Needs Analysis

Problem Introduction

For our HFID project we are investigating the interactions of users with Facebook's privacy settings. Despite many previous revisions of the interfaces surrounding privacy, Facebook still neglects certain parts of this ecosystem. Users are left with no common way of visualizing all of their privacy settings across different aspects of the site at once. Many settings are placed deep within the interaction flow, and there is a general lack of integration of privacy into the overall Facebook experience. Users have difficulty translating their expectations of privacy into the interface and are frequently confused by what things mean. The problem is by no means a simple one when considering Facebook's diverse collection of over 500 million users, all with varying perceptions and priorities in privacy.

We recognize that the majority of functionality necessary to meet these needs is likely already on Facebook, but it is an area ripe for interaction redesign. By exposing the current settings in meaningful ways according to user expectations, we can vastly improve the experience.

Design Planning

In addition to completing this assignment, we also created a Design Planning document for our own purposes. It outlines the various assignments and phases that we are going to be completing, and gives perspective to the overall process.

Information Gathering

The Process

The goal of our user research was to better understand how a broad range of different users perceive and deal with the issue of online privacy and how this relates to their general perception of privacy in every-day life. In addition, we were interested in specifically finding out more about how people perceive Facebook's current privacy offerings.

In gathering information for our project we constructed a process off of our experiences in UOCD, our learnings from the course readings, and our team's professional experiences in the design and software industry. We interviewed a total of eight users from the Olin, Needham and greater Boston community, which lead to substantial insight into some of the issues surrounding Facebook's current approaches to dealing with online privacy.

We identified early on in the project proposal that we would benefit from engaging a broad range of user types/groups in our study. However, it was going to be infeasible to fully reflect the complexity of Facebook's 500 million users. Through user research and persona development we tried our best to frame a representatively interesting set that wouldn't pigeonhole us into designing a solution for everyone. As Cooper states, “every time you extend the functionality to include another constituency, you put another speed bump of features and controls across every other user's road.” When creating a plan for information gathering we tried to form a set of questions and user-performed tasks that would teach us more about “common threads” between the people we talked to. By seeing these themes in their perceptions and use, we were able to generate personas that differentiate beyond obvious factors like age, socioeconomics and gender.

Through a number of personal connections we arranged interviews with high school and college students, a young professional, and a housewife. We modified the standard HFID consent narrative form to include specific references to the Facebook-centric portions of our interviews that we were asking people to share with us. Our interviews began by walking through the forms, explaining what we were trying to accomplish in the course, and discussing the user-engagement design philosophy taught at Olin. We received positive feedback around the consent narrative, and were always given permission to record audio of the interview for the purposes of internal documentation. We also asked to take non-specific photos of some of our users, allowing us to better communicate the interview environment to other team members who weren't on a specific visit.

We generated an inventory of guiding questions for the user interviews, which we presented in a defined order to complement the flow of conversations with our users. Most of our interviews started with some easy questions regarding the user's profile statistics - number of friends and photos, as well as specific questions about frequency of use and modes of access to Facebook. We then addressed the following sets of questions, which were designed to provide a balance between direct, indirect, Facebook-specific and general privacy-related questions:

  • User-tasks: We asked users to show us where they would go to see their current privacy and application settings on Facebook. We also asked users to perform a common task, like uploading a photo album, and to run through their thought process as it related to privacy in that context.
  • Perceptions of privacy: Through open-ended questions we asked users to attempt to describe their privacy settings to us — what parts of their profile they knew or thought other users were able to see or not see. We also asked what profile information they thought their Facebook applications were able to share and store, and who they thought was viewing their profile. We tried not to lead in with terminology like friends, friends of friends, networks, etc, to see which they used instinctively.
  • Every-day and online/digital privacy: We asked users about their general perceptions of privacy in every-day life and what their expectations are for it. We then directed their responses towards their perceptions of digital privacy and how these differed from privacy in their every-day lives.
  • Facebook-specific questions: Along with the general profile-specific questions asked at the start of the interview, we also asked a set of questions relating to Facebook-specific tasks and actions that required consideration of privacy. These included questions about the types of information shared and not shared on Facebook, public accessibility of profile information, different browsing habits by environments (e.g. work and home), change in Facebook usage over time, un-tagging of photos and deletion of content, insights into a positive and negative interaction related to privacy on Facebook, the role Facebook played in the user's broader online identity, expectations for use and privacy in the future, and more.

After each interview, we debriefed by extracting simple themes and take-away messages from each user from our notes. Key insights, quotes and other information were transcribed to Post-it notes for visual organization to share with other team members.

Although our information gathering was generally very effective and gave us insightful information about our users, we adjusted our process to address limitations we encountered during the first few interviews. For one, some of our users found it difficult to answer the more open-ended questions about general perceptions of privacy in every-day life. We addressed this by providing examples of what we meant about private spaces (e.g. a study or dorm room) and directed the question by asking more about the overlap between friends and family in the user's every-day lives.

In addition, we started to be careful about offering to provide help with user tasks. In the earlier interviews we were implied experts and were looked to for guidance in the tasks, but in later interviews we made it very clear that we were not going to help with the tasks under most circumstances.

Consent Forms

In order to conduct a thorough and responsible user research phase in our design process, we wrote up both an waiver releases and informational sheets for interviewees.

The Info Form provides background on what our project is, how we are using information gathered from interviews, and the expectations an interviewee can have as a result of participation. We left a copy of this with every participant so they had a reference source.

The Consent Form gives us permission to record notes and/or audio of interviews, and overviews what we are allowed to do with results of the interview. It essentially gives us permission to have been conducting the interview and to use its information. Becuase we interviewed a few high school students as a means of broadening our perspective, we also included guardian signature on the form. We collected these forms from every interview.

What We Learned

When interviewing our users, we found that they had diverse concepts of privacy and approached Facebook interactions in a variety of ways. However, these modes of interactions could generally be grouped into two philosophies: control of privacy, including carefully choosing the groups of people with access to one's personal information; and control of content, making sure that no objectionable or particularly personal information is shared by the user or their friends. All agreed that content they posted was immutable, and could not be removed from the internet, so they had to Users controlled privacy, content, or both to some degree. Additionally, those who closely controlled access to their content did so by restricting their profiles to "Friends Only" and only accepting those they knew well as friends - no one used Facebook's on-the-fly privacy settings. Most people desired some kind of granular privacy control over their contacts, even those who had generally relaxed privacy settings, as they wished to exclude some groups from seeing some of their content. Users generally had a range of intimacy with their "friends", some of whom they wouldn't describe as friends offline. Although Facebook's lists functionality is intended to provide this control over groups, those who had tried the feature complained of its difficulty of use.

Similarly, users felt that the privacy dashboard was an impediment to their control of privacy settings, although those with less restrictive settings were not as concerned. Users felt a complete high-level view of their settings would be far superior to the current scattered design, and that the ability to preview the impact of privacy settings while they adjusted them would aid them in making informed decisions about their privacy. As users all adjusted their privacy infrequently, in a "spring cleaning" activity, making the correct decisions the first time was crucial for their control over their online privacy.

Common Themes

Immutability of content: Our users indicated that they generally assume all content they post on the internet is immutable, and will be near impossible to remove after the fact. They take this into mind when posting things.

Friends are not always friends: Facebook users often have different sets of friends based around what setting they know people in. They would like a way to more easily differentiate this concept in their privacy settings.

Granular Privacy Control: Users strongly value having individual control over every aspect of their profile or their postings.

Preview impact of privacy settings while adjusting: In our observations, users often asked where they could see what content they were changing privacy settings for - eg. what their likes are while changing who can see what they like.

High-level dashboard: Users wish that their privacy settings could all be controlled from a single page - rather than the multiple ones Facebook currently has in place with different purposes to each.

'Spring Cleaning': Many users told us they had a habit of going through their privacy settings exhaustively every so often - either because of new settings or because they were getting distrustful and needed to assuage fears.

Content Censorer vs. Privacy Setter: Different Facebook users control their online identities in different ways, and we observed two large groups: people who make sure they only post content they are comfortable a broad group of people seeing on Facebook, and people who control their privacy settings to make sure no one they are uncomfortable with will see their content.

On-the-fly is not important: No one we talked to actively used the on-the-fly privacy settings provided by facebook to adjust who can see individual postings. The only exception to this was for photo albums, which are often controlled from another page regardless.


Once we were done with the interviews we started a brainstorming process about quotes the users mentioned, special ideas or thoughts, common themes, and started writing everything we got out from every interview. For each user we placed different notes and characteristics creating bubble notes and outlines regarding each process of the interview. On a table we posted every interesting note form each interviewer into post it notes. After we posted everything we thought important and special, we started another process of brainstorming taking the common themes and coming out with statements we agreed were very important describing the broken part in the privacy settings issues. After that, we started diving common post it with common characteristics to find with personas we were going to create. We end up with four different groups with common themes or related themes that matched each other or had relation. By having the main topics and characteristics of each persona we split the work evenly but making sure that every person that had a persona task assigned only had a main idea of what we thought of it and did not know exactly this persona so after creating it we could all get feedback from each other and improve the persona description. After each one had assigned a persona description, we discussed what we should change, if the description was accurate and that it covered the entire users we thought would be in that persona type. We agreed in the definitions and fixed the final details while we proceeded in creating Facebook profiles for each of this personas gathering all their information and privacy settings online.

From each interview there were details that began to form patterns. Such items included how hard it can be to manage privacy, how people knew about the changes to privacy control abilities but never actually paid attention to them, and certain individuals never visiting the settings page. There were different points of view and different expectations of privacy on Facebook across users. Most of them agreed that they knew how they wanted their privacy settings to be but they were not successful on trying to do it. There are too many features and details that cover too much in the settings page. It is hard to narrow down and divide what things you want specific people to see from the public information that you want to share. Most of them were concerned about the way photo tags are managed and the content other people can post about you without you agreeing on it being public. Also, even with some features available to create group of friends in order to manage privacy, there is no easy way to keep these groups up to date. We learned how different people are willing to use their profiles, how they have changed its use over time and how different options they have taken once they face a problem with their privacy.

We selected our personas based on common characteristics we noticed in our users. They have these things in common that creates a stereotype for each group of users. Based on age, no gender distinction, and how they use and want to use their profiles, we came out with four different personas. We think these personas cover the broadness of our users and describe as accurate as possible their needs and goals in using Facebook.

The Users Interviewed

User (anonymized)AgeGenderSocioecnomic ClassTechnical AbilityRegularity of Use

L - Lower income class
M - Middle income class
U - Upper income class

-1 - Low technical ability / less than daily use
0 - Regular technical ability / daily use
1 - High technical ability / used multiple times per day


Disseminator Dan

"I like to keep score. My number of notifications let's me know how good I'm doing."

Dan is a young professional who loves social interaction. He likes to meet new people and loves engaging conversations. Dan sees Facebook as a medium for these conversations and communication. As such, he uses Facebook as if it was a public forum. Dan doesn't care who he friends on Facebook (as long as he actually knows who that person is). He provides basic contact information to these individuals as a convenience, but without the expectation that the information will be used.

Although he uses Facebook to disseminate information, Dan is very restrictive about what he posts. He doesn't post personal aspects of his life as he knows someone could easily re-share what he posted. In this way, Dan maintains a profile that is personal but not unprofessional. Additionally, he doesn't just dump content (e.g. photos, video) for others to consume. Dan selects what he wants to share based upon whether this content is relevant to other people. Dan knows that if someone sees a picture or video and thinks it is interesting then the seed for conversation has been planted.

Dan doesn't worry much about his privacy settings. He set them to what he viewed as reasonable defaults (“Friends” or “Friends of Friends”) for most items, but prevents sensitive information from reaching the internet in the first place.

  • Values
    • Quantity of interactions
    • Constant communication w/ friends
    • Commonalities with others
  • Needs
    • Declare friends are not always friends
    • Spring Clean
  • Desires
    • Interesting, engaging conversations
    • Always knowing someone wherever he is

View Disseminator Dan's Profile

Careful Claudia

"I want to block businesses and colleges from seeing my personal life."

Claudia is 21-years old and is in her third year at college. She enjoys taking pictures, hiking and travelling in her spare time and wont spend a weekend without paying a visit to one of her favorite bars or clubs in Boston. Her friends see her as incredibly smart and she is always happy to help them out with homework and technology-related questions. Since joining Facebook three years ago, she has found it to be a great tool for keeping in touch with friends from both high school and college. She mainly uses her profile to share her pictures and life experiences and to share interesting links and information with her friends. She has restricted her privacy settings to allow only friends to view her profile, but is still conscious about the information she posts. She would like to see more transparency in the privacy settings and also wants better control over the content she shares with individual groups in her friends list. In addition, she would also like a better way to manage privacy settings for new friend requests, which she receives on a regular basis. She has untagged herself from photos before but is aware and accepts that the content is still out there.

  • Values
    • Sharing information with friends and contacts
    • Networking and socializing
  • Needs
    • Peace of mind
  • Desires
    • More transparency in privacy settings
    • Better control over individual friend groups

View Careful Claudia's Profile

Newcomer Nina

"I don't understand what these different terms/settings mean."

Nina is an 18-year old soon-to-be college freshmen. She completed her high school studies in flying colors and is looking forward to all that college has in store for her, both academically and professionally. She recently decided to start a Facebook account after seeing how some of her friends in high school were using it. Nina is excited about using Facebook for staying in touch with her old friends, engaging in social life in college and for trying out all the fun games and applications that her friends seem to be using all the time. Nina is conscious about what privacy means to her in her everyday life — she has many friends from high school but only shares personal information with a select few. She expects Facebook to fit into her new academic life at college and her professional future, and will shape her use of the service based on the level of privacy control she is given in these areas. This control also applies to her family, who she does not want to share her facebook content with. She feels a little unversed in general Facebook vocabulary – posts, tags, lists, notes, comments and likes, and is keeping things simple in the short term by sharing a profile picture, some of her basic interests and communicating with her friends on her wall.

  • Values
    • Separate professional and personal identities
    • Staying in touch with good friends
  • Needs
    • Compatibility with her academic life
    • To understand digital privacy
  • Desires
    • Understanding privacy settings without Facebook experience

View Newcomer Nina's Profile

Walled-Garden Wally

"I am not ok pictures of my family being online. They didn't choose to put themselves there - what gives me the right to?"

Wally is a 35-year old journalist, married, with two children - 7 and 4. He has a facebook profile that he uses to stay in touch with old friends from college, colleagues from work, and friends in general. He consciously set his privacy to only allow friends to see the majority of his information - but anyone can discover his profile and request to be his friend. He likes to see pictures of himself get tagged, and occasionally uploads pictures of gatherings with friends who are on facebook, but is careful not to put his family or other friends onto the internet unknowingly. He has asked people to remove pictures of his children before, but also assumes that anything he puts on facebook, and the internet, will be impossible to erase in the future. Because of this he is suspicious of facebook, and every so often when his suspicion builds he does an exhaustive recheck of his privacy settings - usually confirming exactly what he knew to be true - but occasionally discovering new features he does not understand.

  • Values
    • Privacy of family
    • Consuming information about friends
  • Needs
    • To do 'spring cleaning' before he grows too uncomfortable of facebook
  • Desires
    • A singular privacy control dashboard
    • A way to view his actual content as he changes privacy settings

View Walled-Garden Wally's Profile


After developing our personas we tried to break down what their rough goals relating to privacy on facebook are - both in terms of what idea they have for privacy of their profile, and how they would like to be able to control it.

Disseminator Dan

Dan is very comfortable with having an open online identity - he seeks to share information in a way that sparks discussion and wants to connect with interesting people around him. He has basic expectations of privacy, but wants himself to be easily discovered so he tends to not post anything he wouldn't want to be fully public.

Careful Claudia

Claudia would like to see more transparency in Facebook privacy settings and wants to be very protective of her profile - she knows some of the content surrounding her on it is not appropriate for all eyes. She wants to keep a close personal relationship with her friends while making sure she can still be seen as a professional, and as such desires an easy way to differentiate between personal and professional contacts' access to her profile.

Newcomer Nina

Nina doesn't quite know how she will be using Facebook yet, but she wants to understand Facebook privacy after hearing so much about it. She wants to feel confident in her settings, but for now doesn't know what is even available to her. She hopes it won't be too hard to figure out the privacy ecosystem so she can easily adjust things as she figures them out. For know, she only knows one thing for sure though - she doesn't want her parents to be able to view her profile.

Walled-Garden Wally

Wally already knows he only wants to share with friends, and that certain information about him and his family is absolutely off-limits for the internet. Despite this, he is always suspicious of Facebook's privacy and wants to feel confident that his settings are not faltering. He would like to set them once and know that his ideals are being upheld.

Conceptual Model

An "ecosystem" exists surrounding the Facebook network that is partly defined by a set of specific vocabulary relating to various features and interactions within the system. The current Facebook privacy settings system is also defined based on this lexicon, making it difficult for new or inexperienced users to make decision on managing their privacy.

In the current system, the user encounters is a central privacy dashboard where the state of privacy settings can be viewed, and then altered in a different view on a following page. During its most recent privacy settings overhaul, Facebook also added functionality that allows for modifying privacy settings on-the-fly for individual posts and photo albums.

The privacy options are described in detail on the Privacy page located in the site footer. In addition, the system prompts newly-registered user through use of in-context dialog boxes, to inform them about various features and privacy options. For instance, when setting an individual post's privacy options to "Visible by Everyone" for the first time, Facebook will pop up a message to inform the user about the implications of this setting. The system does not provide the user much feedback or transparency on the impact of their modified settings in the privacy dashboard, however.


Individuals with whom one has mutually linked his or her Facebook profile. These individuals generally have increased access to the information on one's profile.
Asking for permission to do something. Usually this is to become one's friend, join a group, or add an event.
Friend Lists
A method to organize friends. This features tends to be infrequently used and cumbersome. Users complain that lists rapidly become out of date.
The idea that information released onto the internet is public forever. "Once it's out, it's out."
News Feed
The primary home page for Facebook. It shows selected updates from one's friends.
A place that syndicates all of a single user's actions on Facebook. This is linked to that user's profile.
Links that associate an a profile and individual with content (e.g. a photo or a video).
An extension of the Facebook platform that allows third-party developers to integrate user information into web applications. (Some applications are developed by Facebook too.)
A set of photos uploaded by a user. These are generally tagged with individual's profiles.
Privacy Dashboard
The high-level overview page that allows a user to see his or her overall privacy settings.
The opposite of accepting a request. This denys a user access to your profile. (This functionality appears to be changing as this is written.)
The act of completely denying a user access to one's profile. This makes one appear to not exist on Facebook.
Collective pages that individuals can join. These have fallen out of favor with Facebook redesigns.
A thumbs-up icon that allows individals to quickly show support for some sort of content.
Collections of people that have a common workplace, school, or geographic location. Privacy settings can be controlled by network.
Text that can be attached to almost any content by anyone who can view that content.
Pages that represent an event at a particular time or place. They allow individuals to RSVP and share content.


The tasks for this assignment were split in the following way. We would like to mention that not feel this table accurately represents the true amount of work done by each member, as some tasks required more work than others.

User Interviews17.53017.517.517.5
Persona Creation2516.6616.662516.66
Website Development3055555
Problem Definition and Lexicon Development0000100
Process Description0001000
Summary of Findings0100000
Persona Compilation & User Goals80010010
Deliverable Process Summary0010000