Accessibility - Paid in Privacy
When someone makes one of their many privacy decisions throughout each day -- consciously or subconsciously -- they have the ability to decide to not use a device or service that no longer meets their privacy preferences. Someone relying on a technology for accessibility assistance may not be afforded such luxuries. When general consumer technologies are used as assistive technologies, they may not have adequate data handling practices for such sensitive use cases. As a result, they may become locked-in to a product or service that no longer fulfills their privacy needs, finding themselves in a situation where it is impossible or excessively burdensome to replace it.
Assistive technologies act as an invaluable resource to those who rely on them. These technologies are often devices and services specifically built to facilitate accessibility such as screen readers, visual/object recognition systems, hearing aids, insulin pumps, robotic limbs, brain-computer interfaces, and many more. However many tools used to provide accessibility services are not designed with accessibility as the core use-case. These include things like your app-based delivery services, smart home devices (lights, thermostats, doorbells, speakers), accessibility controllers, or even just the use of video calls to do things like telehealth or remote job interviews.
Each of these technologies has their own set of privacy problems that must be addressed at a product-level. I'm not going to deep dive into all of them, else you'd be reading this for hours, but let's highlight some - rapid fire! Screen readers have robust access to the content and processes on your computer. Visual/Object recognition systems might send photos and videos of what you're looking at to a server you don't control. Insulin pumps store sensitive data about you, and in cases like Medtronic may even end up sharing your data with third-parties (lawsuit results pending). Robotic limbs, especially something like a leg, could be used to do gait analysis, which can be identifying biometric information.
Those are just the technologies purpose-built for fulfilling accessibility needs. You might use your delivery service for your groceries because you're mobility impaired, and the things you order can be used to infer a lot about you; you might normally buy groceries, but what if your dietary needs are very specific to a certain medical condition, or you're getting specific supplements, or including things from the pharmacy department in your cart. Such delivery services would be capable of building a profile about a user's health without ever being bound to the Health Insurance Portability and Accountability Act (HIPAA) as a non-healthcare provider not dealing directly with sensitive health information. The classic example is the 2012 instance of Target knowing a teenager was pregnant before she had told her family. Your smart lights may help you when you're unable to physically adjust them, but what happens when, in cases like Philips Hue, they add in motion detection to your lights long after you've purchased them.
I think you get the point. Technology can be helpful, but almost no technology in the modern age comes with no privacy strings attached.
If your users are reliant on an assistive technology such that they can't just forgo it, they are put under pressure to accept undesired privacy outcomes regardless of their privacy preferences in order to fulfill their accessibility needs. Their choice in the matter becomes an illusion, and their coerced opt-in becomes meaningless to anyone but the company that now gets to have their precious data. Sacrificing privacy for a product has becomes aggressively normalized in the internet age, but to be compelled into such a sacrifice could remove one's sense of agency of their own information. If a user does end up using your service -- compelled or no -- give them meaningful choices about how their data is stored and used. Make it so even if they're there because they must be, they feel as though their agency hasn't been stripped from them.
General consumer devices and services are not always built explicitly as accessibility tools, but they get used by people to fulfill an accessibility need. It's easy to end up designing for at-risk or impaired dependent users as an afterthought -- or maybe not at all, especially if you aren't in scope for regulations like HIPAA. Privacy expectations are context dependent, and the context for a user dependent on a technology for accessibility may be different than the context for a non-assistive user. You need to understand why someone might be using your product, not just what they're doing with it. Companies will find themselves inadvertently handling data that is related to or gives insights about someone's accessibility needs, and they need to be prepared for that to happen out of the gate.
Before you launch your product think through the data you're handling and what could be done with it. Not to understand what fancy analytics you can do or how much more money you can squeeze out of a customer, but to understand what concerns your users might have with their data. Don't store it all in loosely defined databases; label it and understand it and how it's stored. Classify riskier data and lock it down. Disallow certain use cases for it. Anonymize it. Do something to demonstrate to your users that you're worth trusting.
Used for accessibility or not, ceasing one's use of a device or service can be a burdensome affair. Lock-in is real, and changing what technology one is using may not be feasible depending on what is being provided and what the alternatives are. Even if there is a viable alternative, switching can prove to be prohibitively costly to one's resources, be it the financial cost of purchasing new technology or the time, energy, and other resources required to implement and learn how to use it.
Ideally your users don't want to leave in the first place, so be careful. Shifting the privacy paradigm of a product post-adoption impacts all of your users, but your dependent users may not have the same ability to opt-out of your service as one less dependent for fulfillment of their basic needs. Going back to what I was saying about agency, don't retroactively place your users in a precarious privacy posture; some may not be able to get out even if they want to. Don't abuse their reliance on you, and don't give them a reason to want out. Your users should never feel trapped.
When a user is ready to leave, portability is important. Fortunately many privacy regulations have portions dedicated to ensuring portability rights, but a company is in the position to interpret the law and implement it in such a way they feel is compliant. Don't be malicious here. Let people leave if they want to; understand that at any point they can depart, and it behooves you to make your product such that not leaving isn't just something a user feels compelled to do, but that they genuinely want to stay.
Ultimately, design for users who will be dependent on your services not just out of desire, but out of necessity, even when you didn't plan for it to be that way. Don't remove your user's agency. Build with sympathy and understanding that what might be a seemingly innocuous decision could be user-hostile and disproportionately impactful to someone using your product in an assistive manner. Understand your product and how your data can be used and misused, and take steps to mitigate misuse. Don't make your users feel trapped in an toxic relationship. Understand that a user is trusting you to be relied upon when they need you most, and that trust can be shattered ever so easily, with an arduous path towards regaining it.