Data transparency and notification

New Delhi

17th Sep 2019 at India

The context

TTC Labs has been hosting a series of design jams around the world on data transparency, security and control and this was our fourth Design Jam in India.

As more people come online in India there is an explosion of consumer behaviour data and an opportunity for brands to create compelling, valuable and innovative products/services.

This opportunity comes with a responsibility to educate users on how and why their data is being used and encourage them to make informed choices as well as give them control over it.

In this Jam we brought together people from various industries, policymakers, regulators, academics and civil society to prototype and design people-centred products and experiences. We take patterns and ideas from the co-created prototypes to create guidelines that will set out principles for designing for transparency, safety and control.

The challenge

Design an experience that educates the user on how their data is being used, who is it getting shared with and finally giving them control over it.

KCP 2796

Who participated

People from a variety of disciplines including designers, product managers, researchers, policy & legal experts from various organisations in India like iSpirit, Data Security Council of India (DSCI), Gateway House, Carnegie Endowment for International Peace, IDFC institute, Gram Vaani among others

What happened?

Below is an outline of the stages and exercises that took place at this Design Jam. For everything that you need to facilitate your own workshop, please follow the links to the relevant part of our toolkit.

Since in the Jam we had people attending from different segments of the Indian start-up ecosystem, non-profit organisations as well as policy makers we wanted to make sure they find this workshop helpful as well as it leaves them with practical and applicable takeaways for problems they might be facing in making data policies as transparent as possible.

Below is an outline of the stages and exercises that took place at this Design Jam. For everything that you need to facilitate your own workshop, please follow the links to the relevant part of our Toolkit.


On the morning of the Jam, participants were welcomed and Introduced to Design Jamming. They then took part in discovery exercises around stations:

KCP 2551

The exercises were designed to re-frame the audience’s mindset to think in terms of data transparency and notification as well as understand the target audience for whom they will be solving the challenge statement later.

Participants heard from subject matter experts Ms.Rama Vedashree, CEO of DSCI and Mr. Siddharth Shetty, Data Empowerment & Protection Architecture Lead, iSPIRT Foundation.

All participants worked to Identify opportunities by writing How Might We's on Post-Its during these presentations, and these notes were collected by the facilitation team who placed them on the wall of the day, grouping them into key thematic areas around

  • How might we ease a first time user who is new to online interactions into sharing data and build trust?
  • How might we ensure accurate interpretation of data being used and shared
  • How might we create experiences that educate a user about data without hindering app experiences.

After lunch, the wall of the day was reviewed before moving into the Team kickoff. The teams were also given personas of young people to further Understand people.

KCP 2709

The participants were given fictional apps with data use briefs and a persona. A lot of research went into creating these fictional apps to ensure the apps and the challenge statements are applicable in an Indian context.

Each multidisciplinary team focussed on imagining transparency-focussed design patterns on different areas of fictional mobile apps, and they were given data use briefs for the Apps accordingly:

  1. Seed: Seed is a super app that lets users make payments to the friends, merchants and other billers. It uses UPI platform to let users make payments via phone number, UPI ID, QR code scan and also bank a/c details. The challenge: design an experience that builds trust and confidence by explaining to users their data is handled securely.
  2. Tale: Tale is a social networking app where users can post updates about their lives, share photos and post links to news or other interesting content on the web with their friends. The challenge was to design an experience for Tale that allows users to review the data collected about them and control the access to it.
  3. MyMed: MyMed is a health information app where users can input and manage their health information. The health profile can be shared with hospitals and doctors electronically while availing healthcare services such as consultation, emergency or operation. The challenge here was to design an experience that educate the users how they can control the data being shared and with whom.
  4. Vol: Vol is an app for searching and booking bus, train and flight tickets to travel all over India. Users can also book hotel rooms and vacation packages directly from the app. Vol is a one-stop solution for booking and managing reservations. The challenge: design an experience that educates the users about the data being collected and provides them control over it.

KCP 2805

Teams completed Challenge statements to define and refine their focus on a specific part of the challenge for each fictional app.

The facilitators Set brainstorming rules and introduced the teams to Sketching ideas. Teams moved from sketching ideas and receiving Feedback from other teams to Building digital prototypes of a single idea.

Each team worked on a presentation to Create a pitch, telling the story of their design patterns back to the whole group and receiving Feedback from experts at the end of the day.

The people in the room left with practical takeaways and expert insights on ideas they can implement in their products.
The solutions included ideas around

  • Using vernacular language to ease a person into understanding why the app is asking for certain phone permissions.
  • Making data control a seamless in-app experience by making it visible and accessible.
  • Categorising data based on sensitivity and create a consent dashboard to empower users
  • Educating users on how certain access improves the app experience.