Closed Bug 1544336 Opened 6 years ago Closed 6 years ago

How does asking "How old are you" during FxA signup affect users?

Categories

(User Research :: Consultation, task)

Product:
User Research
Component:
Consultation
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jimthomas, Unassigned)

Details

Request Description
For legal reasons, we ask for a potential user's age during signup. How do users feel about this question? Does that change in different contexts (turning on Sync vs signing up for a monitor account)? Are there other ways it could be asked to cover legal requirements and reduce any found user confusion or concern (Are you over X years old?). Would adding a "why do we ask this" note improve the user experience and reinforce our commitment to protecting you online?

Deadline
No

Priority Level
(1 = High 2 = Medium, 3 = Low): 2

Priority Level Description
Relationships MAU is a top-line KPI. This screen is the gateway to any new Relationship, and seemingly small optimizations can have an outsized effect on the understanding and experience of

Supporting Information
I believe there may have been UX test around asking for age in different ways, but I'm not sure what their findings were.

Suggestions for how to tackle this:

  • Light competitive analysis: Look at similar flow (tech service-related account creation), see if they're asking for age, do they have anything that provides more detail on it
  • Get in contact with people: See if we have any information/analytics on this page
  • Potentially divert to Data Science if there is a desire to have an experiment on the impact of a "Why do we ask this?" link

[not ready to assign it, but we can put it in queue if necessary]

Hi Jim - Marking need into. Jennifer will follow up with you.

Flags: needinfo?(jimthomas)

Jim, thanks for raising this issue. I'd like to offer some (admittedly unsolicited -- my apologies) observations and suggestions from a user's perspective. The account creation pages asks for three things: email address, password, and age. Users routinely encounter sign-up forms that request an email address and password and it is clear that this information will be used for signing in to the service. It is less clear why the user's age is requested, and this bug is one of the only explanations I could find after some quick searching (this kb article mentions that age is required but does not elaborate on why). Although many online services require confirmation that a user is at least 13 years old in order to comply with the Children's Online Privacy Protection Act, the Firefox Account sign-up page is unique in its opacity with regard to why the user's age is collected. Neither the Terms of Service nor the Privacy Policy -- both linked -- clarify why the user must provide their age, and, as a user, this makes me uncomfortable.

At a bare minimum, I would echo your suggestion of adding a note explaining that the age verification is required for COPPA compliance. With this course of action, I think it would also be advisable to update the Privacy Policy to assert whether the user's age is stored and, if so, whether it is used for any purposes beyond verifying that age >= 13 during sign-up (e.g. for user analytics?).

Ideally, though, I think the "How old are you?" question should be replaced with a checkbox or similar design asking the user to confirm that they are at least 13. As part of Mozilla's commitment to protecting user privacy, it should practice fair information principles (for example, as defined by Canada's PIPEDA legislation), in this case by limiting data collection to what is necessary for it to provide the service. Mozilla does not need to know a user's age in order to provide the Firefox Account service -- only that they are not under 13.

Cheers

Unfortunately, there is rationalate behind our opacity. It is done deliberately to achieve full COPPA compliance.

https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa-frequently-asked-questions

If you choose to block children under 13 on your general audience site or service, you should take care to design your age screen in a manner that does not encourage children to falsify their ages to gain access to your site or service. Ask age information in a neutral manner at the point at which you invite visitors to provide personal information or to create a user ID.

This precludes us from asking the question more directly. Most site will ask for the exact birth date. We felt that simply asking for their age was easier and less invasive.

We treat all services the same because we are not allowed to even keep the email address of an underage user, so we do not differentiate between Sync, Monitor, etc.

The main goal of this bug is to understand whether asking the question (regardless of our reasons for doing so) causes confusion and/or potential attrition, and in what magnitude. If we can quantify that, we can determine how much effort we should put into optimizing the flow to allow for both an improved user experience and maintaining legal compliance. Small improvements in the user experience at the top of the funnel are almost always more impactful than later on in the user journey, but we need to know if it's worth revisiting this particular field (and get the right people from Product / UX / Trust / Legal on board).

In field research we saw a few responses to the "age" field. Two were about being reminded that they were/felt 'old'. Another one said that "it's [age] private sometimes". So that's two potential responses, which in this case (because they were asked to complete a task) didn't make them stop creating an account.

I checked with Loines and the form doesn't currently track "per field" completion. We do know there is a drop-off with the form in general, though.

If you are interested in quantifying the potential impact of the age field, at this point, I'd recommend adding something to the Accounts/Data Science roadmap to track "per field" completion. If there is some drop-off on that field that's higher than other fields, then we could potentially brainstorm new designs that are also COPPA-compliant and put those through concept testing on usertesting.com.

I'm going to go ahead and close this bug, and we can open another if a study needs to be run (like mentioned above) down the line.

Please follow up with Loines/Data Science if you'd like to add "per field" completion to the roadmap.

Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(jimthomas)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.