18F’s research practices are grounded in building and maintaining trust. When participants trust us they are more likely to share full and accurate accounts of their experiences. A large part of maintaining participant trust involves protecting participant privacy.
Disclaimer: This page is intended for internal use. It is shared in the spirit of open source, to prompt conversations around design research as it relates to privacy. GSA has no regulatory authority over any of the laws discussed in this section, so don’t just take our word for it.
Personally Identifiable Information (PII)
We protect participants’ privacy by giving them a say whenever we seek to collect identifying information about them. The definition of PII was updated in 2016 to include changes in law and the advancements of technology. The Federal government defines personally identifiable information (PII) as “information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other information that is linked or linkable to a specific individual.” Circular A-130, “Managing Information as a Strategic Resource [PDF].
What is considered PII depends on context. Recordings of people’s voices and photos and videos of people are always considered PII. This includes recorded interviews and usability tests. Email addresses, phone numbers, and mailing addresses are sometimes considered PII; and when collected, stored, or presented in combination with a first name they often become PII. Each piece of collected or stored PII increases the risk of privacy violations. When possible, it’s best to refrain from collecting or storing PII at all (if you or your agency partner have questions about storing PII on third-party systems that have not been approved by GSA, you should consult with your partner agency’s Privacy Office). One way to do this is analyzing data collected via the Digital Analytics Program.
The Privacy Act of 1974 provides protection to individuals by ensuring that Federal agencies:
18F teams should protect participant privacy while also encouraging the broader team’s involvement. This is a balancing act. For example, if you were to share recordings of every stakeholder interview outside of the core project team, you would risk violating your stakeholders’ privacy (and trust).
The following guidelines, drawn from our Privacy Impact Assessment for Design Research, help us build trust and protect privacy. This list isn’t exhaustive, but it’s a good place to start: