Profile picture of Lillian Xiao

5 min read

Protecting user privacy through design

Designers can help ensure that the users’ information and data they’re entrusted with are handled with care. Here’s how.

A 3D illustration of a plastic bag with a card that reads “Accept Cookies” and an image of a large cookie, plus a nutrition facts label

Illustrations by {name}

Stay informed on all things design.

Thanks for submitting!

Shaping Design is created on Editor X, the advanced web design platform for professionals. Create your next project on Editor X. 

Privacy is a more important issue than ever for designers. With recent regulations on data protection and privacy — such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) with its recent expansion via the California Privacy Rights Act (CPRA) — there’s a growing need for digital products that respect users’ data.

For designers, this means creating work that empowers people to make more informed decisions about their privacy, and giving them easier, more accessible ways to control their data. Let’s look at some of the key legislative requirements and explore how designers can advocate for better protection of their users’ data, activity and personal information.

1. Designing for transparency in data collection

Data minimization is one of the major requirements set forth by the GDPR and CCPA. It includes explaining why you’re collecting certain data, and asking for no more than is necessary for that purpose.

For designers, there’s opportunity here for creating forms that clearly explain why you’re collecting certain information. Generally, the more sensitive or private the information is, the more effort should be put into explaining why it’s needed. These explanations can include why you need the data, its benefit to the user, and the security measures that will be taken to handle the data.

Here’s a great example from Mailchimp. During the onboarding process, they clearly explain why, according to international laws, they need a physical address when setting up your account.

A screenshot of an onboarding online form on the Mailchimp website

Here’s another great example from Dropbox. This part of the sign-up flow asks for a preferred email if a user has signed up using Apple’s “Hide My Email” feature (which creates a randomly-generated email). The prompt explains the benefits of using an email address that your collaborators can recognize.

A screenshot of the Dropbox sign-up on mobile

Designing or redesigning products with user privacy in mind allows you to question existing UX practices, and to explore whether there are better alternatives for getting the same information. For example, if you need to ask for someone’s age, having them provide their date of birth would be considered asking for more information than you need. Not only are people more likely to provide false information when asked for data that seems too personal, it could also be unnecessarily risky if the data is not securely stored and protected.

Customizing forms on Editor X

In order to foster transparency in your data collection process, create descriptive input fields and forms on your Editor X site. You can fully customize your forms in order to make their content easy to understand and trust.

2. Receiving clear consent to automated data tracking

Another method for sites to collect data on users is through the use of cookies. Cookies are tracking scripts that record our site visits and activity. Under the GDPR, users have to provide active consent, such as opting in, to being tracked by most cookies.

For designers, empowering users to opt in (or stay opted out) to cookie tracking and allowing them to revoke access at any time is crucial. Users’ consent should be given as a conscious choice, rather than as something that they may not be aware of (such as with pre-checked boxes), and it should be just as easily withdrawn if users change their minds at any time. Designers should also provide information about the types of cookies used by the site, so that users can make informed decisions about their preferences.

A great example can be found on Slack’s site. The cookie consent form clearly explains each category of cookies (strictly necessary, functional, performance, and targeting), and allows users to opt in or out using a toggle switch.

A screenshot of a cookie consent form popup on the Slack website

The CCPA doesn’t require users to consent to cookie tracking, but it does ask that sites include a link labeled: “Do Not Sell Or Share My Personal Information.” Despite the laws around this, users are struggling to opt out of the sale of their personal information, from not being able to find the link to not receiving confirmation that the opt out was honored, at times through the use of deceiving dark patterns.

There are opportunities to design a more straightforward experience around cookie tracking. Some groups want to bypass individual opt-outs completely by creating a Global Privacy Control. This initiative, which would be built either into a browser or as a browser extension, would notify sites on behalf of users as to whether or not they want their personal information to be sold or shared.

Obtaining cookie consent on Editor X

If you’re creating a website on Editor X, you can create a cookie consent banner and fully customize it in accordance with your privacy policy and design needs. Once the cookie banner is activated, your site will only load essential cookies and scripts at first, while other types of cookies and scripts will require consent from your visitor.

3. Creating user-friendly and accessible privacy policies

Privacy policies inform users about what a company plans to do with their information. Both the GDPR and CCPA require that sites provide a privacy policy with clear and accessible information.

Privacy policies should encourage people to read them, so that they’re informed about how their data is being used. This means avoiding long pages of text that use complex legal terminology and small lettering, which users usually give up on trying to understand. Many sites stick to clear and straightforward language, with clearly-labeled sections that are easy to scan. Some privacy policies also give contextual examples related to how they collect data across their site.

The New York Times’ privacy policy is inviting and easy to understand. You can easily navigate between sections using the sidebar, and learn about their data practices with examples taken from their different digital platforms.

A screenshot of The New York Times’ privacy policy

Broken up into bite-sized sections and accompanied by illustrations and icons, Google’s privacy policy even includes explainer videos that help present the content in different ways.

A screenshot of Google’s privacy policy

Adding a privacy policy on your Editor X site

You can create a privacy policy on your Editor X website. Follow these guidelines for important points to focus on and clarify to your readers.

4. Giving users full control of their data

Under both the GDPR and CCPA, users have the right to access their personal data, receive it in a readable format, and request that it be deleted.

This allows designers to create user-friendly experiences that give users full control of their data — including being able to browse, change, and delete any of the data that a site holds. Many tech companies, including Apple, Amazon, Facebook, Google, and Twitter, offer automated systems where people can download a copy of their personal data.

Twitter allows users to download a copy of their personal data

It’s important that once users download this data, that they’re able to understand what exactly a company has collected about them. This means designing the information to be accessible and intelligible.

And finally, part of having full control over your data is being able to delete it entirely. There are opportunities here to reassure users that their data is in fact deleted after they close their account.

Navigating your customer’s data on Editor X

Editor X allows you to provide site visitors with a file of their data, or to delete their data from your database entirely. This data includes the users’ contact details, activities, orders, invoices and more. You can find more information on these actions here.

Final thoughts