5 Principles of Privacy-Aware Design

Teo, Choong Ching
5 min readJul 19, 2017


Some key takeaways from the book, Design My Privacy by Tijmen Schep.

5 Principles of Privacy-Aware Design image cover


Over the past years, there has been a growing privacy concerns in the cyber world. When we think of privacy and security related topics, we tend to assume that they belong to the jobs of security and legislative departments.

However, in my opinion, designers should be thinking and talking about privacy throughout the entire product design process. As a designer, I personally believe that privacy is also part of the basic principles of good user experience. We not only want our users to feel at ease when they are using our product or services, but also gain genuine trusts (in a long run) when it comes to privacy and security.

According to a survey conducted by Pew Research Center in the U.S., most Americans hold strong views about the importance of privacy in their everyday lives. For both online and offline activities — majorities say these dimensions are at least “somewhat important” and many express the view that these aspects of personal information control are “very important.”

How might we design an experience that allows our users to perform their desired tasks without getting anxious or skeptical for the product/services?

Principe 1: Privacy first!

First thing first, privacy should be part of the scope of the planning and development cycles. Make it a habit to think through how you want to deal with privacy and data during the first stage of the project. Prompt those questions during the initial meeting or brainstorming sessions.

Similarly, avoid the use of dark patterns as much as possible during the UI design. Yes, those subtle pre-marked checkboxes agreement/promo thingy at the end of the payment form are good for short-term benefits. However, the after effect can be severe for your product’s transparency issue. More angry customers, more complaint tickets.

Principe 2: Think like a hacker

Try to list down all types of data that are going to be collected. And then identify the possible ways in which the data could be exploited or misused. Run a series of examinations and evaluation with your team to identify those flaws and potential entry points.

Typically, most hackers have two types of mindset: explorative and exploitative. Put on the similar mindset when working on your internal evaluation sessions. Explore and identify as much vulnerabilities as possible early on to avoid major security setbacks.

Principle 3: Collect as little data as possible

Whenever your services are about to do some data collection, explain to the users in layman words. Tell them which particular data you are about to collect and what are you going to do with them. No jargons. Keep it simple. An example, highlight the texts under the sign-up CTA that you will be sending them news and updates to their inboxes. Don’t surprise them!

90% of app users indicate that having clear information about how apps will access or use their personal data is “very” or “somewhat” important to them when deciding to download an app. (source: Pew Research 2015 report)

From the principle point of view, a well designed product tends to collect ‘just enough’ data from the users. Make sure that the collected data are not stored for longer than intended period of time. However, if you must store those data for a very long time, you have to plan carefully on how to store them securely in order to avoid leaking or misusing.

Principle 4: Protect the data

Apart data collection, we also need to focus on encryption. Most of our data are stored online or ‘in a cloud’. However, most people do not realise that storing data in a cloud is actually like storing them in someone else’s computers in another place.

Therefore, make sure to encrypt your data correctly before storing them online. Of course, we are not talking about wrapping your whole chunks of data like bubble wrapping a house. As a standard practise, apply the 80/20 rule. What percentage of data is truly sensitive? Identify them and plan the encryption accordingly.

Principle 5: Respect identity

The essence of privacy is all about choice. Make sure that the user has the ability to control over their online identity (anonymous or real name). They should also be able to decide by themselves as much as possible how much data (names, age etc) should be revealed or be hidden.

A classic bad example is when social media Google+ announced that it didn’t let users to choose their own social identity, which caused an outrage online. From the design perspective, users should be able to update their privacy settings through clear user interface design. Don’t hide them deep in the screens. Remember, allowing pseudonymity or anonymity is also a good way to protect users from serious consequences such as harassments and discrimination.

“The ability to be anonymous is increasingly important because it gives people control, it lets them be creative, it lets them figure out their identity and explore what they want to do, or to research topics that aren’t necessarily ‘them’ and may not want tied to their real name for perpetuity…” —Andrew Lewman

Recap (TL:DR)

  1. Privacy first
    Make privacy as part of the ‘scope’ when planning and designing your product.
  2. Think like a hacker
    Identify possible vulnerabilities in early stage of product development.
  3. Collect as little data as possible
    Tell the users in plain words which particular data you are about to collect and what are you going to do with them. No jargons. Keep it simple.
  4. Protect the data
    Identify important data and plan the encryption accordingly.
  5. Respect identity
    Allow users the ability to control over their online identity (anonymous or real name). Of course, this principle would be be applicable for the finance industry.


In short, privacy issue is one of the biggest aspects that can have big impact on user experiences. As designers, I am not asking us to memorize all the legal and privacy regulations by heart. We just need to be accustomed to some of these privacy best practises just like how we are are used to think about design principles like ‘affordances’ and ‘signifiers’.



Teo, Choong Ching

Product designer. Currently @ Trustana (seeded by Temasek). Formerly @ Saleswhale (YC S16) ❤ topics on enterprise design. choongchingteo.webflow.io