Privacy Ethics

Privacy and Ethics

Respecting user data and privacy is part of good UX. Make privacy and ethics explicit across planning, recruitment, sessions, storage, and sharing.

Note

Source alignment: mirrors the privacy readings on why privacy matters (ethics, laws, hacking risk, brand trust), what data needs protecting (PII/SPII), vulnerable populations, and the practical tools to uphold privacy.

Privacy‑Respecting Practices

• Informed consent
  • Explain purpose, procedures, risks, benefits, and data handling.
  • Cover recording, storage, retention periods, access, and withdrawal rights.
• Data minimization
  • Collect only what you need for the study. Avoid unnecessary PII.
  • Prefer IDs to names in notes; scrub identifying details in clips.
• Secure handling
  • Store recordings and notes in approved, access‑controlled locations.
  • Define retention and deletion timelines; follow through and log deletions.
  • Limit access to a need‑to‑know audience; review access periodically.

Ethical Research

• Voluntary participation
  • Allow questions and breaks anytime; make it easy to stop without penalty.
• Equity and inclusion
  • Recruit beyond convenience samples; include underrepresented users.
  • Budget time and resources for accommodations as a first‑class requirement.
• Transparency
  • Be clear about prototype limitations and what is or isn’t functional.
  • Avoid overpromising or implying commitments beyond the study.

Data Types to Protect

• Personally identifiable information (PII)
  • Names, home addresses, email addresses, phone numbers.
• Sensitive personally identifiable information (SPII)
  • SSNs, driver’s license/passport numbers, financial accounts, date of birth, race, disability status, gender, sexuality, criminal history, medical info.
  • Combine with PII increases risk; avoid collecting unless strictly necessary and approved.

Assistive Tech Readiness

• Test your platform with screen readers, captions, and keyboard nav.
• Provide transcripts and alt paths if visual content is essential.
• Share setup instructions and support contacts before sessions.

Sharing Insights

• Prefer anonymized clips and quotes; get re‑consent for broader sharing.
• Limit raw data access; provide synthesized insights to stakeholders.
• Track who has access; remove access when no longer needed.

Vulnerable Populations

• Some groups have special privacy concerns or limited ability to consent (e.g., minors, elderly, incarcerated individuals, people with disabilities, LGBTQIA+).
• Consult a research/ethics expert and follow applicable laws and guidelines.

Caution

Never circulate raw recordings beyond the intended audience without fresh consent. When in doubt, share clipped, anonymized highlights tied to specific findings.

Privacy Tools

• De‑identification
  • Remove identifying info in notes and artifacts (use “Participant 1,” neutral pronouns, avoid unique descriptors).
• Non‑disclosure agreements (NDA)
  • When testing unreleased ideas, NDAs protect your team’s intellectual property. Obtain signatures before sessions begin.

Summary: Treat privacy and ethics as design requirements. Minimize data, store it securely, be inclusive and transparent, and share findings responsibly to protect participants and maintain trust.