Overview
This case study explores the interplay between surveillance capitalism, user experience design, and privacy in the digital space, with a specific focus on Google. The study highlights the implications of non-compliance with GDPR guidelines related to user consent and the presence of dark UX patterns that hinder informed decision-making regarding cookie preferences. By examining the fines imposed by CNIL on Google and Facebook, the case study aims to shed light on the importance of prioritizing transparency, user-friendliness, and privacy in UX design.
The ultimate objectives are to propose solutions that empower users with better control over their privacy, enhance the overall user experience, and ensure compliance with privacy regulations.
Problem
The French data protection authority, CNIL, fined Google and Facebook €210 million in 2022 for violating GDPR guidelines by making it hard for users to refuse cookies. This issue, compounded by complex cookie banners and interfaces and extensive data collection practices, compromises user privacy. The case study will explore these problems in detail.
The images of the initial pop-up that appears when you visit Google's site, asking for consent to use cookies. This showcases how the design is misleading and unclear, leading users to accept without fully understanding what they're agreeing to.
Customer Journey Mapping
I created a Customer Journey to show that users who accept their cookies blue steps that have a simple interface to get to the search results they want faster, without having to go through complex steps(dark pattern), as well having to read through complicated privacy policies. The red steps and clicks are the necessary steps a user has to take to accept only the necessary cookies.
As shown in the User Journey, not accepting cookies requires at least five more clicks than accepting cookies, which requires only one click
Persona
By gaining a deep understanding of Winta and Sarah's needs, obstacles, and desires, we can tailor our solutions to effectively meet their specific requirements while also considering the broader audience. This comprehensive understanding enables us to develop products and services that cater to Winta and Sarah's individual preferences, delivering value and satisfaction to them.
By gaining a deep understanding of Winta and Sarah's needs, wants, and preferences, we can tailor our solutions to effectively meet their specific requirements while also considering the broader audience. This comprehensive understanding enables us to develop products and services that cater to Winta and Sarah's individual preferences, delivering value and satisfaction to them.
Consumer Journey
In this case study, we delve into the consumer journeys of Winta and Sarah, two individuals with contrasting priorities in their online experiences. Winta places a strong emphasis on data protection and meticulously evaluates privacy policies to ensure her personal information is safeguarded. On the other hand, Sarah prioritizes usability and convenience, valuing a seamless experience over stringent privacy measures. By gaining a deeper understanding of their distinct consumer journeys, we can gain insights into their usage patterns, preferences, and needs, enabling us to tailor our solutions to better meet their expectations.
Winta's Consumer Journey
Awareness:
Winta discovers a website that matches her interests through her online search.
Research:
She looks closely at the cookie consent pop-up on the website, paying attention to the privacy policy.
Evaluation:
Winta evaluates the website's privacy and data protection commitment. Decision: She clicked away the pop-up and to engage with the content of the website.
Sarah’s Consumer Journey
Awareness:
Sarah come across a website through online search and often using Google services.
Research:
She quickly reviews the cookie consent pop-up and skims through the privacy policy without delving too much into the details.
Evaluation:
Sarah focuses on the user experience, prioritizing usability, convenience, and interactivity over strictly privacy measure.
Decision:
If the website appears trustworthy and provides a pleasant user experience, she consents to the use of cookies and continues to use the website's content and services.
These consumer journeys demonstrate the different priorities and preferences users have regarding their online experiences, including privacy and usability. By acknowledging and accommodating the diverse needs of users like Winta and Sarah, websites can create a more inclusive and enjoyable environment for a wide range of visitors. This includes considering factors such as cookie settings and privacy options, allowing users to have control over their data while maintaining a seamless user experience.
Design Solution
By considering the needs and preferences of both personas, we can develop a product or service that strikes a balance between data protection and an interactive user experience. This approach not only caters to Winta and Sarah's specific requirements, but also captures the needs of a wider audience. Through this comprehensive understanding, we can design solutions that effectively address the unique desires and concerns of both personas, ensuring user-centric experiences and maximizing customer satisfaction.
1. A Button for “Don’t agree”
By clearly displaying a button, users can be assured that they are in control of their privacy practices. This enables users to make informed decisions, which improves their trust on the website and its practices.
2. Use red for the Button to “Agree” before going on “See more”, so the user is informed about data processing .
The use of red for the “Agree” button is intended to help users understand the important data processing practices before giving consent. This ensures that users are made aware and can make informed choices about the sharing of their data.
3. Allow user to customize only necessary cookies preferences on the banner after clicking “See more”.
The design addresses individual privacy needs through personalization, increasing overall privacy needs.
4. Locating an Out-put “X” on the top right banner, so user can away click.
This respects the user's choice and prevents frustration that could arise from intrusive or constant pop-ups. Allows users to simply disable the pop-up if they do not wish to interact with it.
5. Cookie banner that are accessible in different languages.
The ability to change the language of the banner promotes integration and ensures that people with different language backgrounds can understand the website's privacy policy.
By using this design approach, we increase user confidence, enhance user experience, and adhere to data protection standards set by regulations such as the GDPR requirements in the EU and the privacy laws in France.
Wireframe
The wireframe I created shows the structure and placement of the different elements of the cookie consent banner. Each element of the banner is labelled so that the user understands the purpose of each element. For example, there is a "Do Not Agree" button, an "I Agree" button, and the "See More" button that leads to the next page where the user must confirm the settings themselves in order to receive advertising from Google.
Final Design
The design aims to provide high contrast colours, with a bold red for the "Accept all cookies" button to inform users about the data they are sharing. A subtle blue is used for users to make an informed decision regarding cookie consent. The "X" button in the corner allows users to easily deny consent for cookies. The minimalist design maintains Google's familiar UX style, and different language options are available on the consent form for better understanding of the privacy policy. Overall, the design offers users a clear and simple way to manage their cookie settings with attention-grabbing colours and clear labels, while the minimalist approach ensures easy navigation.
Conclusion
In conclusion, this case study delves into the relationship between surveillance capitalism, user experience design, and privacy, using Google as a case example. The study sheds light on the non-compliance with GDPR guidelines regarding user consent and the existence of dark UX patterns that impede informed decision-making on cookie preferences. It underscores the importance of user-centric design solutions, such as incorporating personas and considering user perspectives, to empower individuals with better control over their privacy and elevate their overall user experience.