Following introductory words on "service needs" and "business needs" vs. "user needs", Maria Izquierdo and Martin Jordan showcase some instances where data is (even in breach of legal contracts) collected against users' interest and with the potential to harm them.
The responsibility for avoiding such issues, they state, lies with those designing these systems:
If designers are not advocating for the user, no one else will. Designers are those who bridge the understanding of user needs and the design of solutions to answer them. They have the responsibility to shape services that are easy to use, but also trustworthy, understandable and accountable. It isn’t proper service design if designers aren’t designing for data in the service. It is their job to find a balance between addressing service needs, business needs and user needs.
Izquierdo and Jordan suggest the consideration of the "Privacy by Design" principle (as a matter of fact an essential building block of the 2018 EU-wide GDPR laws) and a set of principles by Sarah Gold - both of which feature one of my favourite concepts in designing with data: the "minimum viable data" approach.