fbpx

Download free GDPR compliance checklist!

Tag Archives for " privacy by design "

Facebook is building more secure Instagram messaging app 

Facebook is launching Threads, a new camera-first messaging app from Instagram for keeping up with your close friends in a dedicated space.

Facebook claims it is built with privacy in mind, so that you can feel comfortable using the app to communicate with your close friends.

Read more: Privacy Matters: Threads | Facebook Newsroom

Design considerations for building privacy-protecting analytics services

If data is the new oil, then analytics are the new refinery without which any modern business is unable to make informed decisions.

However, data analytics and privacy are seldom assumed to go together. If media reports and regulatory actions are any indication, services and platforms that utilize or enable analytics have consistently been under scrutiny in terms of meeting reasonable privacy expectations.

Full article: Design considerations for building privacy-protecting analytics services

Romanian DPA fines UniCredit €130,000 for data protection by design failures

The National Supervisory Authority for Personal Data Processing (‘ANSPDCP’) announced, on 4 July 2019, that it had fined UniCredit Bank S.A. €130,000 for breach of Article 25(1) of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) relating to the principles of data protection by design and by default.

The ANSPDCP found that failure to implement appropriate technical and organisational measures designed to effectively implement data protection principles and integrate necessary safeguards in the processing of data led to the disclosure of data concerning 300,000 data subjects during the period of 25 May 2018 to 10 December 2018

Source: Romania: ANSPDCP fines UniCredit €130,000 for data protection by design failures

Données & Design: a platform to bring designers together on the topic of GDPR

Données & Design is a platform, created by French data protection authority CNIL, seeking to create spaces for collaboration and discussion for designers to build together user journeys respectful of privacy.

The platform aims at efficiently integrating those considerations in the daily work of designers in order to help them argue their choices and collaborate more effectively on data protection issues with privacy professionals and other members of a project team (DPO, product owner, projects manager…). The platform provides contents explaining and illustrating points of regulation on which designers can intervene.

Source: Données & Design: a platform to bring designers together on the topic of GDPR

Are users’ preferences about privacy relevant?

It is a well-documented fact that many users are willing to share information on social media and other platforms, also when it compromises their privacy.

People do not understand the risks nor the consequences of sharing information on the Internet. Design of privacy in human-computer interfaces therefore suffers from an inherent problem: We cannot base privacy-design on asking questions from users related to user-interfaces.

Full article: Are users’ preferences about privacy relevant? – UX Collective

Interface design: The who/what/where rule

Who/what/where is a simple mnemonic for user interface design. Every time that a user takes an action, there are three things that they need to know: who, what and where:

  • who they are — that is, the identity that they’re using;
  • what action they are taking;
  • where the relevant data is visible, especially to which people on what surfaces.

Read article: Interface design: The who/what/where rule

Privacy UX: Better Cookie Consent Experiences

With the advent of the EU General Data Protection Regulation (GDPR) in May 2018, the web has turned into a vast exhibition of consent pop-ups, notifications, toolbars, and modals.

While the intent of most cookie-related prompts is the same — to get a user’s consent to keep collecting and evaluating their behavior the same ol’ way they’ve been doing for years — implementations differ significantly, often making it ridiculously difficult or simply impossible for customers to opt out from tracking.

Full article: Privacy UX: Better Cookie Consent Experiences

Study shows programmers will take the easy way out and not implement proper password security

In an experiment that involved 43 programmers hired via the Freelancer.com platform, University of Bonn academics have discovered that developers tend to take the easy way out and write code that stores user passwords in an unsafe manner.

For their study, the German academics asked a group of Java programmers to write a user registration system for a fake social network. The results show that the level of understanding of what “secure passwords” mean differs greatly in the web development community.

Paying developers higher rates didn’t help considerably, researchers said. However, the research team found that giving programmers specific instructions to implement a secure password storage system did yield better results than not saying anything at all and then expecting developers to think of security by themselves.

Source: Study shows programmers will take the easy way out and not implement proper password security | ZDNet

Designing Welcome Mats to Invite User Privacy

The way we design user interfaces can have a profound impact on the privacy of a user’s data. It should be easy for users to make choices that protect their data privacy. But all too often, big tech

Full article: Designing Welcome Mats to Invite User Privacy | Electronic Frontier Foundation

1 2 3
>