If the aim of the research is to develop a biometric system, the researchers should place particular care in the creation of the user interface, especially if the system will be used by the public. The interface should be designed as user-friendly as possible with the purpose of promoting transparency and facilitating data subjects to exercise their right to information. There are three main aspects researchers should consider: the information available through the user interface, the functionalities accessible through the user interface, and the general usability of the interface.
First, the data controller shall ensure that all the information provided to the data subjects following Articles 13 and 14 GDPR are available through the user interface. This should be easily accessible and presented in a clear and easy-to-understand way. For instance, the system might present a visible button the data subjects can click to open a pop-up window containing the information. It is advisable to have the information readily available in the system and avoid, if possible, links to external repositories or websites to minimize the risk of inaccessibility due to, for instance, connectivity issues. The user interface should also leverage on the capabilities of the device through which the information is accessed. For instance, in case the system runs on a smartphone, it could provide the option to call or send an email directly to the DPO with a simple click[1].
Second, the user interface should present a set of functionalities to make it easier for the data subjects to exercise their rights (provided that exemption for the application of such rights is not present -see section Identify the data collection approach). For instance, the user interface should make it possible for data subjects to access their personal data and rectify or delete them (insofar as this will not render the purpose of the processing impossible to achieve). Having specific functionalities accessible to data subjects will not only make it easier for them to exercise their rights but should also lower the burden on the data controllers, as many of these requests will be performed directly by the data subjects. For instance, users of facial recognition systems might need to update their pictures (e.g., after surgery). Giving them a direct way to do it, rather than having to contact the data controller, might incentivize them to keep the data updated and, therefore, and, therefore, will also ensure adherence to the principle of accuracy (see the “Accuracy” subsection in the Principles section of the General Part of these Guidelines). However, introducing these functionalities can also increase the risks to the rights and freedoms of the data subjects. For instance, in case the account of a user is violated, this ‘self-service option’ gives attacker full control over the personal data of the data subjects. Therefore, the data controller shall always ensure that any additional risk introduced by specific functionalities is adequately mitigated by appropriate security measures (for instance, multi-factor authentication, mandatory password update, etc.). In case the researchers cannot adequately mitigate risks following the introduction of new functionalities, they shall seek prior consultation with relevant supervisory authority (DPA) or avoid introducing the functionalities until they can find a feasible mitigation approach (see the “Integrity and Confidentiality” subsection in the Principles section of the General Part of these Guidelines).
Third, the general usability of the interface shall promote transparency and avoid placing unnecessary burdens on the data subjects when exercising their rights (see the Rights section in the General Part of these Guidelines). An adequate user interface should consider elements such as the characteristics of the data subjects (e.g., language, demographics, etc.), the way users interact with the system (e.g., on a PC, a smartphone, a custom hardware, etc.), the place where users interact with the system (e.g., at home, in a public space, etc.), fall-back options (e.g., when users accidentally change certain settings) and many other elements. Also, the developers should keep in mind that the system might be usedby vulnerable subjects, such as children or visually impaired people. Therefore, the interface should be designed in a way to help them using the system (e.g., voice-to-text, text magnification, etc.).
References
1Notwithstanding, the contacts shall also be displayed, and the system shall not impose any specific means of communication. ↑