Redefining the Meaning of Digital Data Privacy

Role

UX Designer
UX Researcher

Client

Hogeschool Rotterdam
Designful Innovation Minor

Date

Sept. 2022 - Jan. 2023

Team

Solo

Overview

This project was done for the minor Designfull Innovation. In this minor I specialised in creating concepts for one billion people all over the world.

During this minor I tried to answer the question: ‘How might I change the meaning of digital data privacy for generation z and alpha?’

We had to formulate this HMI-question ourselves and I chose this one cause it is a relevant topic right now and most people are (negatively and positively) affected by data in their lifes.

The Final Product

The final answer to my HMI-question was a card game named: ‘Who owns your data?’

On the left you can see four people playing the game. Those four people are all different companies that try to buy as much data as they can, regardless of what type of data it is.

The playable companies are focused on: Social Media, Health Care, Government and Ads.

How is the game played?
During the game different data cards are put in the middle of the table, these are pulled from a pile by one of the players. Each company then takes turns to bid on the card. The player with the highest bid in the end gets the card. The player with the most data cards when the pile is empty wins the game.

What data can be bought?

All data cards in this game are based on real data sets that people are profiled in. These data sets can be bought right now and many companies use them to exploit their audience.

On the right you can see an example of one of the cards that can be bought in the game.

Extra mechanics
Each company also has a hidden ability that they can use throughout the game, the ad company for example can change one of their existing cards to match it in their interest as they are very versatile and can use many types of data to their advantage.

Besides these abilities there are also event cards that can be pulled instead of a data card during a round of bidding, these also greatly affect the game.

Read more about my process

An explanation of one of the data cards people are able to buy. (Many more data cards exist besides this one)

My Design Process

Take a look at my research and process! (Hold right-click to drag around)

Preliminary Research

For this project I had to choose two Sustainable Development Goals (SDG’s) that interested me.  I chose the goals, Quality Education and Peace Justice & Strong Insitutions. These SDG’s are goals the UN wants to achieve by 2030.

Within these goals I started with Desk Research on the topic of Digital Data Privacy, because I think that this is a very relevant topic right now and is in desperate need for change.

Questions I had with this research: 

  • How, what and why is data gathered?
  • What are the consequences for consumers?
  • What do people know about data privacy right now?

Research Key Insights

Selling of private data
Data brokers sell your data in very confronting data sets (combined pieces of data gathered from many places), sets like ‘Low income student’ or ‘Less successful people’. (Uba, 2016)
Using data for other purposes
Data is being used for things other than just advertising, like credit scores traditionally used for underwriting loans, are now being used by half of US employers to screen job applicants. (Uba, 2016)
Data from other sources
Data is gathered and sold not only from the internet or your phone, but also in smart cities, hospitals and at your job. (Heiligenstein, 2021)

Brainstorming

After Desk Research it was time for quick brainstorming. Together with other students I held a brainstorming session consisting of Brainwriting and a Negative brainstorm.

Most interesting ideas:

  •  An app where you can sell your personal data to companies.
  • Something that scans your phone for what data is being collected.
  • Something that shocks people on what is happening with their data.
  • A popup window in your browser that tells you what data is collected.

After these methods  I chose 3 ideas which spoke to me the most and worked them out in concept one pagers. I chose the app on which data can be sold, something that scans your phone and something that will shock and try to educate my target group.

At this time I chose the target group, the younger generation, because they will shape our future companies and will be able to make a change in how they deal with data. Later on on the process, this became a more focused target group, generation Z and Alpha.

Brainwriting and Negative Brainstorm session.

Three Concepts

My Data!

This concept is a bit of an outlier. It is focused on a future where our society is already aware of data privacy and wants a solution for it. My Data is a platform where people can make a profile existing of many different types of data. You can put in your location, age, gender, medical records, drivers license, supermarket receipts etc. When you’ve made your profile you get the choice to sell your data to companies who you want. This way the consumer gets control over their data and gets a role in the brokerage of it.

Arts of Data

This is the concept that I eventually continued with (I explain why later in the process). 

This concept is an installation where people come by and put their phone on. The installation then scans their phone and shows them what apps/companies are gathering their data and what they’re doing with it. This installation is used in public spaces, libraries or museums. It is also part of a bigger thing that gives people tips on how to improve on data privacy and other facts.

The Daily Life of You

This concept is a game about the normal life of a teenager. Within this game the players make choices for the character’s life. A choice could be to download TikTok or not. After that the players get to see what the effect of that is on the character and what is happening behind the scenes. This game is played in class to promote discussion and the making of choices together as a group. (Teaching and Learning Transformation Center, 2018)

Testing & Interviews

With these usability tests i wanted to find out which concept to continue with and which one had the most value.

With the semi-structured interviews I wanted to find out if my assumptions and earlier research were valid.

I eventually chose to continue with the concept named “Arts of Data“. This concept held the most value, because it is wat shocked my target group the most and put them thinking on the subject of Data Privacy. 

Storyboard

Interactive Prototype

One of the experts I spoke to review my innovation with. Ruben is a data analytic who works at the data lab of Hogeschool Rotterdam.

Kill Your Darling & Expert Reviews

At this moment I had just done Dragons’ Den presentations for around four experts in the field of my innovation and held interviews with several data and AI analytics. (Dragons’ Den presentations are quick pitches, where you try to sell your product to the experts that are listening)
 
The feedback that they all gave me was that people need more literacy around data privacy and that there currently are no means of getting into the subject in an entry level way.
 
In summary: If people aren’t aware, they can’t even start to understand the world of data privacy.
 
With all the feedback from the experts and Dragons’ Den sessions, I had to make the tough decision to ‘Kill my Darling’. I scrapped my old prototype in favour for a new idea that would make people aware of what is happening with their data.

Design Principles

The Design Principles, Guidelines and Criteria were made right after I made the decision to ‘Kill my Darling’. This was the perfect time to redefine what me and my innovation stood for. On the right you can see which Principles made it through.

Here’s a short explanation of each principle:

  • Make the invisible visible: Data shared and sold must be made visible in a game or simple element.
  • Make the data personal: The shown data must be personal and relatable.
  • Make it quick and simple: The explanations and data need to be shown and interpreted in one look.

The Round Robin Brainstorm I held with my classmates.

Round Robin Brainstorm

Together with the principles, I started a brainstorm session to find ideas on how I can make the invisible visible, how I can make something that is really personal and also simple?

Many ideas came to fruition, but the one that stood out the most was a card game. A card game where the players compete with each other as the companies, trying to buy as much data as they can.

Prototype V1 + Testing

The first prototype was really simple and was mostly
used for a proof of concept.

The card game went as follows:

  1. The players each get a company card, without them
    showing it to each other.
  2. They then decide who starts the game. That person
    then pulls a card from the data pile and puts it in
    the middle.
  3. Now, clockwise everyone, except for the player who
    pulled the card, will start bidding on the card one
    by one.
  4. The bidding goes on till no one wants to bid higher
    and the money goes to the player that pulled the
    card.

In research from Martin, I concluded that these four companies are the largest companies that collect data from people (See the image on the right). (2020) Also in research from Robinson et al. , they found that your data is worth around 2-3k euros a year. (2017) The data sets used in this prototype are also based on research. In research from Rieke et al., it is shown that data sets are being sold that are much more intrusive than people think. (2016)

With this prototype I wanted to test if the datasets I put on the cards were shocking enough for my audience. I then proceeded to test it with a usability test. I gave the participants a short explanation of the game and let them play it out. This test was conducted twice, the first time with three students and the other one with 4 teenagers. In insights I gained from this:

  • ‘It feels really unethical to bid on real people.’
  • I wish there were more ‘game-like’ mechanics in the game. (Like stealing cards or losing a card)
  • ‘Are these really datasets that are being sold?’
  • ‘Is it even okay to sell the data of a minor, without consent?’
  • I wish the companies added more than just the names. What really makes an ad company an ad company?

The test proved what I wanted to achieve. The data sets were confronting and felt a bit personal already. With these insights I decided to iterate on it once more, adding more game-like elements.

The first paper prototype of my card game about data privacy. On top you can see the playable companies and on the bottom, the data you are able to buy throughout the game.

The money that is used to buy the data cards throughout the game, these range from 10-100 euro bills.

A few of the event cards.

The unique abilities that each company got.

Prototype V2 + Testing

Based on feedback I decided to add more game like mechanics and personality to the playable companies. The improvements were:

  • Several event cards were added to the data pile, such as a data breach that resulted in loss of data.
  • Each company gained a unique ability to influence the game with, such as the government that could swap data with another company.

 

After the improvements I tested it twice with my target audience and got the following insights:

  • ‘Is this really how my data is being sold?’
  • ‘I wish there was more depth to the people, who are
    they really?’
  • ‘I wish there was more info on the companies, how do
    they really operate?’

Prototype V3

The last iteration was a large one. The significant
things I added were:

  • A new design for the data and event cards.
  • A new design for the company cards.
  • I added a screen for each player company to keep
    their business even more hidden from the other
    players. This screen also included info on the game
    and their company. The screens told the players how
    the companies deal with their data, good and bad.
  • A new design for the money cards.

 

This last iteration was more about applying and
evaluating the prototype with my design principles.
Was it showing everything that is invisible? Does it
include personal data? And is it easy to understand?


On the right you can see the final prototype. Unfortunately I wasn’t able to test it before the final exposition, but the game was mechanic wise the same as the second iteration.

Insights I gained from the exposition:
• Some event cards are difficult to counter or
play with.
• People wanted to see a reward for having the most
money at the end of the game.
• It once again confirmed that there is a need for
a game like this, because it opened a lot of
conversations on data privacy and on what is really
happening behind the scenes.

The final version of the data cards.

The final version of the company screens. (This is the one for the social media company)