UX meeting 20190307

Logistics

Time

17:00-17:30 UTC

Attending:

@john, @harris, @creviera, @redshiftzero, @mikael, @bumbleblue (Eileen!), @ninavizz, @eloquence

Agenda

Design Review:
- Review updates to Briefcase flow, from last meeting
  - Would like to get closure on this item as a first-pass prior to further testing, to asking to keep discussion focused towards that.
Discuss:
- Eileen from SimplySecure
  - Ame and Eileen met with Heartsucker last month, to provide general/expert UX feedback on SecureDrop.
  - Heartsucker subsequently filed SD #4086 Org Logo, SD #4096 Refresh Button, SD #4087 "How To Submit" FAQ, and SD #4083 Glossary «» Terminology, from feedback provided in this meeting.
  - I (nina) then created SD-UX #42 Source Quick Fixes to holistically evaluate all quick-fix opportunities to explore in the near-term, understanding that a Source Experience deeper-dive & proper journey mapping exercise is slated for later in the year.
  - I asked Eileen to join us to provide some context & clarification behind the above topics... and broader motivations/goals influencing why those specific things.
- Workstation Client dev pairity work this sprint
Shoutouts: Allie/Nina pairing next week!

Place

https://meet.jit.si/QuickWizardsDanceHigh

pbjt!

Eileen from SimplySecure!

...on her Source experience thoughts following a review with Ame (SS) and Heartsucker (SD)

Expected Source onboarding experience to be very different from how it is now
- Heartsucker explained how it all worked, that clarified things and "oh, ok—I get it!" were the thoughts
Train of thought... If a Source I would go to the newspaper, first That is the main road to SecureDrop I go to Guardian, NYT—I see the "Contact US" page, and go to Secure DRop I then expect next couple of steps to be retained within the NYT environment I would expect visual conisstency/experience/branding around the submission part Then when I want to elarn more about SD (because I would probably be forwarded to SD.org at some point) and I would expect a link to learn more I would then expect to see explanations around how the technology works, and then how it relates to me as a shource
Right now the website is very tailored to orgs who want to set-up an instance, which is legit
Issue is as a Source, how can you cultivate Trust there?
- Accessible and easy documentation about how SecureDrop works, sought
- Anyone who wants to learn about the technology can; but at the higher-up level, you want to use the simplest and most straight-forward way of describing it. "Connect to SecureDrop via a Secure Path". Use plain English.
- How to describe the outcome of the technology w/o Jargon. Mention of Servers and Clients is unnecessary most of the time.
Jen: On our website there are 5 items under the header... what do you think of those?
Eileen: Encryption is fine, not sure about server. Why is the server ownership important? Does not log "Personal Information," not "IP Address." Free Software is interesting because unless you work in FOSS nobody knows what that means. Maybe a reason to explain why that is trusted or audited by trusted parties.
- A glossary within the documentation would be fantastically helpful. Lots of inconsistent naming. Very particular things. Your "Jouranlism Workstation" which references the Airgap Computer, but workstation could mean a lot of things—what does this one thing mean? Lots of basic inconsistencies.
- FAQ was unclear; is this for sources, or organizations? In the documentation... you basically have written it already for different user groups, however not all oft hem will want to go to "documentation," like maybe it's 3 separate documentations? I think it's interesting to see how there are very different guides needed for very different use cases, and all in the same group will be unecessary and confusing to other people.
Logo Issue presented. Epic clarification!
- Eileen: If you go to the NYT SecureDrop. On the right you have the default SecureDrop language, and on the left you have the NYT logo. The only thing that's giving me trust right now is that it's from the NYT domain, but everything else I'm very suspicious about because it makes no sense for the NYT. Question is: it's unclear... am I submitting to NYT or SecureDrop? Bigger issue is do people have the right mental model that SD is software that NYT installs on their own servers to which I am submitting to. If I'm a source I want indicators for trust, that's the bigger issue.
- Eileen: Standardizing language for language on landing pages possibly more important than design. References Guardian's page.
SD.org discussion
- VERY targeted to news organizations.
Jen: We do have standardized landing page text recommendations, which is in the sd documentation.
- Includes how Sources should use SD.
- Concern w/ OG authored Source Guide being published was that feedback after being shared externally that it came off as too espionage-y and sounded too scary. Kevin and David had expressed interest in working on that at some point this year. We should totally do that!
Erik: How do we integrate this with other offerings for news organizations in their "Tips" page?

Action item: Most actionable changes around making sd.org more accessible towards more than one audience

Erik: What was the thinking (to Harris) around audiences? How did you break it down?
- Harris: We broke it down to 3 audiences... news orgs that already had or wanted SD, developers, and sources. I don't remember why we made the decision to prioritize news orgs at the top of the page. Would need to find notes.
Erik: do you have ideas around IA on how to re-shift things?
- Harris: Way to do w/o much code stuff would be prioritizing Sources with Content. Possibly edit the 5 SD points? The flow of the information is backwards? Points should be more general with explanation more technical Design I could see re-organizating with clearer funels to specific audience. We didn't want to do that initially but I cannot remember why.
Erik: Nina, let's focus on some text stuff for the near term?
Erik: Kevin and David wanted to collaborate on taking existing work and starting a new from-scratch around how such a doc could be structured

Briefcase 3rd Pass

UX Repo Issue · Invision Prototype
Erik/Jen: back/forth discussions between...
- how opening a new disp-VM works
- could/should we do polling to demonstrate file progress?
- can we do multiple concurrent file transfers (answer: yes... so no series-style copy-over)
Erik: Progress bar "placeholders" appear too sparse. Unclear what they're representing.

Who Uses SecureDrop?
Learn about SecureDrop's users!

Design

Brand Use Guide(ish)
UI Standards + Guidelines
Prototypes Archive
- Random things by nina, over the months and through the iterations
Design Principles
SecureDrop's Figma

Contributors

Meetings Page
Contribute!
- Really, we need help from practitioners around the world!

Learn!

User Research

Survey Resources
Redaction Guide
Template Docs
- FPF Only: UxR Participant Disclosure, New Study Template, Email Templates, etc., from +2019
Digital UxR Tools
Sample Participant Disclosure

Et cetera

General Resources

Provide feedback

Saved searches

Use saved searches to filter your results more quickly