The Untold Benefits of Ethical Design

(upbeat electronic music) - Hello everyone.

I'm very pleased to be here so that was a nice introduction to have.

I haven't heard that before.

I liked the Dana Scully part.

So, (laughs) with all the talks and previous talks over the last day and a half, we see like many patterns that like, kind of like, keep repeating, and I find a lot of stuff resonates with myself. We had a lot about transparency and being honest, so this kinda like is a bit into the direction of what I'm gonna speak about. And if by chatting to a few people, there has been a lot of terms coming up or ideals where I find, most people, like, they like Web performance, you like fast sites. A lot of people also value their privacy.

And like security, and this is a very inclusive event.

And I have to say, it's top notch, I really like it. So, we also all support inclusiveness, and that puts us in a group of people who want to become better at our craft, at what we do, and want to build better products.

And I'm very happy that today, I can share a few ideas with you on how we can possibly do this.

So as Josh said, while originally from Germany, I've been based in Hong Kong for the past ten years. And my name is Holger Bartel.

I am a designer and developer.

I run a small design consultancy.

And also as Josh mentioned, it feels like I've been in this industry forever.

Last night, I had a conversation and somehow like Lycos came up, (audience laughing) and I was like whoa, alright, I don't know how many remember that, but that's like a long time.

And sometimes it feels like, okay, that must be about 120 internet years or something.

So I've done a lot of client work.

And while that's great, the problem with client work is you always work with budget restrictions, or at least most of the time that is.

And at some point, I got to the point where I wanted to build stuff that I really thought was important, because a lot of times like things that are important to me, are not as important to the clients and well obviously, then you can't build it because you have to deal with restrictions. So, I talked to a few friends of mine, who also met at a conference.

We attend a lot of conferences and go and speak, and we agreed to build a product together because we wanted to put ideals into it and wanted it to be able to actually just build things like, the way we wanted to build them.

We thought one thing was important, let's just do it without any restrictions and not care so much about if somebody says oh yeah you can do that or no you shouldn't do that.

So we just wanted to do that.

We started out and we built a conference platform which is called Colloq. And with Colloq we wanted to approach things in a little bit of a different way.

First of all, we wanted to build like, a "better" product. We also wanted to see what we can do for users and to their benefit.

Instead of like, only like, talking about like, we're building a great user experience, but really think what would be great for users and that's also something that's like very dear to our hearts. We wanted to challenge the status quo of how products or more likely startups are built nowadays, because I find, a lot of times there's like a lot of things wrong with it but I'm not gonna go into detail about it, VC, money and all that, but. We also wanted to put ethics at the core of everything we do.

Because that is something that was also very important to us.

Like, being honest, being transparent.

(clinking glass) So, that's where Ethical Design comes into play.

And thanks to Oliver for the light introduction on ethics, now we're all on the same page, I like that. So when I speak about design, I'm not referring to only pretty pixels and visuals, but rather the broader design thinking, or broader sense of design. And in Ethical Design, if we look at the definition of ethics, a few things stick out but also, Oliver, I believe mentioned that already. It's like a Guiding Philosophy.

And it's the discipline of dealing with what's good and bad with moral duty and obligation.

So that sounds like, all a bit like, hmm in short, let's put it in short.

We can say design, Ethical Design is design created with the intent to do good. And I think we've heard that already as well. You could say, isn't design always created with the intent to do good? And while that might be true, there's like still, design with good intent can still go wrong sometimes. There's like this thing Facebook curates, I dunno, once a year, or so they do it, where they curate your most popular, most-liked photo, and then they put this in like this little, neat gallery, and present it to you. And sometimes, your most popular, or the most-liked photo, might not even be connected with your best memories. And if you've been around in this industry or on Twitter long enough, you have seen examples where this can go horribly wrong, and this is just like one of the more fun examples here.

So when we think about building products, we spend so much time thinking about what frameworks, technologies, tools do we use, what's like the hip stuff? But, how much time do we actually spend thinking about the impact of our products? And not only like short term, but there could even be long-term implications of what we're building. What implications, what impact does that have on our users, or even in like the grander scheme, like, society? I find this is like, a very important question to ask nowadays.

Are we making the world a better place? That's like a common thing, everybody likes to say that, and I find it's very easy to say that.

And almost every new service who thinks they're disrupting some industry, is like making the world a better place. But if like your product, or service is putting five million people out of their jobs, are we really making the world a better place? So a lot of platforms, they collect a lot of data and in most cases, in one day or the other, they actually lose it and it's kind of like, accepted nowadays. Like, it's, well, ha, it's a short outrage and it's kind of forgotten and nobody really cares.

But most of these platforms actually don't have a business model.

And if you don't have a business model, then in that case, user data and people are your product, and if that's the case, you are taking part or you are in the business of Surveillance Capitalism. The problem with Surveillance Capitalism is that maybe, at some point in the future, you might be violating human rights, but even way before that, you could actually be, and that could also be unknowingly, be using data against people.

And when systems start to make decisions about people based on their data, that could massively impact choices, opportunities and so on.

And I find like, this is like, well, we're crossing a line. We cannot just let this happen just to make a profit. Others, then in turn, they use Dark Patterns to also make a profit.

And Dark Patterns are tricks used in websites where users are pressured into making a decision, or I got tricked into like making, things they actually didn't mean to.

There's a variety of all of those Dark Patterns, but they all have one thing in common.

One example of such Dark Pattern, is like this online cancellation page of a newspaper, very well known, I believe.

And, while the user has made up their mind to cancel their subscription, the only two options the user is left with, is like, hey give us a chat, or why don't you just call us? And the user has already made up their mind. And, the problem with that is like then in both cases, like the user will end up talking to very skilled sales representative and that sole purpose of that person is to persuade the user into actually not cancelling their subscription. So there's something fundamentally wrong with this and, not a very nice way of giving users a good experience. So I wanna do a quick show of hands, like how many of you actually like to go on holidays? Hm, that's almost everyone.

There's a few people, we should have a chat later on. (audience laughing) It's good for you.

I also like going on holidays and most of the time, I especially like travelling around southeast Asia, it's very easy travelling so I usually only book like the first night after arrival and the hotel for the first night after, the last night after before departure and everything in between I like to, a lot of times I take very spontaneously.

It's very easy to do nowadays, you just go on to some booking sites, you find places that you like, check out those properties, and very quickly, you'll realise there are all these little notices, like oh this is, hey, careful this is in high demand, it's really the coolest property.

And then there's like others, they say, okay, 53 people have looked at this one, and this one has been booked 46 times in the last 24 hours. And I keep thinking, what a lucky owner.

It is really, wow.

Then you go on, you just try to find your perfect hotel. Only one room left.

And even in like, only two listings alone, you can already see like, there's like five pressure trailers and it goes like, limited offer, save now, you better make your booking otherwise, you might miss out. And that makes me feel really uncomfortable. (audience laughing) So we always talk about human-centered design. And is that, in this case, really good for our users or does it just benefit like, our conversion rates, for example? There's always a very fine line between successful marketing and Dark Patterns. And the same goes for user experience.

Many times when I hear people speak about user experience, it's mostly about like wireframes, and user flows or user journeys and while that is all valid, many times I find we have to look at UX in a much, much more holistic way. There are like many many more things that are very important for a good and great user experience. So for example, if you're building a product that is not accessible, then you can brag as much as you want, about your great user experience, because that great user experience is only gonna be great for some of us. And the same goes for many other of those areas. And when we're designing, we're like in a, position of responsibility and I've heard that before today. We are responsible, like to be inclusive and get our users into it.

We are defining that relationship of our users to our product.

The same goes like, if I trust my data to someone, or if I give information to a platform, or product or whatever, I want to be sure that it's in good hands.

I want to know that people actually care about that data that I provide or like give voluntarily because I want to use that service.

And I wanna have, like, certain peace of mind when I do that.

There's a lot of similarities to mechanical hard drive.

It's not too long ago, but that used to be like the standard.

With mechanical hard drives, it was never a question of like, if this drive is gonna fail, it was more like a question of when is it gonna fail? And the same goes for data breaches.

So, if we look at the history of data breaches, we can already see 2004, oh yeah, well, AOL screwed up a little bit.

And, if we then, follow history and go towards today, we can see like, security breaches, have just increased, tremendously.

(audience members gasping) And if you look at those numbers, it's like, nowadays, a hundred million, is almost not worth mentioning. And that's a bit of a problem.

I see those things almost everyday.

There's a new breach coming up every other day. And it's a lot of those.

Everything is a bit out of control.

And again, we're spending so much time on thinking about, like how can we collect more and more and more of that data, and use it? But then, how much time do we actually spend about thinking about securing it? What do we do with it? How do we retain it? And the big question is, do we really need all that data? Or does it mostly just satisfy our egos? I had an interesting conversation with a friend of mine in New York, and she works for like a big bank, and we came and talked about data and she actually confirmed they have this huge analytics team that collect a lot data but nobody knows how to actually bring it together and do something meaningful with it.

And I think that's like not the exception.

So there's a simple rule to be on the safe side of security, or safer side of security which is like, the data that you don't have, can't actually be lost, leaked, or stolen.

And if we think about, like, collecting all that data. We're getting all these things from the users. And we're also giving something back.

And we give back in the sense of like, we serve data to our users.

And there's an interesting saying in the Web Performance Community, which is, the best request is no request at all. So thinking about what we actually serve to our users is equally important.

The whole Web Performance, well Community, Web Performance effort, they have come a long way and nowadays you don't have to travel to remote islands anymore to find slow connections, where you're like, kind of stranded, and you're just like, okay this doesn't really work so great.

You can find it anywhere.

You can find it in front of your door.

You can find it in developed cities, developed countries, basically it can happen everywhere, and besides that, a slow connection, is only one factor of a slow loading, or slow experience.

Since we all like to talk about holidays, (laughs) I went to Cambodia last year and instead of driving from like, the north to the south, we decided, okay, let's take a flight, and save a day of driving.

And I thought, okay that's great, went on some booking, flight comparison booking sites, and unfortunately on none of the sites, I would make it through checkout. It was impossible, I tried for a very, very long time. It just didn't work.

I thought it was a good idea, to then, go directly to the airline's website, maybe more luck there, and again unfortunately all I got there was a little bit of something and actually a nice example of a failed CSS download. So after trying for a little bit, I decided okay, gonna call a travel agent, book the tickets, pay the premium, and 30 minutes later, I had the tickets delivered to my hotel, all set.

So instead of relaxing by the pool, my expression resembled a bit more something like this. (audience laughing) And seriously, I have no idea whoever thought, like, eight megabyte of hero images on any page would be a good idea.

So this is about, feeling respected also, because I think really, eight megabyte is like, come on, have a think about it, and especially if you're in a developing country, you should know that connections maybe aren't like the greatest.

So respecting users is also one part of like, a very good experience.

You want to feel respected as a user.

I had a very good experience with this app Vivino. I don't know maybe some of you know that.

It lets you scan the label of a wine bottle and then returns you some information about the wine, comments, ratings, and so on.

And what they did, I tried it from a very slow connection, I did have not like, a good time, but, basically, they analysed the wine.

And after some time they were like, okay, you know what? Sorry, we can't figure it out now, and you just go do something else, and we'll let you know when we're done.

And I find this is a very nice way of like giving your users like, making them feel respected and let them stay happy and happy users are usually much more likely to forget and forgive.

I will happily come back and use it again because they actually did not like piss me off.

So, with all that said, how can we build better products? How can we actually do things in a better way? I think one of the things we have to do, is actually rethink our approach of how we want to do things, how we, can do things.

I sometimes find, like, we're lacking creativity in finding new ways or even like, dare to find new ways on how we can do things.

It's always like, okay this is how everybody is doing it, and this is what everybody's using, so this is just what we do.

I'm sure you have a lot of like, philosophical comments on this one, but that's just how it is.

People just follow the mass.

So I think we need a little bit more creativity to break out and try new things.

'Cause the internet is still very, very young and for the most part, I find, over the last 20 years, we have been mostly, experimenting.

There's been so many things coming and going, whether it's like, hey one day we thought like, DHTML was great, the next year we thought, oh Flash is this perfect idea.

We had this conversation about it last night. So many things have come and gone, like Adobe AIR. Oh that was amazing.

Gone, nobody cares anymore.

So it's all about, like, trying these things, and I think it's also important, to fail with them, because, this is like, what drives the Web forward. We need those learnings to even understand how to do things differently in the future. We take things for granted.

We have very advanced cars today.

Super cool, electric cars, and we take it for granted. There's been a long, long, long way to get there. And I wanna have a look on how we got there and how this might relate to what we're doing.

So this is Karl.

Good German fella.

And Karl was an engineer.

And Karl, whose last name happens to be Benz, was the, was acknowledged as the inventor of the modern car. And in 1885, he came up with this first, practical automobile and a year later, he was actually awarded with the patent for this concept.

A kinda fun story to this because, at the first demonstration, it was like a little bit difficult to control.

Ran into a wall, sounds familiar does it? So 25 years into the future, Ford released their Model T. Four wheels and actually, more than two people can ride in it, so that's quite some progress already.

And if you might remember, a few years ago, a few months ago, sorry, the internet turned 25 years old. So in terms of evolution, I think we're somewhere around there.

From then on, it took like another 40 years until the first seat belts made it into cars.

And then from then, another 20 years until the first seat belt law was passed.

And I brought a little gift from Hong Kong because I have this trivia for, I have this like, cool, Hong Kong winky cat and I wanna give it away.

I wanna give it to the one who knows in which country that first seat belt law was passed.

Anyone? (audience member talks) What was that Sufil? - Greece? - No. - Australia. - Yes.

So Australia had the first seat belt law.

Then we move on, we have like electric cars, and now we're even talking about self-driving cars. Evolution just goes on, but maybe we're also there, I wasn't sure exactly.

We have the seat belts, kind of like the idea of seat belts, but we haven't like fully implemented them. So, the internet is still young and we need to experiment and we get to do things but maybe we really have to think about, like, do we need to change a few things for a sustainable future? Do we have to, or can we do things differently? Should we do things differently? It took about like 18 years of usable CSS, and hey, now we can finally centre things, which is awesome. (audience laughing) We have also like, CSS grid now and that allows for proper layouts, so somehow, I find, we have most of the tools that we need to build stuff.

We have learned how to build stuff for a very long time. And, maybe it's about time now to like, spend more time or more thinking into human essentials or like, people-focused essentials. And I've been thinking about this a lot, and came up with this concept which is kind of still like, a work in progress, 'cause it like changes every other day because you have new ideas.

But I call it the essentials for a Future Web. So we have Web standards, HTML, JavaScript, CSS and everybody now actually agrees, Web standards, is a good thing and that's like the thing we use to build stuff with.

And again, it's not always been this way.

I remember times when like Web standards weren't the default.

It was kinda like, yeah, there's this thing, but ah yeah whatever, just, it works, it looks okay, we're just like building stuff.

Like validation, nobody cared in the early 2000's, validation was kinda like oh yeah, we maybe did it, but not really.

So we have all these fundamentals now, we have like these standards, and they're default everywhere and everyone recognises that. But there's nothing that would come into, like, on the more like ethical and moral side of things. And I think we need like, a few more things in this kind of how will we build things? And that's, I think it should be privacy by design. And we need to be responsible.

We need to be responsible for whatever we build, should be accessible to anyone, because we always say the Web is the open Web and we all like the open Web. But then accessibility, oh yeah, some people think it's not so interesting.

But I find, if we want to make information available to everyone, it's our duty, it's our responsibility to actually incorporate accessibility.

We need to think about the impact of what we're building and how much harm or not we can do in the future. We should consider all these things by default. And security should be out of question after we've seen all of these breaches.

So the idea goes a little bit like this, the Web Essentials should incorporate more of those, I don't wanna call it soft skills, because they're not. But, um, essentials, like on the human side. Many people now go like, oh yeah, that's way too much work. And over the years, I've heard that so many times. Accessibility, yeah, no we don't have a budget for that and yeah you know what? We also don't have those users, we don't need it. Web performance, the same thing, now it's not so important, we need to invest in that.

We don't have a budget for that because all our users, are in the US anyways.

We spend so much time on setting up tooling, maintaining tooling, and I think most of the time we're actually fixing broken tooling, but that so much time going into that and I've never heard anyone say like, oh, that CSS thing, no let's not do that, because we don't have a budget for that, we don't need that. Eye candy has always paid the bills.

And that's also why, like Web standards was such a hard sell, because it's the invisible things. But those invisible things are also very, very important. And I'm very glad to see that now, like more and more people realise that these things can be a benefit. It can turn into, like, a business advantage and you can take good things away with it or away from it. So and this is where I want to come back to Colloq and what we've built, because there were like a few things that were really important to us and we wanted to just implement them and like add them in the way we wanted.

So one of the main questions was, how do you want to be treated as a user? How do you like to be treated? And then, since we can't always just like, take, we also have to give.

What are you willing to give? Or more likely, give up for it? It was out of question that we wanted to build like an experience that was available to everyone. Everyone can use it.

We tried to make it as inclusive as we can. We refactored a few things in terms of accessibility, because sometimes we just didn't like how voiceover would read them out, so everything should be pretty accessible because for us, that was like, out of the question.

We want everyone to be able to use that part. It's also about responsibility, like, how do you run this platform, how transparent? And I really like that transparency idea, because that's like what it is.

We are not going out there and bullshitting people. We're just like, okay, this is what you get, and this is what you get.

It's very German also, I have to say.

(audience laughing) But if you even worry about browser share and like optimising for different browsers, accessibility should be way above that list.

Also, we built everything progressively enhanced, there's a lot of thinking, like, okay, hey, users without JavaScript, but I wanna tell you a fun story which actually is very, very interesting. Because for everything we have on the site, every JavaScript functionality, we have a fallback. So the other day, we managed to deploy an error in a JavaScript file which actually brings everything to a halt. So no JavaScript and it took us more than a day, to realise that actually something was broken, because nobody complained, everything still worked. It worked a little differently, but you could use it. And it took us until Friday evening to find out, that actually, something was broken and we were like okay. If we haven't had it that way, we would've been like, okay, screw that.

Friday night and fixing errors and whatever. We were like, okay, you know what? It actually works, lets everyone enjoy the weekend and we'll fix it on Monday.

So, by doing these things, you can also benefit yourself. It's not always only about the users, it could also be very, very good for yourself.

Another thing we agreed on was we wanted to do, or wanted to create a data, like a tracking-free experience.

There's different definitions of tracking.

I would say with that we're more on the hard-liner side. No tracking for us means like, no analytics, no third party libraries, no third party scripts and so on. It's a bit on the extreme side and I do realise it might not work for everyone.

But the point is more like, what do you really need? I find with like data, and data collection, it's always about, really what do you need? What do you make of it? And for us it's like, okay, grow with your growth. Then if you need some data, you can always, like pull it. And then you know what to do with it.

Instead of like, collecting a load of data right away and have it like, sit somewhere in the corner until one magic day you come up and you're like oh, I have this great idea what we can do with all this data. Another benefit was like, because of that, we hardly have any third party scripts which is one of the biggest bottlenecks in terms of Web performance, because the more external scripts, the slower and so on. So that was like a huge benefit.

And last but not least, GDPR came along.

And we were like, hey this is awesome, we almost don't have to do anything because there's nothing to disclose, there's nothing that we're doing in a way where we have to check like okay which service provider does what with our data. There's just no data.

We have like, only like, very little so people can register an account and stuff. But, very, very helpful because I've seen companies, like struggle with the GDPR, quite a lot, and a lot of them haven't even yet managed to be GDPR compliant. In terms of security, as I said before, we wanted to have like, a certain peace of mind, for ourselves, we also wanted to provide a secure experience to our users. On besides like implementing like CSP, cross-site policies, for every form we have like, generated tokens, without that you cannot send a form and all of these things. We do not track requests and provide different content where needed.

We also came across this tool by Troy Hunt which is called, Have I Been Pwned? Which is, you might have heard of it, it's very, very cool. So back then, we were like, okay, hey we should use this. And what we do is basically, there's all the datasets from various, or a lot of security breaches in there, and when a user signs up on our platform, we run the password in a hashed form against that database.

Once we find a hash match, we know that that password, the user has chosen, has actually been already included in any previous breach. And then, we kindly ask the user to choose a different password.

So this kind of ensures user accounts don't get easily hacked because we won't have any user accounts with any one, two, three, four, five, six, seven, eight, passwords or something like that, and there's a lot of those.

And it also gives us as like, owners of the platform, a certain security, because we're on the safer site.

One thing I wanna mention at Have I Been Pwned? you can also enter your email and it will tell you if your email has been, any account with that email has been breached.

And Phil over there, he also actually wrote a RubyGem for that, right? So there's an API RubyGem if you're into Ruby. And, So it's definitely worth trying out.

I know some people who have quite a long list of account breaches.

So, great, this is all awesome.

But hey we can't do this, it's too much work and there is no but, you can't do that.

Because we owe it to ourselves to make the Web a little better.

(sighing) We shouldn't just like say no.

It's out of question, we owe it to ourselves. So we need to get our values right.

And I find, this is like, where it also resonates a bit with Oliver, is like, okay ethics versus morals. It's just about like our values.

Assume everyone in this room has their, we're on the same kinds of level in terms of thinking. We don't need to run into another disaster, that we've built ourselves.

We're already doing that elsewhere, so we don't need another one.

Especially with AI coming along, this is like, more important than ever before.

So by thinking about our users a bit better, we can achieve better performance, we can provide better experiences. We can offer better security.

And I find most of all, we can become better designers, better developers, and better project managers, and better company owners.

And become better at our craft.

This is the sole reason why everyone of you is here. All we need to do is follow our moral compass and everyone has one, and usually they're not so much off. We can start with the very, very small things and improve experience little by little.

Nothing happens overnight and the big change for sure not. But it's about the awareness and it's about everybody contributing.

And the nice thing about the Web is, that, it is an open platform, everybody can collaborate, contribute and like, we can shape the direction of where we want to take the Web.

Everybody can do that.

So, from today on, I would like everyone of you to design with the intent to do good.

And if you're not quite sure on how to do that, just try to design with the intent to do better. And from there, it's actually very easy.

From there you just do better everyday.

Thank you very much.

(upbeat electronic music)