30 September, 2018

Is Your Personal Data Secure? - A Beginner's Guide to GDPR

Are you an individual who worries about your personal data while transacting online?

Are you an organization doing business? Do you think about protecting your customer’s personal data? If not, are you ready to pay fines up to 4% of annual global turnover or more?

Users personal data is in danger. Organizations handling data are in danger. Neither of them knows what is the right way to process and protect this personal data. This article is an attempt to educate you about what GDPR is and how it impacts all of us as individuals and organizations.

Personal Data Security
Given the great technological advancements, globalization and complex flows of personal data, users are increasingly worried about the security of their personal data online. Today, keying in a phone number or email address might reveal users’ personal information at the click of a button, if this data falls in the hands of an irresponsible organization. Are not governments worried? Are there any laws and regulations to protect users? 

What is GDPR
The European Union's new General Data Protection Regulation (GDPR) came into effect on May 25, 2018. The GDPR will apply to organizations processing personal data in the EU and also to organizations outside of the EU who may be targeting, or offering goods and services to individuals within the EU. This regulation gives control to individuals over their data by letting them choose how their data is handled online. GDPR highlights how personal data is captured by organizations and documented, how it is processed and what changes are required to the systems, processing users' personal data to comply with GDPR requirements. 

What GDPR means to Individuals and Organizations
Individuals use many products - be it mobile apps or websites. GDPR expects organizations owning these products to notify users how their personal information is consumed within the products. Products working with third party partners must have a personal data policy and a privacy policy to ensure there is no threat to the data when it changes hands from one entity to another.

Basic Definitions
Personal Data
Any information related to a natural person, that can be used to directly or indirectly to identify the person is Personal Data. 
It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

Data processor
The entity processing on behalf of and in accordance with the instructions of a data controller. 

Data controller
The entity deciding the means and purpose of the processing of personal data. 

What will change?
Under the GDPR, the obligations on data controllers will substantially increase and, importantly, data processors will also now have data protection obligations. For example:

  1. Data controllers and processors alike will now be required to keep records of their processing. 
  2. Contracts with processors will need to be updated with new mandatory provisions. Privacy notices will need to be updated. 
  3. “Consent” will be more difficult to obtain and may need to be refreshed. 
  4. Principles of “privacy by design” mean that organisations must look at their processing and assess whether it is imperative. 

Privacy rules around the world are tightening. The GDPR is just one example of a regime change which aims to put the rights of the individual first. Many of the principles are similar in privacy regimes around the world, but the GDPR is often stricter. Although compliance with the GDPR will not guarantee compliance with all privacy regimes across the globe, it will help to reduce global risks.

16 September, 2018

The One Thumb, One Eyeball Test

Imaging that your user is on their phone, standing in the bus, surrounded by distractions and your app has to hold their attention. They must be able to use your product using an average thumb. If they can’t, you fail the One Thumb, One Eyeball test, and will lose users.

A woman using the mobile phone with one hand on a beach

Many mobile products have call to action buttons that are either too small, or placed too close together, or links are confusing, or new unwanted windows pop up. As soon as you redirect someone to a screen they didn’t want or expect, they’ll lift their head up and your product has lost. Users should be able to complete critical tasks quickly without losing focus. This means all the critical tasks are "do-able"using one thumb and one eyeball what come may - be it standing in the bus, leaning on to the wall at train station, sitting in a congested place at work, comfortably lying down on the couch or even better, sitting on the beach.

One Thumb, One Eyeball Test
People use mobile phones everywhere and anywhere. They are often distracted away from their mobile phones to get some work done or distracted by mobile phones to do some physical work without dropping the phone down. This forces them to use the mobile phone by investing only one eye and one thumb. This enables high speed interaction using one hand needing short attention spans.

The one thumb, one eyeball test was proposed by Luke W during the design of “Polar”, an app designed to create photo polls and allow voting on them. 

The objective was that a user should be able to create a new poll in less than a minute using only one thumb to do so. This test is now a global standard for mobile apps across the world.

Moving away from Hamburger to Tab bar design
Hamburger menu placed in top left corners of the app are too hard to access. Take a look:

A user who is driving a car needs to use the phone in one hand with the other hand on the steering wheel. If the app hamburger is in the top-left corner, the one thumb use case fails. In other words, users must be able to perform critical tasks on the mobile app with just one thumb in a few seconds. Lesser the time (in seconds), the better. Users work in micro-moments - small units of time with distracted attention. Hence the need for speed.

In the above app, notice that most of the critical tasks like My Flights, Today's Deals, Booking are easily accessible using one thumb. This is the freedom users need.

Effective mobile designs must accommodate for one eye and one thumb experiences.

If people can get things done in time sensitive, limited mobility situations, they'll be even more efficient and products will have their full attention.