Home / Newsletter Templates / How to Design With User Privacy in Mind (Tips and Best Practices)…

How to Design With User Privacy in Mind (Tips and Best Practices)…

When it comes to UX, how often do you connect it to privacy?

It’s a big part of the design process. From connected apps to e-commerce to forms, data collection is happening all the time. Users are accustomed to it and generally ok with these practices unless something goes wrong.

It’s your job to include privacy checkpoints and best practices in the design architecture of every website project. Not only will these protections help users, but they can help you feel better about the digital products and services you provide.

Consider Privacy by Design as a Default

website design privacy

Privacy by Design is more than a concept, it’s an actual framework that can guide how you create digital experiences. The framework was developed in the 1990s by Dr. Ann Cavoukian (information and privacy commissioner in Canada) and is the foundation for current GDPR regulations.

The goal of privacy by default is to think about security from the start of projects, but not to create a trade-off between privacy and other parts of the design or usability. When using this framework, privacy is a consideration from the start of a project and at every step along the way; it is not applied after the fact or in response to a concern.

The seven principles of privacy by design are:

  1. Proactive not reactive; preventative not remedial
  2. Privacy as the default setting
  3. Privacy embedded into design
  4. Full functionality; positive sum, not zero-sum
  5. End-to-end security; full life cycle protection
  6. Visibility and transparency; keep it open
  7. Respect for user privacy; keep it user centric

The common theme you will see from every other tip and best practice in this list is that they are rooted in or connected to this framework. It’s hard to talk about any type of website design privacy practice without circling back to this information.

What’s great is that while the foundation hasn’t changed that much, it’s application has continued to evolve with technology changes to help designers make good choices that protect users while still creating engaging and functional designs.

Display Just in Time Notifications

website design privacy

Just in time data collection and notifications happen when a website or app needs the information. (It is not just buried in a privacy policy.)

Using this method alerts a user when data is required, explains why it is necessary and includes information about how data will and will not be used.

Common practices for these notifications include simple pop-ups and info icons or tooltips next to each data request field to explain usage.

Think about it: Websites and apps often ask for access to things such as your contact list, location, or camera. Wouldn’t it make more sense to ask for these permissions when you need them, rather than as part of a bulk ask on install? Then you know how and why this is relevant to your actual user experience.

Here’s an easy best practice to follow: Stop pre-selecting checkboxes for consent information in forms.

Bonus: Consent checkboxes should be to opt-in, not opt-out.

This combination of selection allows users to control what they do and don’t consent to. Even if consent is required to move forward, it causes the user to pause and think about the information or data collection they are opting in to.

You are asking for permission here, not assuming it. This might seem like a simple thing, but it can make a big difference as to how users perceive the ask for consent and data sharing.

Write (and Design) a Clear and Understandable Privacy Policy