Privacy Badges
Bringing privacy conerns to the surface when it matters

Privacy Badges
Making app policy security more visible

IDEA • SELF INITIATED • CONCEPT PROPOSITION

Before I begin, a bit of background to this project… While wandering, playing and interacting with everyday London, ideas occasionally come to my head. I would love to tell you they are all amazing but to be frank, they aren't. Nevertheless I note them down in my phone before the moment passes. Over the years I have collated a long list of high-level ideas and decided it would be a fun challenge to add flesh to their bones and tackle them as I would any project.

These projects are all conducted in my own time and often expose me to new experiences, learnings and software that I may not get at work so I see them as paramount for my development.

Before I begin, a bit of background to this project… While wandering, playing and interacting with everyday London, ideas occasionally come to my head. I would love to tell you they are all amazing but to be frank, they aren't. Nevertheless I note them down in my phone before the moment passes. Over the years I have collated a long list of high-level ideas and decided it would be a fun challenge to add flesh to their bones and tackle them as I would any project.

These projects are all conducted in my own time and often expose me to new experiences, learnings and software that I may not get at work so I see them as paramount for my development.

“Reading the policies requires at least some high school education and sometimes advanced degrees…”

Varonis

“Reading the policies requires at least some high school education and sometimes advanced degrees…”

Varonis

With the gaining awareness of our own data and the introduction of GDPR I thought it was interesting that there is often poor indication of the implications we face when signing up for certain apps or experiences. It is often not till later on when a user discovers their data is being used in a way they were unaware of and are uncomfortable with. For me, even though I believe the introduction of GDPR has been great in terms of full transparency of our data, the implications are still overly hidden behind inaccessible policies or highly-crafted misleading copy making it difficult for everyone to interpret.

Having learned a bit about data protection through osmosis I decided that I didn't know enough. Therefore I began by doing some resarch and exploring the topc seeing if I could discover some insights and guidance.

With the gaining awareness of our own data and the introduction of GDPR I thought it was interesting that there is often poor indication of the implications we face when signing up for certain apps or experiences. It is often not till later on when a user discovers their data is being used in a way they were unaware of and are uncomfortable with. For me, even though I believe the introduction of GDPR has been great in terms of full transparency of our data, the implications are still overly hidden behind inaccessible policies or highly-crafted misleading copy making it difficult for everyone to interpret.

Having learned a bit about data protection through osmosis I decided that I didn't know enough. Therefore I began by doing some resarch and exploring the topc seeing if I could discover some insights and guidance.

“only 0.001% of all internet users even start reading privacy policies – and the amount of people that actually finish reading them has to be much, much lower than that.”

NYU Center of Law

“only 0.001% of all internet users even start reading privacy policies – and the amount of people that actually finish reading them has to be much, much lower than that.”

NYU Center of Law

I thought there must be a better way to indicate the implications an app has on our personal data — a way that is consistently familiar and easy to understand. Something as simple as colour-coded Privacy Stickers that can feature alongside any app, product or service and instantly communicate to a user the data implications whether they should be concerned or not.

I thought there must be a better way to indicate the implications an app has on our personal data — a way that is consistently familiar and easy to understand. Something as simple as colour-coded Privacy Stickers that can feature alongside any app, product or service and instantly communicate to a user the data implications whether they should be concerned or not.

191104-02
191104-03

When I say this idea is simple, I really mean it. It’s not a new concept at all — we are very familiar at making decisions, particularly purchases, based on small indicators. Indicators that are although small, quickly paint a picture and communicate an experience’s characteristics. For instance, we know that a film rated ‘15’ will potentially have partial nudity, bad language or “include adult themes” before we even take our seat — and this is what helps us make our decision. The same could be said for; any Star-ratings (most considerably Amazon) and nutrition information on food packaging.

When I say this idea is simple, I really mean it. It’s not a new concept at all — we are very familiar at making decisions, particularly purchases, based on small indicators. Indicators that are although small, quickly paint a picture and communicate an experience’s characteristics. For instance, we know that a film rated ‘15’ will potentially have partial nudity, bad language or “include adult themes” before we even take our seat — and this is what helps us make our decision. The same could be said for; any Star-ratings (most considerably Amazon) and nutrition information on food packaging.

191104-04

So I created a spectrum of ‘Privacy Badges’ which range from data friendly to data invasive and every in between. For me, the design had to be super simple and easy to understand at a glance which is why I adopted a traffic light system (green = good, red = bad) as a familiar pattern we can quickly grasp. Further evidence to keep things simple was thinking about where these badges would live and similarly to the examples above they are best placed in the moment when people are looking to download a new app on either the App Store or on Google Play. (The privacy badges could also exist on web browser beside T&C checkboxes but for the visuals I focussed mainly on app downloads.)

So I created a spectrum of ‘Privacy Badges’ which range from data friendly to data invasive and every in between. For me, the design had to be super simple and easy to understand at a glance which is why I adopted a traffic light system (green = good, red = bad) as a familiar pattern we can quickly grasp. Further evidence to keep things simple was thinking about where these badges would live and similarly to the examples above they are best placed in the moment when people are looking to download a new app on either the App Store or on Google Play. (The privacy badges could also exist on web browser beside T&C checkboxes but for the visuals I focussed mainly on app downloads.)

It is important to grade apps on their privacy, it is equally important to explain what the concerns are. As a result, by tapping on the privacy sticker will open a modal displaying more information including; the app’s main threats, a graph to show % of level concerns as well as offering alternatives and comparing the app to others in the same category. Privacy badges alone will help people recognise an app’s failings but offering comparisons can help people make more informed decisions. At this point, I must mention that during my research I stumbled across Guard. Guard is a product that uses AI to analyse privacy policies and highlight any concerns. They’ve analysed some of the giant social platforms and they’ve clearly been a strong influence in this thought-starter project, so I wish them success as they continue to build their product!

It is important to grade apps on their privacy, it is equally important to explain what the concerns are. As a result, by tapping on the privacy sticker will open a modal displaying more information including; the app’s main threats, a graph to show % of level concerns as well as offering alternatives and comparing the app to others in the same category. Privacy badges alone will help people recognise an app’s failings but offering comparisons can help people make more informed decisions. At this point, I must mention that during my research I stumbled across Guard. Guard is a product that uses AI to analyse privacy policies and highlight any concerns. They’ve analysed some of the giant social platforms and they’ve clearly been a strong influence in this thought-starter project, so I wish them success as they continue to build their product!

 

“Privacy isn’t a compliance burden. Privacy is part of your value proposition. It’s integral to the customer and brand experience. It’s not about static policies that hide in the background, rather, dynamic value exchanges occurring within an environment of trust.”

Nathan Kinch

“Privacy isn’t a compliance burden. Privacy is part of your value proposition. It’s integral to the customer and brand experience. It’s not about static policies that hide in the background, rather, dynamic value exchanges occurring within an environment of trust.”

Nathan Kinch

Full-res-test-05
PS-01-06
PS-01-07

Lastly, and I know what you may be thinking. Why would the App Store or Google Play want to include something that would actively dissuade people from downloading select apps on their stores? To answer this, I would simply say it’s the moral thing to do. It’s the right thing to do. Particularly for those who have grown up in the smartphone era, a great deal of their life and data exists on these platforms bringing great value to them at the expense of the people using them. But now the emphasis has squarely shifted to privacy-first isn’t it reasonable to expect Apple and Google to safeguard people using their stores? I believe publishing a grade by every app would help set new privacy standards across the market, give people more control and understanding over their data as well as make it difficult for those who wish to cause harm to get away with it.

If you are still reading, thank you! You are an utter hero! 🙌

Lastly, and I know what you may be thinking. Why would the App Store or Google Play want to include something that would actively dissuade people from downloading select apps on their stores? To answer this, I would simply say it’s the moral thing to do. It’s the right thing to do. Particularly for those who have grown up in the smartphone era, a great deal of their life and data exists on these platforms bringing great value to them at the expense of the people using them. But now the emphasis has squarely shifted to privacy-first isn’t it reasonable to expect Apple and Google to safeguard people using their stores? I believe publishing a grade by every app would help set new privacy standards across the market, give people more control and understanding over their data as well as make it difficult for those who wish to cause harm to get away with it.

If you are still reading, thank you! You are an utter hero!  🙌

GET IN TOUCH

alexander.j.thurman@gmail.com
(+44) 7481 835 732

current location

London, UK