Human-centered design at Least Authority

Human-centered design is one of the key approaches Least Authority adopts alongside security- and privacy-by-design. Our human-centered design process involves building an understanding of user needs and experiences, while using those learnings to shape design and development goals and iterations.

The case studies below provide examples of this approach. The first case study looks at file storage and sharing for human rights defenders. The second examines Winden (beta), a recently released web app to send files with ease, speed and security. 

But first, it is important to explore the concept of human-centered design and understand its importance. 


Why human-centered design matters

Whether you’re dealing with politics or products, first encounters or lasting relationships, understanding people’s needs, motivations and perceptions is challenging yet highly desirable – even essential. User experience (UX) research is an approach aimed at filling our gaps in knowledge, in order to improve people’s experiences. To make this less abstract, an experience can be anything from going grocery shopping to filing taxes, and from dating to documenting human rights abuses.

At Least Authority we believe privacy matters. This also means that we consider the privacy perspective of these and other experiences. This causes us to ask questions like: Who are you comfortable with seeing your shopping list or payment information; your sensitive financial data; pictures you send to someone you’re just getting to know; or information considered dangerous in a repressive regime? 

These questions typically reveal just how personal the concept of privacy is to an individual. Comprehensively understanding people’s motivations and perspectives on privacy has therefore been critical to our work. At the same time, it’s also been key for us to look beyond privacy in designing our products–as it is far from the only goal that drives people. People may desire a privacy-respecting tool for storing their files, for example, but they may also want something that is easy to use, allows for collaboration, or that they feel they can trust.

To identify all of these motivations we’ve carried out various forms of user experience research. Examples of such methods include: foundational interviews, trying out an application with potential users (a ‘usability test’) and administering surveys. 

The following case studies provide an overview of our approach.


Case study 1: File storage and sharing for human rights defenders

In 2019-2020, we worked on a project to support human rights defenders by adapting Tahoe-LAFS, a distributed file storage system, to their needs. In line with our human-centered design approach, we conducted three rounds of research with people that helped to take us from a conceptual understanding of needs to the minute details of a design implementation. These efforts, and the learnings that emerged from them, will be outlined in turn.

First, we interviewed four human rights organizations that we partnered with to understand their file storage and sharing needs (see these study goals). Our learnings from this research helped us understand how and why organizations mix and match tools for file storage and sharing. Some of the key factors that inform their choice of tool include: security threats, the features and limitations of each tool; the tools used by partner organizations; offline and online distinctions; as well as the capacity of the tool to facilitate collaboration, which is central to the work of human rights organizations. We used these learnings to inform follow-up research and design work about the way in which we could make Tahoe-LAFS more useful and usable for these and similar organizations. 

Next, we drafted a new study plan that helped us think through and establish what we wanted to learn. At this stage, we wanted to concentrate on foundational (needs-finding) questions and on usability, by describing the ‘folder sharing experiences’ of human rights defenders when using Gridsync, a graphical user interface for Tahoe-LAFS. 

In order to understand how usable Gridsync was, we subsequently carried out a ‘usability test’, both remotely (with screen sharing) and in-person. We asked research participants to try to complete specific tasks in Gridsync, such as “Can you please share the ‘Cat Pictures’ folder with me?”. We also asked them to think out loud while they were exploring the interface and aiming to do the task. This allowed us to identify gaps between people’s interpretation and the design intention of the application. One thing we learned about what kind of version control abilities people expected on documents when collaborating with others. The research also revealed struggles people were having with the sharing functionality in Gridsync. Based on these results, we identified concrete design changes to be made in Gridsync. (Some of the findings and recommendations are captured in this presentation at FOSDEM2020).

In the final research iteration for this project, we focused on version control and folder sharing in Gridsync (study plan). We first developed a file browser prototype, that allows for single file manipulations, including version control. While testing, we came across various friction points that research participants experienced when using the file browser and context menu, and recommended a range of improvements. Notably, we are able to use our learnings from this project in PrivateStorage, our secure file storage product, which utilizes Gridsync.


Case study 2: Winden: UX iterations for file transfers

Our work on Winden started with an NGI grant we received from the European Union (EU) to explore the consumer potential and scalability of a protocol called Magic Wormhole. This protocol allows two devices to securely and easily connect without exchanging identity information. In doing user experience research and design, we conducted several large-scale surveys, developed user stories, and did multiple rounds of testing as we iterated on the design and development of the application.

The survey we conducted across the EU helped us understand how people currently send files and what their expectations and needs are [study plan, survey questions, slide deck]. It revealed that the most pressing file transfer needs include: the ability to send large (uncompressed) files, privacy/security, speed, and ease of use. These were aspects we believed Magic Wormhole could make a difference on over existing file transfer options. Critically, the research helped us understand that a barrier to some file transfer methods is the necessity for the receiver to already have a compatible app/device. On this basis we decided to develop a web-based version of Magic Wormhole, complementing the already existing clients of Magic Wormhole, which we named Winden. With Winden, senders would be sure that receivers could receive their file using any device with a web browser. 

Informed by the results of our survey, we wrote user stories that defined what we would expect a user to wish to accomplish when using Winden, and why. We used these to create hand-drawn wireframes and subsequently prototypes. Ultimately, we wanted to make a file transfer web app that was not only private and secure, but was also both easy to use and could transfer files at speed, thereby addressing user needs we had identified. That way the privacy and security benefits of the tool we created can become accessible to all, instead of only to those specifically looking for them.

We started with a mobile design, as it would encourage us to immediately tackle the space challenges of a small screen, and later expanded to a desktop size version too. We tested this prototype (pre-alpha, study plan, research guide, results), while simultaneously working on a ‘real’ web application, that we tested later (alpha, study plan, research guide, results). In the meantime, we also did various rounds of ‘internal testing’, which meant that Least Authority team members unfamiliar with the application tried it out, helping us identify further usability issues (and also, importantly, bugs!).

Our various research rounds taught us a lot. For example, we learned that people need to take many factors into account when sending files. We learned that sending files to one’s own device (which Winden very well lends itself to) is pretty common, but usually not straightforward. We also learned that while the transfer actions in our early designs worked well, we were less successful in communicating the synchronous nature of Winden file transfers; a crucial differentiator between Winden and many other tools. Files are sent ephemerally from a sender’s device to a receiver’s, without being stored in the cloud. This means that for the transfer to succeed, the sender needs to keep their browser tab open and stay online until the receiver receives the file. Making this clear was more difficult than we expected. We repeatedly made design and copy changes based on the feedback, and it may be something we will need to keep improving on in the future.

We also pursued other ways to understand how Winden resonates with people. We conducted market research that helped us better understand specific file transfer needs across target groups, as well as the potential for Winden as a consumer product (study plan, survey questions, findings deck). 

All this work informed the work of the engineering team, who were busy meeting the challenge of developing a synchronous transfers web application that works across a stack of technologies. We were ready for an early release to help us keep learning, by gathering feedback and by doing more user research in the future. This Beta release is available at


Going forward

Human-centered design and the user experience research and design done in its name is anything but a one-time exercise. It’s an ongoing approach and way of thinking meant to ensure that the products and services we offer are both useful to and usable for people. As the case studies detailed above demonstrate, there is no clear template to implementing human-centered design. It is dependent on the information needs and resources at your disposal. Yet, this approach is key to understanding the needs, motivations and perceptions of our intended audiences. That is why, alongside security and privacy, Least Authority places human-centered design as a core pillar of its approach to software and product development.