In this episode, Marie Potel-Saville joins me to shed light on the widespread issue of dark patterns in design. With her background in law, Marie founded the 'FairPatterns' project with her award-winning privacy and innovation studio, Amurabi, to detect and fix large-scale dark patterns. Throughout our conversation, we discuss the different types of dark patterns, why it is crucial for businesses to prevent them from being coded into their websites and apps, and how designers can ensure that they are designing fair patterns in their projects.

Dark patterns are interfaces that deceive or manipulate users into unintended actions by exploiting cognitive biases inherent in decision-making processes. Marie explains how dark patterns are harmful to our economic and democratic models, their negative impact on individual agency, and the ways that FairPatterns provides countermeasures and safeguards against the exploitation of people's cognitive biases. She also shares tips for designers and developers for designing and architecting fair patterns.

Topics Covered:

• Why Marie shifted her career path from practicing law to deploying and lecturing on Legal UX design & combatting Dark Patterns at Amurabi
• The definition of ‘Dark Patterns’ and the difference between them and ‘deceptive patterns’
• What motivated Marie to found FairPatterns.com and her science-based methodology to combat dark patterns
• The importance of decision making governance
• Why execs should care about preventing dark patterns from being coded into their websites, apps, & interfaces
• How dark patterns exploit our cognitive biases to our detriment
• What global laws say about dark patterns
• How dark patterns create structural risks for our economies & democratic models
• How "Fair Patterns" serve as countermeasures to Dark Patterns
• The 7 categories of Dark Patterns in UX design & associated countermeasures
• Advice for designers & developers to ensure that they design & architect Fair Patterns when build9ing products & features
• How companies can boost sales & gain trust with Fair Patterns
• Resources to learn more about Dark Patterns & countermeasures

Guest Info:

• Connect with Marie on LinkedIn
• Learn more about Amurabi
• Check out FairPatterns.com

Resources Mentioned:

• Learn about the 7 Stages of Action Model
• Take FairPattern's course: Dark Patterns 101
• Read Deceptive Design Patterns
• Listen to FairPatterns' Fighting Dark Patterns Podcast

Copyright © 2022 - 2024 Principled LLC. All rights reserved.

In this episode, I sat down with Aaron Weller, the Leader of HP's Privacy Engineering Center of Excellence (CoE), focused on providing technical solutions for privacy engineering across HP's global operations. Throughout our conversation, we discuss: what motivated HP's leadership to stand up a CoE for Privacy Engineering; Aaron's approach to staffing the CoE; how a CoE's can shift privacy left in a large, matrixed organization like HP's; and, how to leverage the CoE to proactively manage privacy risk.

Aaron emphasizes the importance of understanding an organization's strategy when creating a CoE and shares his methods for gathering data to inform the center's roadmap and team building. He also highlights the great impact that a Center of Excellence can offer and gives advice for implementing one in your organization. We touch on the main challenges in privacy engineering today and the value of designing user-friendly privacy experiences. In addition, Aaron provides his perspective on selecting the right combination of Privacy Enhancing Technologies (PETs) for anonymity, how to go about implementing PETs, and the role that AI governance plays in his work.

Topics Covered:

• Aaron’s deep privacy and consulting background and how he ended up leading HP's Privacy Engineering Center of Excellence
• The definition of a "Center of Excellence" (CoE) and how a Privacy Engineering CoE can drive value for an organization and shift privacy left
• What motivates a company like HP to launch a CoE for Privacy Engineering and what it's reporting line should be
• Aaron's approach to creating a Privacy Engineering CoE roadmap; his strategy for staffing this CoE; and the skills & abilities that he sought
• How HP's Privacy Engineering CoE works with the business to advise on, and select, the right PETs for each business use case
• Why it's essential to know the privacy guarantees that your organization wants to assert before selecting the right PETs to get you there
• Lessons Learned from setting up a Privacy Engineering CoE and how to get executive sponsorship
• The amount of time that Privacy teams have had to work on AI issues over the past year, and advice on preventing burnout
• Aaron's hypothesis about the value of getting an early handle on governance over the adoption of innovative technologies
• The importance of being open to continuous learning in the field of privacy engineering

Guest Info:

• Connect with Aaron on LinkedIn
• Learn about HP's Privacy Engineering Center of Excellence
• Review the OWASP Machine Learning Security Top 10
• Review the OWASP Top 10 for LLM Applications

Copyright © 2022 - 2024 Principled LLC. All rights reserved.

Today, I’m joined by Amaka Ibeji, Privacy Engineer at Cruise where she designs and implements robust privacy programs and controls. In this episode, we discuss Amaka's passion for creating a culture of privacy and compliance within organizations and engineering teams. Amaka also hosts the PALS Parlor Podcast, where she speaks to business leaders and peers about privacy, AI governance, leadership, and security and explains technical concepts in a digestible way. The podcast aims to enable business leaders to do more with their data and provides a way for the community to share knowledge with one other.

In our conversation, we touch on her career trajectory from security engineer to privacy engineer and the intersection of cybersecurity, privacy engineering, and AI governance. We highlight the importance of early engagement with various technical teams to enable innovation while still achieving privacy compliance. Amaka also shares the privacy-enhancing technologies (PETs) that she is most excited about, and she recommends resources for those who want to learn more about strategic privacy engineering. Amaka emphasizes that privacy is a systemic, 'wicked problem' and offers her tips for understanding and approaching it.

Topics Covered:

• How Amaka's compliance-focused experience at Microsoft helped prepare her for her Privacy Engineering role at Cruise
• Where privacy overlaps with the development of AI
• Advice for shifting privacy left to make privacy stretch beyond a compliance exercise
• What works well and what doesn't when building a 'Culture of Privacy'
• Privacy by Design approaches that make privacy & innovation a win-win rather than zero-sum game
• Privacy Engineering trends that Amaka sees; and, the PETs about which she's most excited
• Amaka's Privacy Engineering resource recommendations, including:
  • Hoepman's "Privacy Design Strategies" book;
  • The LINDDUN Privacy Threat Modeling Framework; and
  • The PLOT4AI Framework
• "The PALS Parlor Podcast," focused on Privacy Engineering, AI Governance, Leadership, & Security
  • Why Amaka launched the podcast;
  • Her intended audience; and
  • Topics that she plans to cover this year
• The importance of collaboration; building a community of passionate privacy engineers, and addressing the systemic issue of privacy

Guest Info & Resources:

• Follow Amaka on LinkedIn
• Listen to The PALS Parlor Podcast
• Read Jaap-Henk Hoepman's "Privacy Design Strategies (The Little Blue Book)"
• Read Jason Cronk's "Strategic Privacy by Design, 2nd Edition"
• Check out The LINDDUN Privacy Threat Modeling Framework
• Check out The Privacy Library of Threats for Artificial Intelligence (PLOT4.AI) Framework

Copyright © 2022 - 2024 Principled LLC. All rights reserved.