You are here

Web Design, Contributed

Three Ways to Incorporate Privacy Into Your Designs

October 01, 2019

Businesses need to incorporate a privacy policy in their website design, which will satisfy clients and protect their data.

With every Photoshop license comes great responsibility to use your design skills for good. In this case, “good” means the use of design to promote the right to privacy by incorporating privacy by design principles into your work. As a data privacy attorney and a Certified Information Privacy Professional, I’ll discuss the following: 

  • What is privacy by design and its fundamentals?
  • Why designers should care about privacy by design
  • Incorporating privacy by design into contact forms, the display of the privacy policy, and data minimization
  • Additional helpful resources for designers who want to learn more. 

What Is Privacy by Design, and Why Should Designers Care?

Privacy by design is the idea that the privacy of users must be taken into account throughout the entire systems engineering process. 

The core principles of privacy by design include taking measures proactively, defaulting to privacy and embedding it in the design, and ensuring transparency with users.

While the above concepts have been criticized for being confusing, they are an excellent place to start the conversation on how to incorporate privacy by design into your work. I will share three tips later in this article that will allow you to quickly get started with privacy by design. 

Designers have the ability to inform the public exactly what data is collected, and it’s the right thing to do. Also, it’s the law in many places, including the EU’s GDPR. The truth is that these concepts are becoming more and more important over time and, as your industry changes toward a more privacy-conscious future, so should you.

Incorporating Privacy by Design Into Your Work

So how can you incorporate the respect for users’ privacy and experience into your design work? If you want to try out a few elements without diving head first into the very deep pool that is privacy by design, here are three great ways to start.

1. Minimize Data Collection on Your Site

The website should be collecting only the data that is actually needed. For example, you are building out a contact form and your client asks you to include the following fields: name, phone number, email, physical address, and social security number.

At this point, you should ask your clients why they want to collect this information and whether they really need it. If they are asking for social security numbers on the website “just to have them,” that is not congruent with privacy by design, and that data point should not be collected. A few good things to keep in mind:

  • Only collect personal data for specified purposes
  • Collect a sufficient amount of data
  • Periodically review and deleted unneeded data

Below is a great checklist from the Information Commissioner’s Office that will aid you in data minimization: 

Checklist

Businesses should be upfront about the data they collect and the reasons for it.

2. Design Contact Forms to Capture Consent

When personal information (e.g., name, phone number) is collected via a website, it is vital that you can show that the user consented to giving that information. Contact forms need to be compliant because they’re one of the most common ways to collect information.

Below are two examples: one form from SuperOffice CRM that is GDPR compliant and another form that is not. Pay particular attention to the checkbox.

contact form

Note also in the picture that the checkbox should not be pre-checked, as then it would be impossible to determine whether the user actually took an action to consent to the collection of data. Also note that the user should be required to check the box to be able to submit the form. 

3. Display the Privacy Policy Properly

Although we all know that a Privacy Policy is required for most websites that have a contact form, it is up to you as the designer to make sure that it is properly displayed. Make sure that the link to the privacy policy is: 

  • A visibly different color from the surrounding text.
  • A different font from the surrounding text. 
  • A larger font size from the surrounding text. 

Here is some additional information on displaying a privacy policy. These three tips will hopefully help you get your feet wet with privacy by design and will work as a jumping-off point for learning more about these concepts and the rules. 

Other Resources to Get Your Privacy by Design Process Started

Finding trustworthy information about a topic as complex and discussed as privacy by design can be difficult, but here are some great resources to read up on: 

It is crucial that you, as a web designer, incorporate privacy into your work. It’s the right thing to do and will satisfy your clients and will help consumers protect their data from abuses. It is an all-around win. You can and should start now by implementing the three tips discussed earlier on data minimization, consent capturing and proper display of the privacy policy.