A plethora of everyday objects powered by internet connectivity are rapidly becoming a larger part of society as each day goes by (Forbes Technology Council, 2016). With this emergence of the next generation of internet-connected devices, terms like artificial intelligence (AI), augmented reality (AR), as well as wearables, have once again risen to the surface, and are no longer merely associated with the imaginary world of science fiction – they’re good business (Eyal, 2016).
In late 2009 and 2010, Facebook made the decision to make a large portion of users’ profile information available to the public by default, causing a huge backlash, as well as bringing the topic of online privacy and security to the foreground (Rogers, Sharp, & Preece, 2012). According to Fjord (2016), privacy and security concerns are now so considerable, that one half of American internet users are no longer performing basic tasks like posting on social networks and purchasing online.
Now that the general public has become more aware, what does the advent of these emerging technologies and trends have on considerations like privacy and security? As well as this, what is the potential impact that these areas could have on user experience (UX) design, business, and engineering processes in the coming years? This blog post aims to explore some of these concerns in detail.
AR and the Internet of Things (IoT)
The proliferation of internet-connected devices into everyday activities and contexts (Morville, Arango, & Rosenfeld, 2015) has the number of IoT devices, such as internet-connected refrigerators, personal trainer substitutes, and smart mirrors (Kim, 2016), projected to be at 24 billion by 2020 (Meola, 2016), meaning that it’s anticipated by then that there will at least two to three IoT devices for every person on the planet (Jensen, 2017).
With all of the conveniences that IoT brings, it can be argued that it’s somewhat excessive, unnecessary (Case, 2016), and even dangerous, with a variety of news headlines that have illustrated these opinions – Most alarmingly that internet-connected and self-driving motor vehicles are still prone to life-threatening security vulnerabilities (Muoio, 2016), along with the more recent Distributed Denial of Service (DDoS) attack using IoT devices like baby monitors and printers which resulted in outages for more than 1,200 websites including Airbnb, Amazon, and Twitter, among many other frequently-accessed areas of the internet (O’Dwyer, 2016).
As a result of these incidents, it’s predicted that IoT manufacturers and service providers will plan on taking IoT privacy and security more seriously in the coming year (see Figure 1 below), as no company wants to make news headlines for a security vulnerability that leads to a serious data breach (Margaris, 2016).
This culture of privacy and security hysteria and paranoia can leave a long-lasting negative imprint on software companies – Niantic, Inc., the company behind Pokémon Go (see Figure 2), found themselves under fire after a poor permissions implementation sparked rumours that the application granted the company full access to end users’ Google accounts (Olivarez-Giles, 2016), despite these claims being completely unfounded (Blue, 2016).
Privacy and Security by Design
It’s incidents such as the above that have scared vendors into taking both privacy and security more seriously, instead of it once merely being an afterthought (Muoio, 2016). This has ultimately lead to an increased focus on the already well-established concepts of privacy and security by design (Gaillard, 2016) – Companies such as Apple both understand and tap into the growing consumer concerns about privacy as well as this newfound awareness of corporate and government surveillance, and incorporate these principles into their design process by discovering how their products are used by their end users while still protecting individual privacy (Forbes Technology Council, 2016).
It’s starting to become clear that design work is no longer just incidental and can have a huge impact on both people’s lives and greater transformations in society (uxdesign.cc, 2016). With this in mind, Buckley (2016) states that:
Engendering the feeling of trust in a product is among the chief roles of any good UX designer
These concepts are especially crucial when applicable to the world of AI and chatbots, where companies like Babylon Health have developed a triage solution to answer any patient questions before speaking with a doctor – In order to grow the acceptance and infrastructure of their AI services, companies may require access to confidential user information, making it vital that the user has trust and confidence that their personal data is in safe hands (Fjord, 2016).
In order to take a privacy and security by design approach, it’s important to clearly gather, understand, and prioritise as many privacy and security requirements that are viable, as soon as possible (Cordell, 2015) – Incorporating it into the design process early opens up the possibility of the requirements changing as knowledge of the problem area increases and the solution is envisioned, and as nothing has been implemented, it is far cheaper and easier to devise and evaluate solutions (Gothelf & Seiden, 2013).
In the case of IBM’s security division, it had been found that radical collaboration could assist in bringing together interdisciplinary designers with subject matter experts from different backgrounds and expertise, to solve some of the most complex and pressing security threats today (Segran, 2015).
According to Chris Young of Intel Security, the key to effectively designing for such complex and data-intensive realms like privacy and security is to simplify it, while still empowering end users with the ability to make intelligent decisions (Segran, 2015) – Current techniques like CAPTCHAs, passwords, and security questions all leave a lot to be desired (Lazar, Feng, & Hochheiser, 2009), so the expertise of UX designers can be leveraged to catapult traditionally clunky enterprise software to the same standards as UX as consumer-grade applications like Uber (see Figure 4 below), who have managed to keep the original simplicity and speed of their product despite it becoming more complex over time (Hilhorst, 2016).
With the convergence of AI, AR, IoT, and the threats that come with them, many organisations are now beginning to realise that privacy and security of their end user’s personal information is something that has to be taken seriously (Gaillard, 2016). As turn of events has now lead to internet-users becoming extra conscious of their privacy and security online, involving these areas from the very beginning of the design process and treating it with the same care as other UX considerations can ensure that customers will remain at ease and continue to use products confidently.
References
babylon. (2017). Online Doctor Consultations & Advice – babylon. Retrieved January 4, 2017, from https://www.babylonhealth.com/
Blue, V. (2016, July 7). Don’t believe the ‘Pokémon Go’ privacy hype. Retrieved December 26, 2016, from https://www.engadget.com/2016/07/15/dont-believe-the-pokemon-go-privacy-hype
Buckley, C. (2016, April 27). The Future is Near: 13 Design Predictions for 2017. Retrieved September 26, 2016, from https://uxmag.com/articles/the-future-is-near-13-design-predictions-for-2017
Case, A. (2016, December). Calm Technology and Wearable Computing. Retrieved December 19, 2016, from https://www.ux-lx.com/videos.html?mc_cid=e64ee54101
Cordell, N. (2015, October 1). Taking a ‘Secure by Design’ approach to technology solutions is key to unlocking value. Retrieved December 26, 2016, from http://corixpartners.com/taking-a-secure-by-design-approach-to-technology-solutions-is-key-to-unlocking-value-blog/
Eyal, N. (2016, April 6). Humans, AI and the User Interface of the Future. Retrieved September 26, 2016, from https://uxmag.com/articles/humans-ai-and-the-user-interface-of-the-future
Fjord. (2016, December 13). Fjord Trends 2017. Retrieved December 19, 2016, from http://www.slideshare.net/fjordnet/fjord-trends-2017-70096252
Forbes Technology Council. (2016, September 1). What Everyone Should Know About The Internet Of Things. Retrieved December 26, 2016, from http://www.forbes.com/sites/forbestechcouncil/2016/09/01/what-everyone-should-know-about-the-internet-of-things/#33a7e2fe4faa
Gaillard, J.C. (2016, October 31). Security & Privacy by Design. Retrieved December 26, 2016, from https://medium.com/@Corix_JC/security-privacy-by-design-3524929830db#.ramw3jmgs
Gothelf, J., & Seiden, J. (2013). Lean UX: Applying Lean Principles to Improve User Experience (First ed.). O’Reilly Media.
Hilhorst, D. (2016, November 16). Designing the new Uber App. Retrieved December 19, 2016, from https://medium.com/uber-design/designing-the-new-uber-app-16afcc1d3c2e#.93xoxigpq
Jensen, H. (2017, January 3). IoT Predictions for 2017. Retrieved January 3, 2017 from https://www.sitepoint.com/iot-predictions-for-2017/
Kim, G. (2016, November 17). This man created a smart mirror that’s like a giant iPhone. Retrieved December 19, 2016, from http://uk.businessinsider.com/designer-creates-smart-mirror-like-giant-apple-iphone-2016-11
Lazar, J., Feng, J.H., & Hochheiser, H. (2009). Research Methods in Human-computer Interaction (First ed.). Wiley Publishing.
Margaris, P. (2016, December 14). 2017 Cybersecurity Predictions: Service Providers Confront IoT Security. Retrieved January 3, 2017, from http://researchcenter.paloaltonetworks.com/2016/12/2017-cybersecurity-predictions-service-providers-confront-iot-security
Meola, A. (2016, December 19). How the Internet of Things will affect security & privacy. Retrieved December 26, 2016, from http://uk.businessinsider.com/internet-of-things-security-privacy-2016-8?r=US&IR=T
Morville, P., Arango, J., & Rosenfeld, L. (2015). Information Architecture For the Web and Beyond (4th ed.). O’Reilly Media.
Muoio, D. (2016, December 15). Self-driving cars are prone to hacks – and automakers are barely talking about it. Retrieved January 3, 2017, from http://uk.businessinsider.com/driverless-cars-hacking-ricks-2016-12
O’Dwyer, R. (2016, December 21). Data politics and the internet of things. Retrieved December 26, 2016, from https://www.siliconrepublic.com/enterprise/internet-of-things-ethics-security
Olivarez-Giles, N. (2016, July 13). ‘Pokémon Go’ Creator Closes Privacy Hole But Still Collects User Data. Retrieved December 26, 2016, from http://www.wsj.com/articles/pokemon-go-creator-closes-privacy-hole-but-still-collects-user-data-1468363704
Rogers, Y., Sharp, H., & Preece, J. (2012). Interaction Design: Beyond Human-Computer Interaction (3rd ed.). John Wiley & Sons.
Segran, E. (2015, July 31). How A Design Team Co-Opted Hacker Tactics To Fight Cybercrime. Retrieved January 4, 2017, from https://www.fastcompany.com/3049134/tech-forecast/how-a-design-team-co-opted-hacker-tactics-to-fight-cybercrime
uxdesign.cc (2016, December 4). The State of UX in 2017. Retrieved December 6, 2016, from https://uxdesign.cc/ux-trends-2017-46a63399e3d2#.y9d4zd3cg
simonjfinney 
HP recently reported that around 70% of common IoT devices have serious security vulnerabilities, which relates to networking. This seems to be removed from the space in which UX designers could have a real impact. However, creating a service or product, which users perceive as trustworthy, is within the grasp of UX designers. Privacy of users and how their data is being treated is related to ethics in UX design.
LikeLiked by 2 people
It’s true and I agree that security vulnerabilities are related to either networking or oversights in the implementation of a product itself – However, I don’t believe it should be removed as designers have the ability to build and even restore credibility or trust in a product, and as it’s impossible to build 100% bullet-proof secure software, designers must prepare for this and ensure that users are comfortable every step of the way.
LikeLiked by 1 person
I agree with you that security issues in IoT devices are more related to developers than designers. Companies are now seeing the risks these devices pose and they are investing time and effort to fix and make them more resilient to attacks but I think that all the work is done at the software level. Should the design anticipate that? not so sure if that is possible. Here is a nice impacting article: http://www.cnbc.com/2016/03/04/how-the-internet-of-things-could-be-fatal.html . It talks about connected medical devices and their security vulnerabilities.
LikeLiked by 1 person
@itziarlh In the case of the Dyn DDoS attacks last year, it was discovered that the infected devices were those that had factory administrative passwords still set on them – This to me very much seems to be an issue that can fall within the realm of design.
LikeLike
Really interesting post. AR and the Internet of Things (IoT) are subjects that really interest me. Privacy by Design is such an important and relevant topic. User Experience designers have a responsibility to always consider privacy to ensure users’ interests are served and to look beyond a product’s features.
LikeLiked by 1 person
Thanks! I’m very interested in the area, despite it being quite hardware-focused, and I think there’s a lot of areas for design to get involved in like customer experience or service design
LikeLiked by 1 person
Also you might find this interesting – this augmented reality supermarket was designed by an MIT Professor: https://futurism.com/videos/this-supermarket-was-designed-by-an-mit-professor/
LikeLiked by 1 person