“As the tech industry matures, organizations incorporate more user research into their development cycles. Doing research with people presents us, as UX professionals, a major ethical challenge, however: how do we balance collecting data to make smart design decisions with protecting users’ safety, autonomy, and privacy?
Today, product teams have numerous ways of collecting data and researching users. But some of these methods can be incredibly invasive as well as dangerous. For example, in 2017, Steven Englehardt, Gunes Acar, and Arvind Narayanan at Princeton University’s Center for Information Technology Policy (CITP) released a report investigating session replay scripts like FullStory and SessionCam. Unlike traditional analytic services that aggregate user behavior, session replay scripts record and playback individual browsing sessions. This means that design teams can observe a user’s scrolling behavior, keystrokes, and even an entire page’s content as if they were in the same room as that user. The purpose of this data collection is for designers to observe how users interact with websites so they can identify usability issues. What the CITP team found, however, is that while these tools provide designers valuable insights into user behavior, they also collect or only partially redact sensitive form text (e.g., passwords) and are vulnerable to network surveillance. A common user research tool, if not implemented with care, can create serious privacy and security risk to users.
So, how can product teams avoid exposing users to such risk? The answer is ethical research practices. Simply put, ethics are principles that describe right and wrong or more correct and less correct behavior. I argue that there are six major ethical research principles that should guide product teams during user research:
1) Validity: Researchers produce findings that accurately represent users and the phenomena of interest
2) Wellbeing: Researchers minimize the risks and maximize the benefits research participants experience
3) Autonomy: Researchers disclose enough information to research participants so they can make an informed decision to take part in the study. Researchers also avoid manipulating or coercing participants to remain in a study
4) Privacy and Security: Researchers keep research participants’ personal data private and safe
5) Honesty: Researchers report findings to stakeholders accurately
6) Value: Researchers conduct research that tests important organizational assumptions and influences strategy
Designing user research projects around these principles protects the wellbeing and dignity of research participants. But these principles also protect organizations. As users become savvier about how organizations collect and use their data, product teams that violate these principles can become embroiled in controversy and seriously violate consumer trust.
In this talk, I will guide audience members through a checklist of steps they can use to a) recognize potential ethical violations in their user research plans; b) minimize the impact of unethical decisions in the field; and c) promote ethical practices across stakeholders. I will frame each principle around real-life case studies of ethical challenges I have faced while working as UX researcher with early-stage startups and community organizations in industries like healthcare and education.”