需要引导。阿米特(Amit)看到法律和实际设计实践之间的脱节,但认为可以改变设计师仰望谁以及有价值的东西有一个解决方案。。。或羞耻,依次。
他说:“我认为,从设计社区和设计文化元素中,开始指出人们正在建立,夸耀和感到自豪的经验,这将更加有效。”这意味着设计师应该召集nefarious dark patterns, even when their colleagues are building them, so that manipulative interfaces that encourage people to give up their data don’t remain the default.
对于黄金,设计师也可以在法律失败的地方接收。例如,数据可移植性的想法并没有考虑到数据通常可以与许多人绑定在一起 - 如果您住在共享房屋中,甚至是您的Facebook数据,请访问您的公用事业账单。黄金和她的组织项目IF最近出版了new study on this very topic与Open Data Institute, and included a series of prototypes posing ways in which data portability could function.
One concept illustrates a faux social media service calledFriendshare, where when you delete your account, you can download an archive of data. But because other people are involved in that data, the service sends each person a message letting them know they have 24 hours to change the data that’s in the archive if they don’t want you to hold on to it.
GDPR也不必被视为负面。Work&Co的Luchini将其视为一种创造性约束的形式。
他说:“这是使设计师和技术人员开心并使我们在一天结束时蓬勃发展的那种约束。”“从长远来看,这并不是对企业不利的事情。这对企业有好处,对用户有益。”
6. GDPR Is Just The Beginning Of A Sea Change
设计师已经在处理许多这些要点。对于阿米特来说,简单地做好设计意味着要维护GDPR的许多要素。“如果您相信良好的设计值,那意味着您引导用户准确地了解该应用程序应该做的事情。这就是我的看法。”他说。“如果您做得很好,那么本质上意味着您为人们提供了一种很明显的工具,这很容易,这是透明的,因此,它被滥用或误解给最终用户的机会非常低。”Sampath也有类似的看法。她说:“ [GDPR]确实对我们对用户体验的看法非常好。”“从这个意义上讲,任何导致更高透明度的推动都是净值。”
接受GDPR的最令人信服的理由之一是,这些数据标准将留在这里 - 即使它们尚未达到美国。
罗尔斯顿使用加利福尼亚排放法的类比。为了符合该州更严格的标准,汽车公司最终为所有符合加利福尼亚法律的州建造汽车,因为将它们全部构建为同一法规更有意义。GDPR是相似的,因为它将迫使公司遵守欧洲 - 那么为什么不在任何地方都采用相同的标准呢?在我与此故事交谈的公司中,无论客户的位置如何,Cloudflare和Mozilla都将符合GDPR。Facebook表示会遵守but sneakily decided toexclude 1.5 billion of its users。Others are taking an all-or-nothing approach: Mobile advertising company Verve is完全退出欧洲。
尽管如此,Sampath还是可以保留此类数据定律。她说:“ GDPR只是第一个看起来像这样的法规。”“在内部,我们都非常有信心,某些版本的GDPR将在明年半中来到美国。提前考虑一下裤子是一个不错的踢球。”
Ultimately, the designers I spoke with remain optimistic that the GDPR will be good for users和企业。罗尔斯顿说:“我认为网络是,每家公司都会有一个更加成熟的产品,对整体人士来说更适合人们,这将具有净净值。”“将我们的利益与市场保持一致将使它们成为更好的产品。它会迫使他们长大。”