A Content and User Experience Strategy for local government

Updating my original content strategy first written in 2013. Still a work in progress, still subject to change and additions

User accounts and personalisation

The site should offer to the user the most personalised - and therefore relevant - version of itself that it is possible to offer.

Some of that personalisation can be surfaced by non-personal factors such as time of day, season, weather, location, etc.

Some of it can be via settings which the user can opt-in to without necessarily logging in every time, such as favourite pages and forms, bin day reminders, school term dates, automatic updates to certain non-personal reports such as pothole reports and missed bin collections, etc. A user may opt to be able to store their contact information and user ID in a browser cookie in order to be able to quickly complete non-sensitive forms with that information pre-filled (and editable) and tied to their user account without them having to explicitly login to their account; where this is done the user will receive email notifications informing them of the form submission both to the submission email address and to the account email address if that is different, so they can be assured of the security of their contact data.

Where personal account data is involved, such as progress updates from previous personal form submissions, there will obviously need to be an on-demand login before a user can access it. We should protect our users' data at all costs, even if that might mean causing a slight inconvenience to them to access it - login session times for accessing protected data should be no longer than the standard 20 minutes between logged page interactions; users should be shown a countdown timer informing them for how much longer they'll remain logged in. We should not offer social media sign-in options such as Login with Facebook, Login with X, etc in order to protect the user from the risks associated with these services; the potential reputational harm to ourselves from a user's sensitive data leaking due to their social media account being compromised is not worth the risk to us.

Rarely is it of benefit to the user to force them to login in order to complete a form, indeed rarely is it of benefit to the organisation to force the user to login. On that basis, mandatory login to the user account for forms should only be done where it can be justified as essential in order to process the report or deliver on the request.

Consideration should be given for implementing a user account system which allows multiple people with different logins to manage a single account - for example, a couple with joint liability for council tax being able to access their council tax account from their own individual logins, or one user acting on behalf of another to manage such as housing rent payments, garden waste subscriptions, assisted bulky waste collections, etc..

Personalisation settings must be both seamless and transparent; the user should have to do as little interaction as possible in order to access most personalised content, and where content can be personalised that should be made clear to the user.