Skip to main content

Experience Design

A conversation about privacy, security, and UX

Last week, I followed, nearly real time via Twitter, how Sean Power successfully recovered his stolen laptop. The full story is available, but here are a few excerpted tweets from @SeanPower on 13 May 2011:

If you’re getting up to speed:

Laptop with eye filling entire screen

Laptop on the lookout (Image by Truthout.org)


Laptop was taken 4 days ago, but I had to fly to Canada the following morning. Filled out an online report w/the result “sorry!”
I have preyproject.com installed on my computer. Today, I saw screenshots of the guy including him doing a bunch of stuff on my computer.
apparently there’s a tweetup at 24 Prince street now (oficina latina) where my laptop is (or maybe it’s “was” now).
Laptop found! woo. HUUUUGE thanks @nickreese
But yes, Internet – I’m about 800km away, and I got my stolen laptop back.
Holy ****. Please send TONS of karma to @girilinpurplesarong and to @nickreese. It’s all them.
(girl in purple sarong isn’t on Twitter)
For the record. How cool is this? I have never met or heard of @nickreese in my life. Karma points for this guy? **** yeah.
Thanks for being there with me, Twitter. Glad it was a happy ending for all involved.

The tools that facilitated this are relatively new: Open source Prey allowed Mr. Power to track the laptop and detect the person who had possession of the laptop. Twitter allowed him to reach out to people willing to help, two of whom tracked the person and the laptop to a public place. It allowed him to also keep in touch with one of those people in the tense time before the person who had the laptop surrendered it. Since reuniting with his laptop, Mr. Power has praised Dropbox for helping him recover his work:

Woo! thanks @dropbox. All my files are syncing now! Your tool saved my butt and days/weeks of headaches. <3

Open source, social networks, and the cloud all contributed to this happy ending. On this blog about innovation, I could probably stop this post right here. Mr. Power, however, rightfully noted that another conversation is needed:

There is a much more important conversation to be had here around privacy, rights, findability in a realtime digital age.

I look forward to reading more of that larger conversation when he continues it. His observation brought a lot of thoughts to mind in the meantime. First, since I read this real-life, real-time drama in the same week that the Obama administration proposed legislation to increase the cyber security and in the wake of the Sony’s PlayStation Network security breach, I could not help but also think that cyber security, not just privacy, should also be part of the discussion. Second, from my own perspective, what should UX bring to the discussion?

Mr. Power is technically savvy and an early adopter of newer technologies. I’ve read similar stories of how tech savvy people used security tools to protect and recover stolen laptops. However, research continues to show that the majority of people don’t even create secure passwords as a rule. If familiar authentication results in little true security while generating a poor user experience that perpetuates the problem (Dana Chisnell’s blog Authentical explores UX issues in authentication), how much more challenging is implementing more sophisticated cyber security tools for most people? How about learning what options exist in the first place? Do new products really provide innovative solutions if people cannot – or perhaps simply think they cannot – actually use them? Despite many new security options and resources available to the average user, most people could not have recovered their stolen laptop using software and other security measures. If they did manage to recover their laptops, few would have had the tools in place to recover their data.
Why is this still true? News stories about security breaches and the availability of many tools to protect privacy and security have done little to encourage people to protect their data and their profiles. Stories like Mr. Power’s indicate that the core problem is no longer primarily a technology issue. Many products and service increase privacy and security and offer data storage and backups (not a security concern, but related to data protection). New options are coming out all the time.
The bigger issue seems to be a human one that has at its root past unsuccessful user experiences. Good user experience has a role to play in changing the experience of privacy and security tools and ensuring that they are accessible (in the broadest sense) to all potential users. UX also can help change the perception that privacy and security are unobtainable, nearly mystic goals.
Having identified what roles UX needs to play in the discussion, I would love to be able to recommend how exactly it should do so. However, the answers can’t be easily answered in a single blog post. People and their perceptions of online security and privacy are complicated, which is why we need continued discussion of cyber security and privacy and how user experience can contribute to increasing both. When you participate in these conversations, consider the human issues as almost more significant at this point than the technical ones. I look forward to hearing your thoughts and expanding the conversation.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Karen Bachmann

More from this Author

Categories
Follow Us
TwitterLinkedinFacebookYoutubeInstagram