Smells like GDPR compliance spirit… a design-based approach to privacy and human rights

Raise your hand if you’ve ever been asked to give a website your data, and you can only say “OK”, “I Accept” — or close the window. Who knows exactly where your data goes after that? What are the inner workings of the systems that handle your data? This session will examine how web design has been influenced by the need to comply with recent GDPR legislation. To what end, you ask? We want to give users the upper hand when it comes to data protection — we want to empower them to exercise their rights as web users, and have the freedom to control their data. We’ll look at the legal and design elements of website building that your online business needs to know about, such as real-choice data request forms, and transparent explanations of what a user’s data is being used for. These will allow you to collect data without taking advantage of your users, and allow your users to better understand the systems and processes that handle their data. We’ll also take a trip to the dark side, and see some of the seedy (but all-too-common) data handling practices that people haven’t yet stood up to. Lastly, we’ll finish by looking at the inherent issues with data itself, what this means from a design point of view, and what tomorrow’s internet means for user confidentiality. At a time when users are constantly seeking clarity about the services they use (and how these services use their data) we’ll learn how businesses can take a bold — yet compliant — privacy-first approach in a shifting digital landscape. What if it were as easy as simply respecting people?