Smashing Magazine - #391: Privacy and Security

Deceptive patterns, privacy UX, website tracking flowcharts, authentication UX and behavioral insights. Issue #391 Feb 7, 2023 View in the browser

Smashing Newsletter

He lā maikaʻi Smashing Friends,

The web is not a particularly friendly place. We all have seen plenty of annoying pop-ups, distracting notifications and mysteriously confusing cookie consent prompts. But while some of these things are just annoying, others are invasive — gathering our data, tracking our behavior and even reselling our data to the highest bidder.

In this newsletter, we look at privacy, security, authentication, legal tracking flowcharts and general deceptive patterns and privacy patterns. You can find plenty more insights in Heather’s wonderful Smashing Book on Understanding Privacy (Print + eBook), and also in a series of video chapters in our video course on UX and design patterns.

In the Smashing news, we also have new free online events coming up soon:

Smashing Meets Figma

We’d absolutely love to see you there — and please do share with the world if you’ll attend, of course! In the meantime, let’s see how we can boost privacy and security in our products!

Vitaly (@vitalyf)


1. Fighting Deceptive Patterns

Deceptive patterns can be hard to spot, but they are all around us: Social media apps forcing us to connect our phone numbers, “free trials” that automatically turn into paid services without a reminder, or prompts where the “no” option is well-hidden. The list could go on. Luckily, there are some great initiatives out there that take a stand against Deceptive patterns.

Dark Patterns Tip Line

One of them is the Dark Patterns Tip Line. To raise awareness of the harm that manipulative design can cause, it crowdsources stories of digital manipulation. The goal is to help policymakers and enforcers hold companies accountable for their practices. So whenever you come across a dark pattern, don’t hesitate to report it to the tip line.

The hall of shame by Deceptive Design also collects stories from users who had to deal with deceptive patterns. The same goes for the Dark Pattern Detection Project. Their goal is to develop an open-source, AI-based text analysis tool that detects deceptive patterns automatically and redesigns them in a personalized manner for the respective customers. (cm)


2. Legal Compliance

You want to use cookies? Or send an email out? Swiss law firm Vischer published a set of flowcharts to help you make the right call whenever you’re unsure if there are any legal implications that you need to consider.

Website and App Tracking Legal Checklist

The Website and App Tracking Legal Checklist takes the ePrivacy Directive and GDPR into account to help you find out if your plans are compliant with the law, if you need to check local law aspects, or if you need to make further adjustments. The Marketing Communications Legal Checklist works similarly and comes in handy whenever you plan to send an email to your customers. Two for the bookmarks. (cm)


3. Better Authentication UX

Authentication is a tricky subject; if done wrong, it can break a user experience. There are password rules that make it hard to remember the password we chose and well-meant security questions that might even lock us out of our accounts instead of providing an extra layer of security. And nobody likes to identify crosswalks and fire hydrants either. So how can we fix the authentication UX for good?

Rethinking Authentication UX

That’s exactly the question that Jared Spool explores in his presentation “Fixing The Failures of the Authentication UX.” He explains how to make authentication design a priority in your experience architecture and where the real risks are so that you can best protect your users — without frustrating them.

If you’re looking for practical patterns to create frustration-free authentication experiences, Vitaly’s post “Rethinking Authentication UX” has got you covered. It dives deeper into why disabling copy-paste for passwords isn’t a good idea, why you should drop strict password requirements, options for access recovery, and more things to consider to improve the authentication status quo. (cm)


4. Upcoming Online Workshops

That’s right! We run online workshops on front-end and design, be it accessibility, performance, or design patterns. In fact, we have a couple of workshops coming up soon, and we thought that, you know, you might want to join in as well.

Smashing Online Events
With online workshops, we aim to give you the same experience and access to experts as in an in-person workshop from wherever you are.

As always, here’s a quick overview:


5. Designing For Security

Maybe you’ve come across the assumption that security can get in the way of usability. Krisztina Szerovay argues that designing for security should not be an afterthought, and it doesn’t have to result in compromise either. To illustrate how usability and security connect, she created the “Designing for Security” UX Knowledge Base Sketch.

Designing For Security

The key takeaway from the sketch: Usability and security go hand in hand. If something is usable and less confusing, it’s likely to be more secure. If something is secure, it’s more reliable, increasing usability. The sketch also pinpoints security patterns and things you can do to make security-related design decisions. (cm)


6. Behavioral Science Resources

Behavioral science helps us better understand human behavior and, ultimately, the design problems we try to solve. After all, everything we design, whether it’s interfaces, interactions, or experiences, is designed for human behavior. Elina Halonen started an open-source repository of case studies and learning resources that gets us familiar with behavioral science and the opportunities it offers for organizations.

Behavioral Science

The repository features examples of how behavioral science can be applied in different domains, tips for demonstrating the value of behavioral science to stakeholders and clients, and ideas for career options and what skills might be useful. The repository lives on a Miro board. If you are unsure of how to use it, Elina wrote a blog post with everything you need to know. Plenty of insights on anything from privacy to sustainability. (cm)


From our sponsor

Collect, Clean And Act On Your Customer Data With $50K Segment Credits

Twilio Segment
Learn analytics best practices, assemble your tech stack, and build a data-driven organization using Segment as your customer data platform. Segment helps over 15,000 startups get analytics right. Get $50k in Segment credits with Smashing Magazine!


7. Privacy UX

Some web interfaces have become quite a character, haven’t they? Self-indulgent, impolite, and obsessed with users’ data. In his article series on Privacy UX, Vitaly looks into privacy UX patterns that help us do better, without leaving conversion considerations behind.

Privacy UX

In part 1, Vitaly looks into common concerns and privacy in web forms, part 2 investigates the cookie consent experience, part 3 is dedicated to notification UX and permission requests, and, last but not least, part 4 brings it all together, exploring how the approaches fit into an overall design strategy. Practical tips that help you develop a pragmatic approach for designing and building ethical and respectful interfaces. (cm)


8. Privacy Design Patterns

How can we convert the lawyer speak around privacy to engineering speak? How can privacy problems be anticipated early in the development process to provide safer experiences for our users? These are the questions that the folks behind Privacy Patterns asked themselves. The result is a collection of patterns and design solutions to common privacy problems.

Privacy Patterns

From protecting your users against tracking to preventing suspicious access to user data, each pattern examines the context, problem, solution, consequences, and examples. The goal is to grow the pattern library into a living document where everyone can contribute — engineers and designers, just like lawyers and regulators. A great effort to standardize and simplify the discussion around privacy. (cm)


9. Recent Smashing Articles


That’s All, Folks!

Thank you so much for reading and for your support in helping us keep the web dev and design community strong with our newsletter. See you next time!


This newsletter issue was written and edited by Cosima Mielke (cm), Vitaly Friedman (vf) and Iris Lješnjanin (il).


Sent to truly smashing readers via Mailchimp.
We sincerely appreciate your kind support. You
rock.

Follow us on Twitter Join us on Facebook

unsubscribe update preferences view in your browser

Older messages

#390: Little Helpers

Tuesday, January 31, 2023

With AI helpers, toggle optimization, better SVGs, useful PDF tools, generating spreadsheets and automating meeting notes. Issue #390 • Jan 31, 2023 • View in the browser 💨 Smashing Newsletter Dear

#389: UX Playbooks

Tuesday, January 24, 2023

UX playbooks, methods, launch kits, product design resources and business guides for designers. Issue #389 • Jan 24, 2023 • View in the browser 💨 Smashing Newsletter Dobry wieczór Smashing Friends, We

#388: Open-Source Icons and Fonts

Friday, January 20, 2023

With open-source health and business icons, doodles and open-source fonts, free for personal and commercial use. Issue #388 • Jan 17, 2023 • View in the browser 💨 Smashing Newsletter Buenas tardes

#387: Design Systems

Tuesday, January 10, 2023

Design tokens, multi-lingual design system, deciding on new components and design system canvas. Issue #387 • Jan 10, 2023 • View in the browser 💨 Smashing Newsletter Boa noite Smashing Friends,

#386: CSS

Tuesday, January 3, 2023

With CSS skewed highlights, CSS trees, CSS overlaps and shiny new CSS techniques. Issue #386 • Jan 23, 2023 • View in the browser 💨 Smashing Newsletter Namaste Smashing Friends, 2023 is here, a new

You Might Also Like

At Home With Gloria Steinem

Thursday, December 26, 2024

View in your browser | Update your preferences ADPro Glory, Gloria Every year our AD100 honorees fill out a survey of projects that they're working on. A year or so ago, longtime AD100 designer

Celeb Homes at the Holidays—and a Few More Things to Make You Merry

Tuesday, December 24, 2024

View in your browser | Update your preferences ADPro Holiday Cheer Whether your taste leans traditional, modern, or all-out extravagant, AD is rife with inspiration for your holiday. In the spirit of

#488: Fun And Useful Gems

Tuesday, December 24, 2024

Radio garden, Zoom backgrounds, visual history of the alphabet and fun interactive experiences. Issue #488 • Dec 24, 2024 • View in the browser Smashing Newsletter Hello Smashing Friends, As we are

Accessibility Weekly #428: Putting AI to the (Accessibility) Test

Monday, December 23, 2024

December 23, 2024 • Issue #428 View this issue online or browse the full issue archive. Hey accessibility friends! It's the time of year where news and information slows down as many people take

2024 magic moments

Sunday, December 22, 2024

Issue 225: The year from my personal lens ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

Planning mode

Friday, December 20, 2024

Lessons from our first-ever annual planning sprint ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

We Co-Sign This AD100-Approved Trend

Thursday, December 19, 2024

View in your browser | Update your preferences ADPro Emboldening the Bath Marble, marble, everywhere, and every drop is chic. According to AD100 designer Jake Arnold, “material drenching”—that is,

177 / Keep calm by listening to these ambient sounds

Thursday, December 19, 2024

Product Disrupt Logo Product Disrupt Half-Monthly Dec 2024 • Part 1 View in browser Welcome to Issue 177 Lately, I've been driving a lot of inspiration from the things I see in real life. The range

The Year in Color: Hella Jongerius, Mocha Mousse, and More

Thursday, December 19, 2024

View in your browser | Update your preferences ADPro Color Our World Since the summer, AD PRO has kept its finger on the pulse of color predictions. Overall, the vibe right now is down to earth,

🐺Get Media Features in 2025

Thursday, December 19, 2024

A BIG Wolf Craft announcement!! ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏