Usability Ethics — Privacy Concern and Cookies Consent

In this blog, “Cookie” is not the term for the product that people can easily find in grocery stores. The term “Cookie” that I am going to talk about in this blog is a computer science term to describe a small piece of data sent from website and stored in user’s local drive by the user’s web browser while the user is browsing. Cookies is designed to collect a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client’s computer. 

In our daily life, the existence of cookies is everywhere but it’s easily to be ignored. Taking Nike’s website as an example, a person who randomly browses the internet, then he randomly clicks into Nike’s website. He has no intention to buy anything from Nike but browses the new released product. Immediately, he found out Nike’s ads pop up from everywhere, such as facebook, instagram, and even mailbox. People feel insecure and disturbed in this process because they think their personal information has been revealed. 

There is a scenario that everyone has encountered, when a person goes to Starbucks and tries to connect with the wifi. There will be a pop-up window and ask the person about his personal information, and the person can only be connected to wifi once he fills up all the information. This case is not about cookies but it is about realizing how our data has been collected. In this case, the users’ data will be collected by the wifi server, google, and google will collate all the data and then sale to their clients in different forms. Cookies are basically doing the same job as the pop-up window. Once the cookies are saved in your computer, they collected out data for the website’s host keeping to analyze out behavior. Thus, the question comes from such situation, What the website is trying to get from the users? And how the website going to do with those users’ data?

Nowadays, privacy has been a major concern of everybody over the internet.Therefore, regarding the privacy concern of launching cookies in users’ local computer, the EU general data protection regulation was introduced and executed in May 2018. With the advent of the EU General Data Protection Regulation, the web has turned into a vast exhibition of consent pop-ups, notifications, toolbars, and modals. The intention behind the cookie consent is to get users’ consent to keep collecting user’s data and evaluate user’s behavior. On top of that, many implementations do not respect user’s experience because the developers set cookies despite users’ choices. They assume that most people will grant consent regardless so they only give users an “Accept” option. Some websites are even worse, users are not allowed to visit the website or perform an action just because they decline the usage of cookies. 

Although there is a regulation for forcing websites to get users’ consent of using cookies, the designs of cookies consent are the way how UX designers define their own ethics. While the GDPR is an excellent step forward from a legal perspective, it’s only applicable to products servicing the E.U., and it isn’t so clear to me how it will affect UX research. That means that today, as UX designers, we need to ensure we stay true to our internal ethical voice and think about what will be better for the user — regardless of business goals.