12:15-12:40 / Karen Sawrey: Disagree with “I Agree”. Enforcing Better GDPR Compliance Through the Language of API Documentation

The new privacy regulations that came into force in 2018 (GDPR and Data Protection Act for the UK) are not just about the software and data collection/protection. The “privacy by design” principles mean that every aspect of software — including the documentation, especially the API documentation — needs to be in line with the message of handling the users’ data with great care.

Privacy and security have negative value — until something is broken or stolen, no one notices the efforts dedicated to keeping things safe. GDPR regulations are obscure, but they are for the greater good of all — as no one wants their data to be stolen.

We, as technical writers, can enforce the matters of better data privacy through the language and visuals in the documentation portals and live sandboxes. Which means better security. And which means clear and explicit consent forms, human language in privacy policies, and buttons that do something the user actually understands.

The talk addresses the aspects and elements of API documentation that need to be reconsidered and restyled in the light of GDPR. The way things are, an absolute GDPR compliance is impossible, but maximal compliance is doable. And we, as technical writers, can enforce it through the language graphic elements that we use for guiding the users around the API portals.

Language is powerful. It is a tool that we can and should use it to make the world a safer and better place through our documentation.