To design effective user-focused services, we need to use data. We need to understand how people are using the service, what works for them and what doesn’t. There can be no service without data.
But as designers, we have to focus on user needs. That means we need to address users’ data needs as well as their service needs. We must design good services based on good data that don’t infringe on people’s privacy. This means we have to look at questions like: what data is my service collecting? How and when is this data being used? Who has access to this data and who owns it? And how do we keep it secure?
As service designers working with data on a daily basis, Maria Izquierdo and Martin Jordan want to raise awareness of the value of data to services. And they also want to discuss fundamental questions around what happens to that data.
Maria is a designer interested in diversity, digital culture and the public. Martin helps create better public services in the UK and researches service innovation in Finland. Both Maria and Martin work as service designers at the UK’s Government Digital Service in London.
This edition of Service Design Drinks was hosted at HERE in Berlin-Mitte.
13. @sd_berlin
“A service is something that helps someone
to do something”
—Louise Downe Head of Design of the UK Government
14. @sd_berlin
“Service is the application of specialised
competences through deeds, processes and
performances for the benefit of another entity”
—Stephen L. Vargo Professor of Marketing, University of Hawai'i at Manoa
21. @sd_berlin
Personal data — Sensitive personal data
• name
• date of birth
• address
• telephone number
• physical or mental health conditions
• offences or alleged offences
• religious beliefs
• sexual life
32. @sd_berlin
“There is no such thing as a free service.
So who gets paid by whom before what?”
—Horace Dediu Industry analyst
33. @sd_berlin
From “You are the product”
to “You are the training data”
—Chris Albon Data Scientist
34. @sd_berlin
Source:
92%
do not understand how
personal information is used
57%
do not trust organisations to
use data responsibly
51%
say their data misused
16%
always read terms and
conditions
36. @sd_berlin
Target—is able to calculate a pregnancy
prediction score based on 25 products and send
coupons timed to very specific stages of someone’s
pregnancy, thereby, in one instance, knowing
about a teenage girl’s pregnancy before their
parents did
Ethical aspect
Source:
37. @sd_berlin
DriveNow—created precise movement profile of a
carsharing customer including route taken, speed
of vehicle, outdoor temperature and position of
mobile phone during booking; providing evidence
in manslaughter trial, but violating its own Ts&Cs
Privacy concerns
Source:
38. @sd_berlin
SmartTVs—recording spoken words including
personal or other sensitive information and
transmitting the captured data to a third party
through use of their Voice Recognition software;
constantly spying in people’s living rooms
Security risks
Source:
40. @sd_berlin
“We say we want privacy online, but our actions
say otherwise […] people who indicate serious
privacy concern nevertheless reveal intimate
details of their lives for trivial rewards”
—Leslie K. John Associate professor, Harvard Business School
Source:
43. @sd_berlin
“All information that can be collected will be
collected. […] Today, we have to assume that
many people know lots about us.”
—Andreas Weigend former Chief Scientist, Amazon
Source:
50. @sd_berlin
Ask:
What data is the service collecting? And why?
How and when is this data being used?
Who has access to this data and who owns it?
And how do we keep it secure?
53. @sd_berlin
BBC—“Our privacy promise covers how we treat
your data and put you in control of what happens
to it. It’s based around three main areas […]
transparency, choice, trust”
Embracing transparency and simple language
Source:
56. @sd_berlin
Co-op Paperfree—“We’re committing to a data
relationship that’s unambiguously clear and
transparent. We will always be clear and precise
with you, our members about what we are going to
do with your data. You will be in control of the
data we hold on you.”
Taking sensitive data seriously
Source:
58. @sd_berlin
Source:
Providing options and guaranteeing privacy
Clue—“You can use Clue without creating an
account and if you do you will not share your
data. If you wish to use Clue Connect, however,
you do need an account and once you create an
account your data will be hosted on Clue’s servers.
60. @sd_berlin
Source: Sarah Gold, Projects by IF /
1 Keep other services in mind
2 Collect minimum viable data
3 Be transparent
4 Get consent
5 Put users in control of their data
6 Separate the data
61. @sd_berlin
Source: Sarah Gold, Projects by IF /
1 Keep other services in mind
• Don’t lock users into your service
• Consider what value the data could create
when used in other services too
• Think about API usage
62. @sd_berlin
2 Collect minimum viable data
• Ask for the data you really need, not more
• Question what you really need to know
• Think about data breaches, hacks,
requests from regimes
63. @sd_berlin
3 Be transparent
• Explain to your users what data you keep
for what reason and who owns it
• State what data you collect, use and store
• Share this big data with the world
64. @sd_berlin
4 Get consent
• Use simple language so people
understand what they are agreeing to
• Don’t bury details in 60-page privacy
statement when you ask for consent
• Allow them to revoke consent
65. @sd_berlin
5 Put users in control of their data
• Give users a choice to share data or not
• Don’t force account creation
• Allow full deletion of account and data
66. @sd_berlin
6 Separate the data
• Decouple services and data
• Unlink personal and sensitive personal data
wherever possible
• Separate data on people from data on things
72. @sd_berlin
What data is being collected?
Why?
What does it enable in the service?
What are potential risks?
73. @sd_berlin
What data is being collected?
Location of user, every 3 minutes
Why?
To give user contextual recommendations
What does it enable in the service?
Understanding if user is new to area or not
What are potential risks?
Generating detailed movement profiles
78. @sd_berlin
Step up your game, designers, don’t only
design services that are easy to use but also
trustworthy, understandable, accountable*
*Inspiration: Richard Pope /
79. @sd_berlin
• Join discussions with your team members
• Apply Sarah’s principles for design for data
• Ask why, ask why again and then once more
• Design for worst case scenarios
• Consider data accumulation over time
• Tweak your tools, add data swim lanes etc.
83. @sd_berlin
Obfuscation: A User's Guide
for Privacy and Protest
Finn Brunton & Helen Nissenbaum
MIT Press
Data for the People:
How to Make Our Post-
Privacy Economy Work for You
Andreas Weigend
Basic Books
The Private Eye
Brian K Vaughan &
Marcos Martin
Image Comics