Data is a currency. Before May 2018, users — who provide or create this data in the first place — were secondary to this economy. The Data Protection Act gave the public recourse, but very little transparency, and there was little understanding of the value of the data they were giving away daily.
GDPR has put power in the hands of the users, and many companies have yet to understand that they need to explain exactly what their users are getting, at what costs, and why they should trust them, before they hand over their valuable data.
Being a user advocate, I couldn’t be more thrilled about GDPR; it reinforced the focus on users’ rights and, anecdotally companies have taken a more engaged approach to compliance than with previous legislative endeavors.
By doing so, GDPR has emphasised the value of data and the crucial role of users.
When you know the value of something, you can make more informed decisions. You have the tools to assess how much of your data will be used to your own benefit versus the company’s, and this helps you decide whether or not you want to share personal data and whether you think it’s worth it.
The value of a purchase
Every e-commerce website has understood that the purchase funnel plays a major role in conversion. If you break down the steps, you’ll notice that they all follow the same structure. They address fundamental questions users may have about their purchase:
- The thing: what it is that I’m buying?
- The context: where, when, how, under which conditions will I get my purchase?
- The value: how much does it cost versus what this — item and delivery and conditions — is?
- The explicit consent: submit to confirm and agree to legal terms.
All these steps are there to reassure, empower and guide users towards the finalisation of the transaction.
Online vendors have understood that transaction — the exchange of values between two entities — and trust go hand in hand. Information and transparency ultimately contribute to the user’s perception of the value of the transaction, the same way as the financial cost and the actual purchased item do.
Data as a currency
Even though no money exchange is made, services behind sign up or any data exchange aren’t free. Not really. And this is going to be more and more obvious to users as they understand how precious their data is, for instance in data marketing.
Therefore, in order to make successful data transactions, it seems fair to treat them with the same care as any money transaction: create a trustworthy relationship, provide users with information, transparency, control and, last but not least, consider the value of what you’re offering versus what you’re asking for.
Designing an efficient data transaction experience
The thing: Don’t underestimate the carrot
I can’t stress this enough: it is fundamental that products provide a real service in exchange for access to customer data. And by real service I mean meaningful reward according to users perception of both meaningful, and reward.
A designer’s first job is then to find out what’s considered meaningful for the audience, and sometimes it’s not what you think it is. In other words, your carrot may as well be a parsnip.
Find out what — from the audience’s point of view — is worth sharing their personal details.
Why doesn't @BBC iPlayer have a 'Resume from where you fell asleep' option?— Tubeway - #Revoke Article 50 (@tubeway) October 28, 2018
The value: Is it worth it?
If you don’t really need it, don’t ask for it.
Keep it quick and simple. This will improve the fluidity of your flow which eventually will have an impact on conversion. It’s also going to affect how your users perceive your brand and the value of your service. Ask yourself: would I lose a customer over that piece of data?
Considering your user’s privacy shows respect and eventually is going to affect how much your users trust you.
The context: Be trustworthy
Trust is earned through having ethical principles and applying them with consistency. It takes time and it’s not forgiving.
Remember the Cambridge Analytica case that showed the world how data can be used to manipulate crowds?
Fraud and data leaks are still the two biggest fears when it comes to online transactions. Users now even more than before feel the need to be able to trust websites and apps that collect their personal data. And when those users are children it takes the requirement for trust to a whole different level.
The GDPR ‘right to be informed’ states that users should be made aware of what personal data is being collected, and how it’s being processed. At SuperAwesome, part of our kidtech mission is to provide the tools to parents to help them make informed choices about their kid’s personal data. Using a privacy notices framework helps us inform users at the right time, in the right context, and prevents them from leaving the flow looking for additional information. It keeps them focused and reassures them without overwhelming them with information.
The explicit consent: Give control
This is now also a GDPR requirement. Many websites still play a dangerous game of trying to hide controls behind many layers of complexity. This encourages users who just want to quickly access content to click through unthinkingly without digesting the specifics behind which third party cookies and tracking pixels are in use on this site.
So don’t just give control – design for it.
The user experience of how you handle data transactions will have an impact on conversion, but also on how your users will perceive your brand. This will impact your reputation and, to a certain extent, will impact your success. A bad reputation is damaging. Unhappy users can boycott your brand, speak badly of it on social networks or even just contact customer service — because they’re stuck and need guidance — which is time-consuming and can eventually become very costly.
At SuperAwesome, our mission is to make the internet safer for kids. To enable this, the company continuously challenges the limits of technology and creates products that allow kids to have access to online services whilst being respectful of their privacy.
Kids Web Services is an identity management platform optimised for kids under the age of digital consent. Our products are built using principles of privacy and data protection. Whilst our customers demonstrate their expertise in terms of creating compelling content for kids, Kids Web Services (KWS) makes sure kids will be able to access it in a secure and compliant manner.
Protecting kids data and talking to parents about their children online privacy is challenging but critical to kidtech, and this is part of our expertise.
I personally have high hopes that GDPR and GDPR-K (those elements of GDPR specifically addressing children) can elevate the position of the user in this new data economy and force quality and ethics to the top of any business’s priority list (but hey, my second job is as a yoga teacher so I tend to see the good in people).