New privacy resources for UX designers
The Information Commissioner's Office (ICO) has produced new guidance on privacy in the product design lifecycle
The guidance is written to help technology professionals such as user experience (UX) designers, product managers and software engineers, embed data protection into their products and services from the start.
The guidance outlines the case for privacy in product design not only in terms of legal compliance, but also as something that will greatly benefit your organisation, people and society as a whole.
Regarding privacy as a core product and user experience issue, the ICO's guidance considers each stage of product design, including:
- kick-off
- research
- design
- development
- launch
- post-launch phases
The guidance focuses on the responsibilities of data controllers. Your business is likely to meet this definition if you create software, products, apps or run websites that collect, manage or share people's personal information.
If your business acts as data controller, your business is responsible for complying with data protection law. Data protection obligations vary for organisations that fall outside this category, such as those that act as processors of personal information.
To help you to understand the law and good practice as clearly as possible, this guidance says what organisations must, should, and could do to comply.
Read ICO's guide on privacy in the product design lifecycle.
This resource does not substitute detailed ICO guidance, and should be read in conjunction with other key guidance on data protection.
First published 10 March 2023