Privacy
What
Designers potentially might work with many different categories of information, across a number of different contexts. You have an obligation to steward information in a way that respects privacy.
Why
Designers have an obligation to respect and protect privacy. People will not honestly participate in design processes, nor make use of products and services, they do not trust.
How to do it
- Familiarize yourself with the Fair Information Practice Principles, a set of precepts at the heart of the U.S. Privacy Act of 1974.
- Consult your organization’s privacy office, which may include your general counsel, if you plan to substantially make use of information that could potentially identify specific individuals.
- Inform and collect the voluntary consent of anyone who participates in moderated design research. Ensure that all unmoderated forms of research (for example, web analytics) are covered by an easy-to-access privacy policy.
- Pay special attention to all categories of information used throughout the design process. Note contexts in which it’s not okay to share certain categories of information.
Additional resources
Considerations for use in government
The government’s use of information about people is subject to a number of laws and policies, including: the Privacy Act of 1974, the Federal Information Security Management Act of 2002, and the eGovernment Act of 2002.
Conduct a Privacy Threshold Analysis in collaboration your agency’s privacy office whenever a design calls for the creation of a new data store (for example, a database).
Ensure all collections of personally identifiable information (PII) are accompanied by a Privacy Act Notice. See, for example, GSA’s Privacy Act Notice for Design Research.