User-centred consent at MozFest
Last Saturday, Harry, Sarah, Georgina and I ran a workshop at MozFest, bringing people together to think about new design patterns for consent in four challenging areas: consent in public space, children giving consent, giving collective consent and giving consent on someone else’s behalf.
Consent in public space
After a quick introduction, we split the room into four groups. Each took one of the areas we’d highlighted and started sketching new consent patterns.
I worked with the team looking at consent in public space (or, more accurately, private spaces where the public can move through). We discussed stories like Transport for London’s Wi-Fi data collection trial, how retailers are using location tracking to map how we move through shops and how friends ambient personal assistants (like Amazon Echo and Google Home) listen to us when we visit their homes. These examples illustrate that the ways we are tracked in public spaces are less visible.
We started by sketching some symbols that illustrate what data is being tracked in a space. We then started to think about a design pattern where a notification is pushed to your phone upon entering a space, where you can give or revoke permission for that data to be collected.
Why this is challenging
These sketches helped facilitate a conversation around how effective this design pattern could be. Two points stick in my mind.
First, the spaces we are tracked in host important services – like shops or transport. There’s a risk we could be forced to pay higher prices if we choose not to share our data. We’re starting to see this with driving tracking apps and insurance prices.
Secondly, while patterns like this are important in increasing people’s agency, it felt like it would be a quick fix to the wider issue of surveillance. Someone in the group called it a “constant game of cat and mouse”, where data tracking methods change and ways of designing consent would need to also change.
Growing an open resource
At the end of the session, the other teams shared what they’d come up with.
The group exploring collective consent looked at using grace periods when making payments in a shared flat, to reduce the effect of peer pressure.
To delegate consent to another person, the group exploring this challenge designed a set of screens that allow someone who’s ill to give responsibility for a bank account over to someone else.
Finally, the group looking at how children could give consent looked at how photos are shared on social media. They proposed a pattern where doing a particular gesture in a photo would show consent for that photo to be published.
We’ve documented the brilliant work everyone contributed at MozFest, and in the coming weeks we’ll be making some updates to the data permissions catalogue. The catalogue is an open resource, both in how you can use it and how new patterns are added to it.
Next stop, Berlin
Join us next Wednesday at Simply Secure’s Underexposed Salon in Berlin, where we’ll be co-hosting our bi-monthly Trust & Design Meetup.
Find out more and get tickets on the Trust & Design website. We hope you can make it.