Are users’ preferences about privacy relevant?
Design of user-interfaces with respect to privacy
It is a well-documented fact that many users are willing to share information on social media and other platforms, also when it compromises their privacy. There are variations across geographic areas and age groups, but overarching principle is that people feel comfortable in sharing information on the Internet, even when they would not feel comfortable with shouting it out on the street.
Many researchers have studied this question; how much information are people comfortable to share on the Internet? I think it is a relevant question in terms of understanding people. We should study peoples’ preferences to understand people. In this article, my question is however instead:
Is it reasonable to base user-interface design on user preferences when it comes to privacy?
On one hand, users are the best experts. Designers should follow user-preferences in the sense that users are the ones who suffer from bad design. The users are the ones who choose to buy the competitors product when design fails. By designing a product which the users want is good for business.
On the other hand, users do not understand design. If you ask a user, the answer is that she/he wants to have the cake and eat the cake, as well as an unicorn. In fact, users do not understand privacy either. People do not understand the risks nor the consequences of sharing information on the Internet.
Moreover, it is an unequal playing field. Companies can specialize in extracting information from users to target advertisement and criminals can specialize in fraud. An average user cannot be expected to be an expert in such matters. After all, an expert is someone who knows more than the average user by definition. Specialist therefore always have the upper hand in extracting private information and doing it in such a way that users remain unaware of the problem. The user always looses.
If we then go out and ask the users preferences; “how much are you willing to share on the internet?” What is the point of this question? The user does not know the risks nor the consequences of the threats to privacy. He therefore does not know how to answer the question. I bet that most users do not even realize how uninformed they are. Any answer that the user gives you is therefore essentially meaningless. It is an answer corresponding to his particular illusion of privacy.
Even if you would get an meaningful answer, it would reflect the users’ preferences today. But the Internet is still young, people are still learning their preferences, so the answers you get today are old tomorrow. It is a feedback loop; people learn and react from the previous generation of designs. Users become sensitive to the (privacy) problems of the previous generation. Questionnaire-based motivations for design are therefore aiming at a moving target, where the target is responding to the flying arrow.
Design of privacy in human-computer interfaces therefore suffers from an inherent problem: We cannot base privacy-design on asking questions from users related to user-interfaces.
I propose that we instead base our design of privacy on imitation of human-to-human interaction. It is a form of interaction with which we all (or most of us) can relate to. We whisper our secrets. It is intuitively obvious to us that some things must remain private when talking to our Mums. We reveal some things to our friends which we would not mention even to our partners. We have a highly refined system for keeping some things private depending on the context. We could then base human-computer-interaction on the same models of privacy as we apply in human-to-human interaction. If we can use an already known model for privacy in user-interfaces, then users do not need to educate users about privacy. They already know it.
Modelling the privacy in human-to-human interaction is naturally not an easy task. Our concept of privacy is a highly refined system, changing over time and with large variations across individuals. Yet my arguments above lead to the conclusion that this is the best approach.
Observe that I do not claim that we should not listen to the users. We should. We should always listen to the users. However my claim is that we should focus on the users’ relations with other people, and not so much on their relation with the Internet and social media. Focus on the users.