Windows 10 was the first release of Windows that included several personalization features that rely on collection of user data like. This was a significant departure from how past versions of Windows have worked. The reaction to privacy controls and explanation that accompanied them was mostly negative. The initial scope of the project was to design a blog post detailing the features built into Windows 10 and how they made the user's experience better and various privacy settings built into Windows 10 affected them. The main goal was to address the negative sentiment around the Windows 10 launch by addressing poorly framed text in the Windows client, the affected settings could not be fixed until the Anniversary update for Windows. In order to stem the flow of negative criticism we were tasked with addressing the main concerns people had regarding Windows 10 and it's move to a more cloud focussed operating system.
After the initial re-design of the blog, in my spare time I worked on a pitch to overhaul how Microsoft approached privacy. In my opinion a blog post detailing the privacy trade-offs to using features just was not enough. In the post Snowden world of 2015, people were concerned about what data stored in the cloud could be accessed by the governments. Microsoft needed a new approach towards privacy, one that focused the user. The idea behind my pitch was simple, if we focused on the user, all else would follow.
We had to be honest.
The proposed project would cost Microsoft hundreds of millions of dollars in infrastructure and tens more in operational costs there was significant resistance in building something that would have a negative ROI. I worked with the PM team to make the case that whatever we spent in building and maintainingthe privacy dashboard we would gain several times more by increased consumer confidence in Microsoft products.
The pitch eventually made it's way to the exec team including WDG chief Terry Myerson and Microsoft CEO Satya Nadella.
Part of any project that I work on is to look ahead and try and articulate a vision for the future that we can all work towards. These are not final designs, the goal of this exercise was to find common ground with the PM, dev, and legal team on a north star vision that would fulfill the goal that we set out to achieve.
The privacy dashboard is a multi-year undertaking as new features and capabilities come online, so building a solid scale-able foundation was extremely important. These images show the dashboard as in it's current state
This allowed us to launch in early 2017, with several key features to be launched late 2017, including the ability to select and delete individual elements, filtering.
While this is a significant downgrade from the "vision" this allowed us to test our underlying privacy principles, technical infrastructure, and is still a meaningful step towards empowering Microsoft customers to manage their data. It's not the MVP.
Large parts of the "UX' for the privacy dashboard is behind the pixels.
I worked closely with legal and engineering to influence the way teams at Microsoft approach privacy and related settings, including writing the initial set of rules that teams can use to think about separating "feature data" and "sensitive data" in a way that is intuitive for the user and allows for graceful degradation of the experience if the user decides to delete a portion of their "sensitive data" via the privacy dashboard.
I also wrote most of the code for the Privacy education microsite