Highlights from our Techweek Talk – Privacy by Design

This year’s Techweek featured a PaperKite presentation sharing our experience of building the Rippl contact tracing app, and the increasing importance of trust and privacy in technology. 

If you missed the in-person event, here’s a brief overview of the presentation, key themes and insights.

The public’s appetite for data security

Globally, privacy in an increasingly technological world has been a growing concern for years. From maintaining privacy across social media, to controlling the use of your personal data online, to concern about the state tracking your physical movements via CCTV and facial recognition software. 

Regular data breaches hit the media more frequently than we’d like – the Cambridge Analytica / Facebook micro targeting scandal a few years ago and the recent cyber attack on the Waikato DHB IT health systems. As citizens, how do we know whom to trust, and what information we are happy to provide freely?

How did COVID-19 change our perceptions of data in the name of public health?

The 2020 pandemic presented us with a need to rapidly respond to a public health crisis. This led to a trade-off between public health and individual privacy: in a pandemic scenario, would New Zealanders be willing to share their personal and location data with the New Zealand government in the name of infectious disease control?

Early paper-based sign in sheets caused both businesses and citizens headaches as personal data was freely available at businesses and venues all over the country – there were reported incidents of harassment as employees took advantage of access to customers’ personal contact details. Globally, there were reports of unwillingness to disclose visits to certain locations, such as the South Korean gay night club where customers were hesitant to share their contact details with authorities, and so left false details, creating public health issues.

It quickly became clear that there were issues for individuals (in their willingness to disclose their personal and location information) and difficulties for businesses (to manage their customer’s personal data). This public health crisis needed to somehow overcome the reluctance of their citizens to share this information with them, should they need to be contacted.

How did Rippl seek to overcome data-sharing hesitancy?

Our Privacy by Design approach is essentially a privacy-first approach to the development of the product. We worked with a Māori cultural advisor to ensure we aligned with the Māori Ethics Guidelines for Data. 

This approach to the app product build ensured that:

  • Rippl never collects personal user data; all location data is stored on individual phones, not in an offshore cloud based storage facility.

  • If users are exposed to the COVID-19 virus, they will receive an alert from the Ministry of Health, but the Ministry of Health does not know who they’re sending alerts to – we relied on the fact that individuals receiving alerts would be motivated to contact the authorities.

  • Our Privacy Policy was short and easy to understand – its brevity reflected the simplicity of the product itself.

By creating a Privacy by Design product, we quickly gained trust from the public, businesses and local city councils such as Wellington City Council and Dunedin City Council, who were early adopters of the Rippl technology in their mission to get their local businesses back up and running quickly.

In New Zealand, we can be proud that Kiwis continue to do the ‘right’ thing by their communities – following lockdown rules and participating in contact tracing procedures across the country.

What we’re most proud of

Aside from our team who worked overtime during lockdown to launch this product in less than four weeks, we’re incredibly thankful to our early adopters of the product who helped us normalise a digital contract tracing app, very quickly. We’re also chuffed with the following:

Allowing users to have full control over their personal information

We believe our role in developing digital technology is to support great customer experiences, while allowing our users to have absolute control over their personal data. We work with our clients to ensure Privacy by Design products that naturally build trust with their customers. We encourage our clients to be transparent when it comes to data capture as this leads to higher trust and a better product design solution.

Keen to learn more?

We’d love to chat more about improving privacy in your digital applications and how we can work with you to deliver innovative solutions to your digital problems.

Share post