1. 7. Accountability and governance
1.1. Terms of service
1.2. Privacy policies
1.3. Codes of conduct
1.3.1. Within shared spaces
1.3.2. Ethical codes of conduct
1.3.3. Researcher training
1.3.3.1. Holding vendors accountable
1.4. Independent auditors
1.4.1. OTI's Corporate Accountability Index
1.4.2. IRBs
1.4.3. The public
1.5. Zittrain's information fiducaries
1.6. Research debt
1.6.1. "Just enough research"
1.7. Whistleblowing
2. 5. Principles and rules of thumb
2.1. Belmont Report
2.2. Fair Information Practice Principles
2.3. Necessary and Proportionate
2.4. Ten simple rules for responsible big data research
2.5. Bruce Schneier's privacy principles
2.6. IDEO's Little Book of Design Ethics
2.7. Melvin Kranzberg's six laws of technology state
2.8. The American Anthropological Association's Principles of Professional Responsibility
2.9. Journalism ethics and standards
2.10. Engineering ethics
2.11. The Academy of Design Professionals Code of Professional Conduct
3. 6. Tactics for researchers and research-led institutions
3.1. Pay incentives (reward emotional and interpretive labor)
3.2. Coordinate research discretely
3.2.1. Encryption
3.2.2. Private calendars
3.2.3. "Keep your team lean in the field"
3.3. Proactively assess bias
3.4. Contextual integrity
3.4.1. See "like a subject"
3.4.2. Seek out non-disclosure agreements
3.4.3. Define anti-personae and stress cases
3.5. Make accountability easy
3.5.1. Set a research strategy
3.5.2. Create research plans
3.5.3. Designate a research lead
3.5.4. Create a basis for recruiting; recruit broadly
3.5.5. Define research methods
3.5.6. Set research periods
3.5.6.1. Conduct periodic inventories / synthesis of data
3.5.7. Use an informed consent form
3.5.8. Define minimization procedures
3.5.9. Define records-retention rules
3.6. Provide copies of transcripts
3.7. Ask participants to pick their own alias (the Ikea effect for obfuscation)
3.8. Utilize de-identification and obfuscation when presenting research
4. 4. Laws
4.1. Privacy Act
4.2. Paperwork Reduction Act
4.3. The Common Rule
4.4. Third-party doctrine
4.5. Data-retention laws
4.6. Open questions on custody of data
5. 3. Privacy
5.1. Helen Nissenbaum's contextual integrity framework
5.1.1. Seeing like a state vs. seeing like a subject.
5.2. Who tells your story? Data controllers can facilitate pictures of various resolutions.
5.3. Security's role
5.3.1. Confidentiality
5.3.2. Integrity
5.3.3. Accessibility
5.4. What information is PII?
5.5. Privacy self-management and its fallacies
5.5.1. Obfuscation
5.6. Scandals as teachable moments
5.6.1. Uber's god mode
5.6.2. Evernote reading of private notes
5.6.3. Crisis averted: Lavabit shut down
6. 2. Research ethics
6.1. Who else deals with ethics as they collect information?
6.1.1. "Street-level bureaucrats"
6.1.2. Politicians
6.1.3. Doctors
6.1.4. Lawyers
6.1.5. Educators
6.1.6. Therapists
6.1.7. Advertisers
6.2. Role of researchers
6.2.1. "Technology is neutral." ...are technologists?
6.2.2. Privacy co-managers?
6.2.3. Embodiment of research principles
6.3. Information justice
6.3.1. Hippocratic oath and engineering ethics
6.3.2. Focus on ends (not just means)
6.3.3. Data ownership, data timeliness
6.3.4. IRBs (as oversight)
6.3.4.1. Social signifiers / credibility
6.3.4.2. Informed consent (as warrants)
6.3.5. Imperialism / erasure ("decolonizing methodologies")
6.4. Recruiting
6.4.1. "Weblining"
6.4.1.1. Panoptic sort
6.4.2. Overt (informed consent) vs. covert (surveillance)
6.4.3. Incentives as reimbursement for emotional / interpretive labor.
6.5. Scandals as teachable moments
6.5.1. If ethics are collective morals, let's tell some stories.
6.5.2. Analog
6.5.2.1. STD studies on Guatemalans
6.5.2.2. Tuskegee study of untreated syphilis
6.5.2.3. So many more.
6.5.3. Digital
6.5.3.1. Google reading email content
6.5.3.2. Facebook contagion study
6.5.3.3. Uber designing to encourage driver behaviors
7. 1. Design as conversation
7.1. Design decision-making styles and the myth of the genius designer
7.2. Speaking
7.2.1. Prototyping
7.2.2. Leveraging affordances to encourage behavior
7.3. Listening
7.3.1. Overt
7.3.1.1. Contextual inquiries
7.3.1.2. Stakeholder interviews
7.3.1.3. Usability testing
7.3.2. Covert
7.3.2.1. A/B testing
7.3.2.2. Web analytics
7.4. Information asymmetry
7.4.1. Rumsfeld's "unknown unknowns"
7.4.2. Trust boundaries
7.4.3. "This call may be monitored..."
7.4.4. Washington post test