We've covered a lot of ground on research plans and walked through each of the seven elements. In this video, we'll switch gears and discuss how to respect user privacy and data. We'll get into why privacy is important and the type of data you need to protect. We'll also think about what you can do as a designer to ensure user privacy. This part of research is really important, so let's get to it. Why is it important that you keep user data private? It's just the right thing to do. For ethical reasons, when conducting research we should always act with integrity, and that includes protecting users' privacy. There are also several other reasons that privacy is so critical. One reason is privacy laws and ethics. If you don't maintain your users' privacy, you could be violating the law. In the United States, there are several regulations on information privacy, and in other parts of the world, privacy is more thoroughly legislated. Another reason why privacy is so important is the risk of hacking. You need to secure sensitive data to avoid getting hacked and risk hackers sharing users' data without their consent. This has happened in a lot of recent high profile cases and is definitely something you want to avoid. A final reason privacy and data security is important is for protecting your company's brand. In other words, this is about ensuring that your users perceive your brand positively based on their experience with you. By emphasizing data protection, you gain their trust. And even though your research participants aren't necessarily customers, their perceptions about you and your company matter. Now let's discuss what user data needs protecting. There are two main types of data you need to protect. The first is personally identifiable information, or PII. This is made up of specific details that could be used to identify a user. This includes names, home addresses, email addresses, and phone numbers. The other type of data is sensitive personally identifiable information, or SPII, and it's even more critical. SPII is data that, if lost, compromised, or stolen could cause your users financial harm or embarrassment, or potentially lead to their being discriminated against. This includes social security numbers, driver's license numbers, passport numbers, financial account numbers, date of birth, race, disability status, gender, sexuality, criminal history, and medical information. I bet you can imagine how these pieces of data could cause someone harm if they got into the wrong hands, and especially if these pieces of data are used together. The good news is that you can protect your users' data by making privacy and security a part of your UX design and research practices. Okay, so how do you do this? First off, be transparent about data collection. Let your users know what data is being collected. Next, only collect user data that's absolutely essential for your study. For example, if you don't need to know a participant's date of birth, don't ask for it. Also, get active consent from your users to have their data collected and used. Active means that participants have chosen to take part in a study. Usually, participants receive a consent form, which they are asked to sign and return to the researcher. Provide detail about how you'll use participants' information and protect their privacy. For example, you might let them know that you'll share their feedback with your team, but you'll anonymize their quotes by using Person One, Person Two, and so on. Alternatively, you could present a group of quotes without identifying any participants. Next, allow users to withdraw at any time. This right to withdraw should be explicitly stated when obtaining consent. Also, make withdrawing easy to do. For example, you could allow participants to withdraw in writing, verbally, or simply by not showing up. Also, inform users of who will have access to their data. You might say, I'll share your feedback with my immediate team, but it won't be shared beyond that. And finally, clearly explain how you plan to store and delete users' data once it's been used. You might let them know you'll keep their videos on a secure cloud storage site until you've completed this study and then it will be deleted. Remember, it's your responsibility to take care of user data, security, and privacy, and it's the right thing to do. In our next video, we'll explore a couple of specific privacy concerns and tools we can use to keep data safe.