Becca Ricks, Research Associate, Mozilla Foundation
Designing for meaningful consent in app permissions
A proof of concept that demonstrates how design can inform how consent to data collection is given during the onboarding process and how consent can be revoked
The public has become increasingly concerned about how personal data is being used and shared by digital platforms. High-profile news stories in 2018 have galvanized public support not only for stronger privacy laws, but also a greater commitment from app developers to scaffold privacy values and meaningful consent into the design of the app itself. The GDPR states that consent to the processing of personal data should be “freely given, specific, informed and unambiguous.”
Smartphone apps do not often provide enough information to for users to make informed, meaningful choices about what data they would like to share with the app. App developers aren’t incentivized to introduce more friction into the user experience, which means that information about privacy is often glossed over quickly in the onboarding process or permissions dialog. Further, once a user has consented to the use of their data there isn’t often a clear way for them to review and revoke that consent.
Users must be given specific, clear information about how their data will be used by the app during the onboarding process. I propose a user experience flow in which users have an opportunity to review each request for data, that states in clear language: (1) what data the app needs; (2) how the data will be used; and (3) how the data will be shared. Each page also reminds users that they can always change their minds later and revoke their consent.
Users should always be able to change their minds about what data they want to share with an app. One idea that has been proposed by lawmakers is “consent receipts”, a formal record of authority that is created and sent to a Data Controller. Taking my cue from this idea, I suggest that app developers & designers consider integrating a ‘permissions’ tab into the navigation of the app that allows users to easily review what data the app currently has access to, a history of when the user consented to the use of that data, and buttons to easily revoke that consent.
WHO IS THIS FOR?
User who is prone to agreeing to just-in-time disclosures quickly that they would later like to understand and review.
User who might be less inclined to worry about privacy but would benefit from the opportunity to learn more about how a company approaches data processing.
Hilary is a woman who enjoys attending concerts with her friends and discovering new music. She reads up on the news and is aware that digital platforms collect a lot of data from their users but she still continues to use them. She is concerned about how their personal data is collected but might feel helpless in the face of an opaque data sharing ecosystem.
Hilary downloads a new music-discovery app EventApp that provides her detailed information upfront about what data it collects, how that data is used and shared, and how she can view her consent history. One by one, she agrees to the use of each piece of data. A week after using the app, she decides that she doesn’t really use the social feature of the app so she opens her “permissions” tab and clicks “revoke consent” next to the request for her phone’s contact list.
“Consent,” Feminist Principles of the Internet, https://feministinternet.org/en/principle/consent
“Consent Receipt Specification,” Kantara Initiative, https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification
“EnCoRe: Ensuring Consent and Revocation,” http://www.hpl.hp.com/breweb/encoreproject/
“Forgetting as a feature, not a bug: the duality of memory and implications for ubiquitous computing,”