“My job as a designer is to make users aware of the costs of convenience”

“My job as a designer is to make users aware of the costs of convenience”


We asked Mike Finch of PrivacyHaus about his privacy advocacy and the challenges he faces when designing services with a privacy-first mindset.

When did you first start to pay attention to your digital security and privacy?

When I was 16 years old, I took a class in school on networking fundamentals. One day my instructor presented a simple challenge: Hack into his box, and get an A.

Not only was I able to gain access, I was able to find the Social Security Numbers, birthdays, home addresses, and bank account information of every educator in the school district. There I was – some punk-rock degenerate with a skateboard showing my instructor his own SSN, and suddenly I felt a wave of regret. He seemed concerned, not excited. Looking him in the eye, I recognized how violated he felt. Sometimes the humanity of our actions is lost on us when we’re more concerned with the outcome than the people affected by it.

The information I had was legitimately powerful and could have been used against him. I certainly didn’t want someone to ever have that power over me.

You grew up to become a web designer and with PrivacyHaus your aim is to help people keep control over their digital lives. What inspired you to launch the project?

Trump’s unexpected win in the United States Presidential election was the catalyst. Privacy isn’t a partisan issue, but Trump’s White House is particularly hostile to privacy, net neutrality, and an open internet. He’s not the kind of person you want to have controlling the United States vast surveillance programs.

What is your main goal with collecting privacy-first apps on the site?

PrivacyHaus is meant to be an introduction to privacy-first apps for people who are conceptually new to privacy; especially non-technical users. I made a bunch of flyers that I pass around at rallies and protests. I leave stacks of them in book stores and coffee shops, and try to reach people in less tech-savvy areas. This isn’t the demographic that’ll hear about encryption options from the Verge or TechCrunch. If you believe that privacy is a human right, you need to reach people – all people – where they’re at. Our primary focus over the next few months is on education. Apps are great, but they don’t mean a thing unless you have the education to use them properly.

What are the criteria to list an app? How do you check them?

Each app on PrivacyHaus has been personally installed and used by me in some capacity. Trying to reach a less-technical demographic, my focus is largely on the user experience of each app. I look at things like the ease of use, the clarity of their user interface, the ease of onboarding. I ask myself, “Is this something my Grandpa could learn?” There are tons of amazing apps out there that haven’t made the list because, while technically impressive, they’re too difficult or unpolished for an average mainstream user to feel comfortable with.

As a designer, you’ve been working on front-end web projects for tech companies. When creating designs, how do you take privacy aspects into consideration?

This gets harder each day due to the crazy pace of technology. If you think about your favorite sci-fi movies, the future is always full of smart objects making your life easier. The problem with any kind of smart tech is that it’s only as powerful as the data you feed it, and in today’s world, getting that data largely means sacrificing your privacy. Convenience comes at a cost. As a designer, my job is to make users aware of those costs.

Privacy isn’t one-size-fits-all. What we consider “private” is personal and different for everyone – and that’s okay.  As a designer, you need to have those conversations with the user. You can’t assume someone’s comfortable with something just because you are. Before you track them – before you capture that data – ask them. Explain the pros and cons. If it’s worth it to them, users will abandon their privacy for the convenience of your product. But you need to have that conversation and give them the chance to avoid compromising situations.

Ease of use is one of the major challenges. What are the major UX challenges designers face?

Most design problems are communication problems. In the case of privacy UX, the biggest challenge I see is ineffective communication between the service and their users. This isn’t easy. Understanding your users takes time and research, so if you’re racing towards a deadline and something needs to be cut, that understanding is often the first to go. The problem is that you end up shipping a product that makes sense to you, but not your end-users.

Two good examples of communicating well with a target audience are TunnelBear and NordVPN. TunnelBear proudly states they make “really simple privacy apps” and they’ve abstracted the complexity of virtual private networks in lieu of an adorable animated bear. They know their audience is more likely to be first-time VPN users, and they’ve designed their service to effectively speak to that user. NordVPN on the other hand presents themselves as “The world’s most advanced VPN” and again, it shows in their design. Their service is far more feature-rich and they offer speciality servers provisioned for specific use cases (Tor, streaming video, etc). Their design isn’t complicated, but there’s a higher learning curve required than what you’d need to operate TunnelBear with confidence.

Can you see any change in how designers relate to privacy-related issues?

There’s a tension with creative people – designers and developers alike- between what they can do and what they should do. This drive to innovate can have devastating impacts on user privacy. When your job is to push the boundaries of what’s possible, it can be challenging to remember that your design decisions have consequences. There are privacy-minded designers out there, but we’re regrettably a rare breed. Thankfully, those of us that care about these issues tend to be loud about it. As an example, Mike Monteiro at Mule Design recently gave a presentation called “How Designers Destroyed the World” that speaks to how badly we, as designers, are neglecting the potential privacy implications of our design decisions to the detriment of our users. Talks like his are making an impact, but we still have a lot of work to do.


Mike Finch is a designer and privacy advocate in the Pacific Northwest. He’s designed for organizations like Code.org, Facebook, Amazon, and is the creator of PrivacyHaus; a showcase of privacy-first apps. He probably drinks more coffee than he should..