As we experiment with different formats, Brian presents our first MindSnack, a short monologue on a topic he finds interesting. This one is about privacy.
Rather than a limitation, Brian sees privacy as an opportunity to build a trusting, healthy relationship with our customers or audience. He outlines the GDPR’s three most important concepts and lays out an ethical framework for Privacy by Design, all in less than 10 minutes.
“A healthy relationship between ourselves and our customers relies on fair value exchange.”
Brian: Hey y’all, I’m Brian. Welcome to episode two of MindFolk: human creativity and mindful innovation, in a podcast. This episode is a MindSnack, basically an experimental format where I give a short monologue under 10 minutes about a topic I find interesting, and hopefully you find interesting too. This particular one is about privacy, especially privacy in design.
Most creative people think it’s a limitation, but personally, I see privacy as an opportunity to create healthy relationships with the people that we’re working for. It’s the English version of a talk I originally gave in Dutch. And it’s really just five minutes long. So enjoy!
Hey y’all, I’d like to speak with you today about privacy and convenience, specifically the tradeoffs between the two.
I’m going to discuss two frameworks and six heuristics that we can use to evaluate privacy by design. And I’d like to also say that this is a modified PechaKucha style presentation. So I have five minutes for the whole thing and 30 seconds for each slide. Ready? Here we go.
So when I think about privacy and convenience, I’d see them on a continuum with one side with full privacy and the other side is full convenience.
Obviously every decision that we make, especially in design or creating something for other people will land somewhere along this continuum. But where are the limits? Where are the good places to be and where do we not necessarily want to be? Well, there are different frameworks that try to answer this question, legal and ethical frameworks.
I’m going to discuss both because actually both of them are kind of incomplete. So I’ll start with the legal framework. And my reference for this is the EU GDPR: General Data Protection Regulation. Now this outlines three interesting concepts here: purpose limitation, data minimization, and sensitive data.
What these mean is that 1. You should only collect data for legitimate purposes. 2. You should only collect the data that you need for those legitimate purposes. 3. And that not all data are equal. Some data are more sensitive because they can be more readily and more dangerously abused.
Now, this is incomplete in the sense that legitimate purposes and necessary data collection aren’t strictly defined in the legal framework.
So that’s why I like to turn to a more ethical framework. And when I talk about this, I’m talking about the overarching objective for all of us, whenever we create something or try to sell a product or service to other people. And our objective there is actually to create healthy relationship.
And a healthy relationship between ourselves and our customers, or audience, relies on a fair value exchange. Now, what I mean by this is basically that we create something for someone else who improves their life in a meaningful way. And they give us something back, something that helps us to continue creating that value over time. Usually this is money, but it could be anything else that we need to keep moving.
Now what makes a value exchange fair as opposed to one that’s not fair for me, there are three different things or characteristics that make value exchanges fair. A fair value exchange is balanced, consensual, and informed.
It’s balanced in the sense that the costs or risks do not outweigh the benefits for anyone involved in this value exchange. It’s consensual on the there’s no pressure or coercion to participate and it’s informed and that everyone involved understands the risks, the costs and benefits involved in this, in the value exchange itself.
So that’s quite theoretical, but let’s take it to a practical example. Everyone’s familiar with eCommerce websites, where you order a package and they deliver that package or product to your home.
So it makes sense, that they ask for my address because they need to deliver the package somewhere. But a lot of these services also ask for a date of birth. Now they want this to send emails on our birthday kind of spammy marketing stuff. But the risk there is actually data fraud and identity theft. And what I mean by that is anyone who has your name, address, and date of birth can actually open credit cards for you in your name.
They can open a bank account in your name, they can make payments from your bank account. They could even rent a house and start a weed farm in there. Actually Melanie… 18 years old, is a victim of this. She actually got her data hacked and her identity stolen on Marktplaats or the Dutch version of eBay.
Now, if we think about the value of the exchange here, we see that it’s not… if I have to risk getting my identity stolen, it’s not worth getting those spammy marketing emails every year on my birthday. So this for me is an example of how not to be, um, balanced, consensual and informed.
In any case, our goal is to create healthy relationships.
And in order to do that, we need to make sure that our value exchange is balanced, consensual and informed, and that we understand purpose limitation, data minimization, and treat sensitive data with more care.
So my name is Brian Pagán, and I believe that we creators, designers, engineers are the ones who are building the world around us.
So if we want to have a more ethical and more equitable and a more compassionate world, it’s up to us to build it. So my mission is to help us do that.
One tool I created is called the Ethical Design Checklist and you can download it at http://d3e.co/ethicalchecklist. It’s available for free, so feel free to check it out.
Thanks very much. Thanks for listening. Let me know what this MindSnack actually triggered in you. Hit me up on our website: https://mindfolkpod.com or via Twitter or Instagram as @mindfolkpod. Let’s talk.