Building privacy into products

Imagine that a friend took a photo of you at a wild party last weekend and posted it on a social-networking site. What one person considers to be harmless fodder for wide consumption can be highly embarrassing to someone else. Because the notion of what's public and what's private differs from individual to individual, it can be challenging for tech companies to figure out how to create products that offer good privacy protections for their users. This challenge is something we think about and discuss at Google every day, and now two of my fellow Googlers are sharing their thoughts on the matter.

Our Canada Policy Counsel Jacob Glick wrote an op-ed in yesterday's National Post arguing that privacy is best protected by good product design. Two examples he gives are Google Street View, in which facial- and license-plate-blurring technology is built into the product, and YouTube, which allows users to choose whether to show their uploaded videos to the entire public or restrict it to a smaller group of friends.

Meanwhile, in the July/August 2009 issue of IEEE Security & Privacy magazine, Google Policy Analyst Betsy Masiello has published an article titled "Deconstructing the Privacy Experience," in which she looks at the challenge of giving users meaningful information and controls:

"We've long focused on transparency and choice as the pillars on which privacy rests because together they enable informed consent to data collection. On their own, however, transparency and choice say nothing about creating a usable privacy experience. Enabling informed consent to data collection isn't enough; product designers must aspire to this and more: enable informed consent without burdening user experience."

You can download a PDF of the entire three-page article here. Both Betsy's article and Jacob's op-ed are great reads; check them out.