VOICES
Essay
advantage of. Consumers are more carefully considering
thei r usage of ser v ices that have been hast y and reck less
in their handling of data. Often this handling has been
enabled and facilitated by default options that are
permissive in the leeway given to companies around the
use of customer data. Governments are now starting to
take note of these abuses and the appetite for regulation
is growing.WHAT SHOULD WE DEFAULT TO?
Default options are common and core features found in
almost any software. We need default settings; nobody
wants to spend hours arranging their preferences for
every single app they download, site they visit or device
they buy.
While seemingly innocuous, default settings literally
encode the initial state of our programs and govern how
interact ions w i l l take place unt i l modi fied. As such, the y
reflect the inherent values of the engineers and, by
extension, the company that employs them. Our
product’s default settings lay bare our ambitions, goals
and biases for all to see.
Therefore you can easily audit a company’s actual
(versus stated) intentions with a quick perusal of their
default settings. For too long tech companies have usedslogans, slick ads and the goodwill of its users to forgive
risky data privacy practices. A transparent and open
assessment of data handling and privacy creates an ideal
opportunity for tech companies to live up to their
promises to the public trust.
Further, given the massive scale and network effects
enjoyed by many of the big tech companies, it’s clear
that they are getting near to crossing an invisible but
critical boundary. While corporate behemoths are
certainly not a new phenomenon, the nature of tech
companies’ relationship with our most personal data
brings heightened consequences for its misuse. That’s
why we should mandate a stricter standard for best
practices relating to data privacy. This is the intent (if
not perhaps the end result) of GDPR and related
regulations in California and other places. And while
slow to get star ted, users’ aw areness of the impl ications
and power of giv ing thei r personal data to tech plat forms
is growing, not shrinking. This awareness will have
profound implications for the future of the entire tech
sector and how we manage the relationship between
products and users.PRIVACY BY DEFAULT
It is v ital to the f uture of technolog y that we rethink our
default sett ings. Not on ly is this a w ise business pract ice,
it can make technolog y a more positive force for societ y.
Simply put, it should be priv ac y by default. For e x ample,
at Viber all messages are fully encrypted by default,
protecting user privacy over potential advertising profits.
However, many tech companies are well aware there is
a lucrative business upside in setting default options that
enable them to har vest v ast amounts of highly personal
user data.
To be specific, privacy by default settings should be
configured for:O No reading or storing of any private chats
O No listening or recording of any private calls
O No scanning of any private media exchanged (pictures
or video)
O No listening of live conversations through the
microphone of a mobile phoneBy default, all settings (like end-to-end encryption)
should be set to the most secure option. T herefore users
must un lock those securit y features themselves and give
e x pl icit consent. T his prov ides better securit y as wel l asteachable moments to provide cues and coaching on what
these choices actually mean. These choices must be
explained to users in what engineers refer to as “human-
readable” language, which means there needs to be clear
and e x pl icit consent that is easi ly understood and requi res
no more than a couple of lines of text to explain –
increasingly important given GDPR.
Business leaders, engineers and product designers are
all fingers on Adam Smith’s invisible hand; we are also
‘choice architects,’ as behavioural economists describe.
This is particularly true when it comes to making the
choices for default options. Using the guiding principle
of privacy by default can help drive better business
practices, build stronger relationships with consumers
and prevent overbearing regulations. Let’s be responsible
about how our programs affect our users.P
ROFI
LE“Default settings literally encode the initial state of our
surjudpvĩ#wkh|#uhľhfw#wkh#lqkhuhqw#ydoxhv#ri#wkh#hqjlqhhuv#
and, by extension, the company that employs them”
Agaoua is CEO of Rakuten Viber, a leading
messaging application and has over 25 years
experience in the technology industry.
t: @dagaoua