Serious Interactive Board Games: Increasing Awareness of Dark Patterns in Teenagers

Fulltekst

(1)Master's thesis. 2020. Karen Maria Nyvoll NTNU Norwegian University of Science and Technology Faculty of Information Technology and Electrical Engineering Department of Computer Science. Master's thesis. Karen Maria Nyvoll. Serious Interactive Board Games: Increasing Awareness of Dark Patterns in Teenagers. Master’s thesis in Computer Science. June 2020.

(2)

(3) Serious Interactive Board Games: Increasing Awareness of Dark Patterns in Teenagers Master’s thesis in Computer Science. Karen Maria Nyvoll. Master’s thesis in Computer Science Submission date: June 2020 Supervisor: Monica Divitini. Norwegian University of Science and Technology Department of Computer Science.

(4)

(5) ABSTRACT. With the recent developments in technology and the internet, privacy has become more important than ever before. People, especially teenagers, know little about these issues. As a consequence, they are easy to exploit, and may end up sharing more data than intended. This data may consequently be publicly available through hacking, or exploited by individuals, companies, organisations or countries with ill intentions. Many companies have their services available for free. To earn money they instead sell access to the data of their users in a complicated network. This includes services frequently used by teenagers such as Facebook, Twitter, YouTube, Google, TikTok and many more. As a consequence of this business model, the companies seek to nudge, pressure or outright deceive their users into sharing personal data through tools known as Dark Patterns. This thesis explores how teenagers’ awareness of privacy and Dark Patterns could be raised by using interactive board games as medium. Interactive board games are board games combined with interactive technology, and has the best elements from both. Board games provide social interaction and the possibility to reflect as a group, while the technology provides new and interesting possibilities for interaction. Mobile phones are chosen as the interactive component, due to their close ties with privacy issues. This thesis examines how the interaction design of the mobile phones and the board itself could be designed to support learning, as well as how Dark Patterns as an educational subject can be represented in games. The thesis uses Design Science Research as its core approach to incrementally improve the design concept of an interactive board game. i.

(6) The results of the research performed in this thesis is the design and prototype of an interactive board game, and the evaluation of it. The thesis also contributes with a literature review on the subject of interactive board games, with a specific focus on the role of the board and the role of mobile phones as the interactive component. In conclusion, the game concept and the accompanying prototype received mostly positive feedback on the use of mobile phones, the representation of privacy, the engagement and the learning aspects of the game and the chosen target group, while receiving some mixed feedback on the design of the board itself. The evaluations suggest how the design could be further improved in future iterations, which already have gained interest from another project working on privacy awareness tools. The game design and this thesis represents a solid basis for serious game development in the future. The game prototype wire frame is available here.. ii.

(7) SAMMENDRAG. Med nylige utviklinger i teknologi og på nettet, har personvern blitt viktigere enn noen sinnetidligere. Folk, og spesielt tenåringer, vet lite om denne problematikken. Som en konsekvens er de enkle å utnytte, og kan ende opp med å dele mer data enn de hadde planlagt. Denne dataen kan så bli gjort offentlig tilgjengelig gjennom hacking, eller bli utnyttet av individer, selskaper, organisasjoner eller nasjoner med ille intensjoner. Mange selskaper har sine tjenester tilgjengelig gratis. For å tjene penger selger de i stedet tilgang til dataen til sine brukere i et komplekst nettverk. Dette inkluderer tjenester som er mye brukt av tenåringer, som Facebook, Twitter, Google, TikTok og mange andre. Som en konsekvens av denne forretningsmodellen, ønsker selskapene å ymte, presse, eller rett ut bedra brukerne sine for å få dem til å dele personlig data, via virkemidler kjent som Dark Patterns. Denne avhandlingen utforsker hvordan tenåringers bevissthet rundt personvern og Dark Patterns kan bli øket ved å bruke interaktive brettspill som medium. Interaktive brettspill er brettspill som er kombinert med interaktiv teknologi, og har de beste egenskapene fra begge parter. Brettspill gir sosial interaksjon og muligheten til å reflektere i en gruppe, mens teknologien gir nye og interessante muligheter for interaksjon. Mobiltelefoner er valgt som den interaktive komponenten, på grunn av deres nære tilknytning til personvernproblematikk. Denne avhandlingen ser på hvordan interaksjonsdesignet hos mobiltelefonen og brettet i seg selv kan bli designet for å støtte læring, i tillegg til hvordan Dark Patterns som et undervisningstema kan representeres i spill. Avhandlingen bruker designvitenskapelig forskning som sin hovedtiliii.

(8) nærming for å gradvis forbedre designet til spillkonseptet av et interaktivt brettspill. Resultatene av forskningen gjennomført i denne avhandlingen er designet og prototypen til et interaktivt brettspill, samt evalueringen av det. Avhandlingen bidrar også med et litteratursøk på emnet interaktive brettspill, med et spesielt fokus på rollen til brettet og rollen til mobiltelefonen som den interaktive komponenten. For å konkludere, så mottok spillkonseptet og den tilhørende prototypen stort sett positive tilbakemeldinger på bruken av mobiltelefoner, hvordan personvern er representert, engasjement- og læringsaspektene ved spillet og den valgte målgruppen, mens de mottok litt blandede tilbakemeldinger på designet av selve brettet. Evalueringene foreslår hvordan spilldesignet kan videre forbedres i senere iterasjoner, som allerede har mottatt interesse fra et annet prosjekt som jobber med verktøy for økning av bevissthet rundt personvern. Spilldesignet og avhandlingen står frem som et solid grunnlag for utvikling av læringsspill i fremtiden. Spillprototypens wireframe er tilgjengelig her.. iv.

(9) PREFACE. This is master thesis was written under the Department of Computer Science at the Norwegian University of Science and Technology (NTNU) during the spring of 2020. It is the final fulfilment for the requirements of a master’s degree in computer science. I would like to thank my supervisor, prof. Monica Divitini for her invaluable guidance, feedback and motivation during the course of this project. Her insight, network and sharp eye has made this thesis possible. I would also like to thank the experts and the representation from the target group that have contributed with their valuable knowledge and time to help improve and evaluate the game design created during this project. Trondheim, June 2020 Karen Maria Nyvoll. v.

(10) TABLE OF CONTENTS. List of Figures. x. List of Tables. xi. Acronyms. xii. 1 Introduction 1.1 Motivation . . . . . . . . . . . 1.2 Context . . . . . . . . . . . . 1.3 Research questions . . . . . . 1.4 Research method . . . . . . . 1.5 Changes following COVID-19 1.6 Results . . . . . . . . . . . . . 1.7 Report outline . . . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. . . . . . . .. 1 1 4 4 5 6 7 8. 2 Background 2.1 Workshop . . . . . . . . . . 2.2 Literature review . . . . . . 2.3 Developed concept . . . . . 2.4 Conclusions and future work. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. 9 10 13 14 16. . . . .. 3 Problem definition 17 3.1 Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.2 Privacy violations . . . . . . . . . . . . . . . . . . . . . . . . . 19 vi.

(11) 3.3 3.4 3.5 3.6. Consequences of privacy violations App permissions and Dark Patterns The Privacy Paradox . . . . . . . . Role and context of the game . . .. . . . .. . . . .. . . . .. . . . .. . . . .. 4 Game concept 4.1 Overarching description . . . . . . . . . . . 4.2 Learning objectives and accomplishing them 4.3 One Night Ultimate Werewolf . . . . . . . . 4.4 Adaptation of core concepts . . . . . . . . . 4.5 Setup . . . . . . . . . . . . . . . . . . . . . . 4.6 Game concept . . . . . . . . . . . . . . . . . 4.7 Roles . . . . . . . . . . . . . . . . . . . . . . 4.8 Learning and reflection elements . . . . . . . 4.9 Game engagement elements . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. . . . . . . . . .. . . . .. 22 23 25 26. . . . . . . . . .. 28 28 29 30 32 32 34 36 37 38. 5 Game concept evaluation 5.1 Method . . . . . . . . . . . . . . . . . . . . . . . . 5.2 Results . . . . . . . . . . . . . . . . . . . . . . . . . 5.2.1 Learning objectives and accomplishing them 5.2.2 Adaptation of core concept . . . . . . . . . . 5.2.3 Setup . . . . . . . . . . . . . . . . . . . . . 5.2.4 Game concept . . . . . . . . . . . . . . . . . 5.2.5 Roles . . . . . . . . . . . . . . . . . . . . . . 5.2.6 Learning and reflection elements . . . . . . . 5.2.7 Game engagement elements . . . . . . . . . 5.2.8 Summary . . . . . . . . . . . . . . . . . . . 5.3 Discussion . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . . . .. 39 39 40 40 41 41 42 42 43 45 45 46. 6 State-of-the art 6.1 Background . . . 6.1.1 Rationale 6.1.2 Focus . . 6.1.3 Objectives 6.1.4 Goals . . . 6.2 Review method . 6.2.1 Protocol . 6.2.2 Databases. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. 47 47 47 47 48 48 49 49 49. . . . . . . . . . . . . . . . . . . of review . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . .. vii. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . .. . . . . . . . ..

(12) 6.3. 6.4. 6.2.3 Query . . . . . . . . . . . . . . 6.2.4 Inclusion and exclusion criteria 6.2.5 Data extraction and synthesis . Results . . . . . . . . . . . . . . . . . . 6.3.1 Selection of primary studies . . 6.3.2 Mobile phones . . . . . . . . . . 6.3.3 Board . . . . . . . . . . . . . . 6.3.4 Learning . . . . . . . . . . . . . Discussion and implications for design. . . . . . . . . .. . . . . . . . . .. 7 Design of prototype 7.1 Introduction . . . . . . . . . . . . . . . . . 7.2 Technology . . . . . . . . . . . . . . . . . 7.2.1 Resources . . . . . . . . . . . . . . 7.3 About the prototype . . . . . . . . . . . . 7.4 Prototype design . . . . . . . . . . . . . . 7.4.1 Board . . . . . . . . . . . . . . . . 7.4.2 Start screen and character creation 7.4.3 User . . . . . . . . . . . . . . . . . 7.4.4 Company . . . . . . . . . . . . . . 7.4.5 Public screen . . . . . . . . . . . . 7.5 Changes from previous concept . . . . . . 7.5.1 Roles and game concept . . . . . . 7.5.2 Mobile . . . . . . . . . . . . . . . . 7.5.3 Board area . . . . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. 8 Final evaluation: Expert evaluation 8.1 Method . . . . . . . . . . . . . . . . . . . . . 8.2 Experts . . . . . . . . . . . . . . . . . . . . . 8.3 Results . . . . . . . . . . . . . . . . . . . . . . 8.3.1 Pedagogical experts . . . . . . . . . . . 8.3.2 Game design expert . . . . . . . . . . . 8.3.3 Privacy expert . . . . . . . . . . . . . . 8.3.4 Representation of target group round 1 8.3.5 Representation of target group round 2 8.3.6 Psychology expert . . . . . . . . . . . 8.4 Discussion . . . . . . . . . . . . . . . . . . . . 8.4.1 Method . . . . . . . . . . . . . . . . . viii. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. . . . . . . . . . . . . . .. . . . . . . . . . . .. . . . . . . . . .. 50 51 52 52 53 53 56 59 60. . . . . . . . . . . . . . .. 63 63 63 64 64 65 65 66 68 69 72 75 75 76 77. . . . . . . . . . . .. 83 83 85 86 86 90 92 96 99 102 104 104.

(13) 8.4.2 8.4.3 8.4.4 8.4.5. Results . . . . . . . . . . Immediate improvement Proposed functionality . Points of discussion . . .. 9 Conclusions 9.1 Summary of results . . . . 9.1.1 Research questions 9.2 Discussion . . . . . . . . . 9.3 Future development . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . . .. 105 106 108 109. . . . .. 111 . 111 . 111 . 115 . 117. 10 Bibliography. 119. A First evaluation. 125. B Second evaluation. 130. ix.

(14) LIST OF FIGURES. 1.1 1.2. DSR cycles, from [Hevner, 2007] . . . . . . . . . . . . . . . . Workflow for the specialisation project and the master thesis .. 2.1 2.2 2.3. Collected post-it notes from an activity in the workshop, game brainstorming . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Set-up during the co-design workshop . . . . . . . . . . . . . . 11 Illustrations of the games created during the co-design workshop 13. 4.1 4.2. Cards setup in ONUW, for six players . . . . . . . . . . . . . 31 Setup of the board game and its screens . . . . . . . . . . . . . 34. 7.1 7.2 7.3 7.4 7.5 7.6. Board of the prototype . . . . . . . . . . . . . . . . . . . . The start and character creation screens that all users see The screens that are specific to the user players . . . . . . The screens that are specific to the company players . . . . The pubic screen that is placed in the middle of the table . Setup of the board game and its screens, in the prototype .. x. . . . . . .. . . . . . .. 6 8. 66 78 79 80 81 82.

(15) LIST OF TABLES. 2.1. Affordances of mobile phones in Serious Interactive Board Games with Mobile Phone (SIBGwMP)s, as found in the literature review of the specialisation project . . . . . . . . . . . . . . . . . 15. 4.1 4.2 4.3. Learning objectives of the game concept . . . Adaptation of core concepts from One Night wolf (ONUW) to the game concept . . . . . Roles of the game concept . . . . . . . . . .. 8.1. Experts and roles . . . . . . . . . . . . . . . . . . . . . . . . . 86. xi. . . . . . . . . . . 29 Ultimate Were. . . . . . . . . . 33 . . . . . . . . . . 37.

(16) ACRONYMS. ADI Around Device Interaction. ALerT Awareness Learning Tools for Data Sharing Everywhere. AR Augmented Reality. CT Computational Thinking. DPs Dark Patterns. DSR Design Science Research. GDPR General Data Protection Regulation. HCI Human Computer Interaction. HMD Head Mounted Display. IBG Interactive Board Games. IDI Department of Computer Science (At NTNU). IT Information Technology. MDI Multi Device Environments.. xii.

(17) MTIS Multi-Touch Interactive Surfaces. NCC Norwegian Consumer Council. NRK Norsk Riks-Kringkasting (Eng: Norwegian Broadcasting Corporation. NSD Norwegian Centre for Research Data. NTNU Norwegian University of Science and Technology. ONUW One Night Ultimate Werewolf. PDA Personal Digital Assistant. RQs Research Questions. SGs Serious Games. SIBGwMP Serious Interactive Board Games with Mobile Phone. UI User Interface. UX User Experience. VR Virtual Reality.. xiii.

(18) CHAPTER. 1 INTRODUCTION. 1.1. Motivation. With the recent developments in technology and the internet, privacy is more important now than ever. Technology is readily available everywhere around us, in mobiles, TVs, computers, kitchen appliances, cars, and in wearable equipment. Most of this technology is connected to the internet as well, and requires their users to create accounts to use them. People are spending more time online than ever, and there are few restrictions or regulations applied that ensures that the data collecting the companies perform on their users are following ethical standards. Privacy is a human right, and it is necessary for maintaining a power balance and trust in society and in people’s private lives. Instances such as the Cambridge Analytica Scandal, which is believed to have affected the US presidential election in 2016 [Isaak and Hanna, 2018]1 , shows possible consequences when people’s privacy is violated on a large scale. Amnesty International’s report ”Surveillance Giants: How the business model of Google and Facebook threatens human rights” [Amnesty International, 2019] sheds light on a problematic business model, in which major technology companies have their services available for free, while collecting their user’s data for advertisement revenue instead. Advertisement represented of 90% of Facebook’s income in 2018 [Øverby and Audestad, 2018, p. 153]. To push their users into sharing their data, many of these companies utilise tactics known as Dark Patterns (DPs) to nudge or outright deceive 1. The Guardian: Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach (2018) https://www.theguardian.com/news/2018/mar/17/ cambridge-analytica-facebook-influence-us-election (Visited 03/06/2020). 1.

(19) their users. Most of these patterns are questionable in terms of ethics, while some of them are downright illegal [Forbrukerrådet, 2018a]. DPs will be a focus in this thesis. When users are tricked into sharing their data, it is nearly impossible for to track where that data eventually ends up in the network of data collectors and advertisement companies. It is important for people to stay aware of these problems, and demand better from companies and service providers. Teenagers, the digital users of the future, are especially prone to these issues, as they receive little education on online security and privacy2 . They are also known to be active users of social media3 , and use services such as TikTok, Facebook, Instagram, Google, Snapchat and Twitter, which are known to have privacy issues. Consequently, teenagers are the focus group of the game design created during this thesis. The selected tool for raising teenager’s awareness on privacy and DPs are serious games. These games have the main goal of educating [Laamarti et al., 2014], which can be used for raising awareness, promoting cooperative reflection and behaviour change. They are shown to have a positive effect on academic achievements and engagement among learners [Zhonggen, 2019]. Games are an interesting tool for raising awareness of social problems, as they enable players to playfully interact and use engaging game elements that are enjoyable to them [De Jans et al., 2017]. Additionally, multiplayer serious games allows for the players to learn cooperatively, which is especially beneficial when the players are sitting face to face. To make the most of this, serious games in the form of board games are used during this thesis. Face-to-face interactions is known to be the richest form of information processing, as it gives instant feedback, where the participants can then test their understanding and correct their interpretations [Daft and Lengel, 1986]. Additionally, it allows for spoken languages and emotionally relevant communication signals such as body language and facial expressions to become useful information when it comes to player’s collaboration and competition, 2. Ungdom og digital sikkerhetskultur (Eng: Youth and digital security culture) (2017) https://norsis.no/wp-content/uploads/2017/08/Ungdom_og_digital_ sikkerhetskultur_web.pdf (Visited on 03/06/2020) 3 Barn og medier 2020: Halvparten av norske niåringer er på sosiale medier (Eng: Children and media 2020: Half of Norwegian nine year olds are on social media) (2020) https://medietilsynet.no/om/aktuelt/ barn-og-medier-2020--halvparten-av-norske-niaringer-er-pa-sosiale-medier/ (Visited 03/06/2020). 2.

(20) which enhances sociality in the board game [Zhang et al., 2012]. Also, research points towards tangible interfaces, such as the ones being used in board games, being beneficial for participation and awareness [Houben et al., 2016]. The specific type of board games that will be used during this thesis are known as Interactive Board Games (IBG)s. IBGs are board games that have been augmented in some form through technology, thereby becoming hybrids of digital and analogue board games [Kankainen, 2019]. They are a form of pervasive gaming, which also includes genres such as smart toys, affective gaming, location aware games and augmented reality games [Magerkurth et al., 2005]. Pervasive games allows for mobile location independent gameplay, integration of virtual worlds and the real world, and social interaction among the players [Tiensyrjä et al., 2020]. They can also help in automating game mechanics and shorten the learning curve of a game [Kankainen, 2019]. In short, IBGs combine the best elements of traditional board games and digital board games. They are also shown to enable collaborative learning, which increases when the players use mobile devices that enable them to play anywhere and anytime [Pelser-Carstens and Blignaut, 2017]. The interactive component that is focused on for the duration of the thesis, is the mobile phone. Mobile phones was the focus during the specialisation project as well, as described in chapter 2. That was a result of mobile phones being the preferred technology among participants in a workshop performed during the project. Consequently, the literature review performed in that same project revealed that mobile phones have many affordances that are relevant to this thesis. Additionally, mobile phones are readily available for the players, and they are tightly connected with privacy issues and DPs, as they quickly are becoming the main tool that people use to access online services. According to ITU’s (International Telecommunication Union) statistics, the use of mobile phones has increased to over 45 hundred million users across the world, and the popularity rate of mobile phones has surpassed more than 90% in developed countries4 . To summarise, the thesis will design a serious interactive board game with mobile phones as the interactive component to raise awareness of Dark Patterns among Norwegian teenagers. 4. ITU Corporate Annual Report (2009) http://www.itu.int/dms_pub/itus/opb/ conf/S-CONF-AREP-2008-E06-PDF-E.pdf (Visited on 04/06/2020). 3.

(21) 1.2. Context. This is a master’s thesis written under the department of Department of Computer Science (At NTNU) (IDI)5 at Norwegian University of Science and Technology (NTNU). It is the continuation of the specialisation project, [Nyvoll, 2019], performed during the autumn semester of 2019. During the project, the goal was to understand how serious games in the form of interactive board games could be used to raise awareness among teenagers on dark patterns, with focus on understanding the field and the knowledge base within field. More details on the specialisation project are in chapter 2. The thesis will be written over the course of the spring semester of 2020, and is done with the guidance of prof. Monica Divitini as supervisor.. 1.3. Research questions. The Research Questions (RQs) that will be elaborated on in this thesis are divided into the following question and sub-questions. • RQ1: How can serious interactive board games with mobile phones as the interactive component be designed to raise teenager’s awareness of dark patterns? • RQ1.1: How can the mobile phone interaction of such games be designed for promoting the educational subject? • RQ1.2: How can the board interaction of such games be designed for promoting the educational subject? • RQ1.3: How can the educational subject of dark patterns be represented within such games? Finding out the first RQ is the main goal of the thesis, and is answered through thhe game that is designed during the course of this project. Its aim is to raise teenager’s awareness of dark patterns as privacy issues, through the use of a specific type of SGs. For the remainder of the thesis, the type of game will be known as SIBGwMPs. SIBGwMPs have two main components for 5. Department of Computer Science, NTNU (2020) https://www.ntnu.edu/idi (Visited 17/02/2020). 4.

(22) promoting their educational subject; the board itself and the mobile phones as the interactive component. There are many reasons for focusing on the interaction design of the board and on the mobile phones. Firstly, the board is the main space that all players are watching and interacting with. It can be leveraged as a core component in giving information, educating players and raising their awareness on the educational subject. Secondly, mobile phones are tightly connected to the problem, and has shown potential for enhancing learning by contextualising the actual setting and increasing player’s engagement [Nyvoll, 2019] While the thesis examines how to promote the educational subject through mobile phones and boards in SIBGwMPs in general, it also looks into how to represent DPs specifically. Predominantly, RQ1.1 and RQ1.2 are answered through the literature review in chapter 6, while RQ1.3 is answered through the evaluation of the designed game in chapter 7. The main RQ is answered through its subquestions.. 1.4. Research method. The overarching method used in this thesis is Design Science Research (DSR). DSR is a methodology that is well suited for solving complex problems by making well adjusted and innovative solutions within Information Technology (IT). It is characterised by the creation of artifacts based on existing and practical knowledge [Hevner et al., 2004], and is therefore well suited for this thesis. The created artifact is in this case the game design. DSR was used as methodology during the specialisation project as well. The creation of artifacts during DSR is partitioned into three overlapping cycles: relevance, rigour and design. The relevance cycle gathers information from the environment in order to map requirements and acceptance criteria for the finished artifact. During the specialisation project, this cycle was performed by arranging a workshop with teenagers, with the intention of gathering information on their knowledge, habits and opinions. The results of the workshop are utilised in this thesis as well. The rigour cycle gathers information from the existing knowledge base, i.e. other literature on the subject. This is to make sure the created artefact is innovative and that it is based on existing knowledge. The rigour cycle is covered by a systematic literature review, performed both in the specialisa5.

(23) tion project and in this thesis. Finally, the design cycle consists of iteratively improving the created artifact, to make sure it solves the proposed problem and it fulfils the acceptance criteria. The design cycle will be the phase that is responsible for the development of the game design.. Figure 1.1: DSR cycles, from [Hevner, 2007]. 1.5. Changes following COVID-19. Originally, the result of this thesis was planned to be an implemented prototype of a SIBGwMP. It was intended to be evaluated with experts and the focus group in a face to face setting, with three iterations of improvements through the DSR design cycle. The planned method of development was user centred design, which is a development methodology that actively involves the user, in order to make the product adapted to the user and their situation, instead of the other way around. It consists of iteratively improving the product, which in this case is the game prototype, by involving the user in different parts of the development through different methods such as focus groups and usability testing [Abras et al., 2004]. 6.

(24) As a result of the COVID-19 outbreak, face to face evaluations became next to impossible to plan and and execute. The main reasoning for choosing to work with board games for this thesis was due to the many beneficial affordances that are available only in face to face settings, where the players can actively see each other and communicate through spoken and body language. Some options to evaluating traditionally could be evaluating and playtesting the physical board game online, or creating a completely virtual version of it, but both of these solutions would lack the face to face interactions that are important to the players. As a result of this, all of the evaluations of the board game were made into expert evaluations instead, where the experts looked into a game concept instead of playtesting an actual implemented prototype. Consequently, using user centred development as a method was phased out as well. Instead, the thesis has gotten a larger focus on the rigour aspect of DSR with a more theoretical approach based on the literature. Since the change of focus happened halfway through the thesis, some time was lost to the change, which resulted in stricter time constraints for the thesis, which again lead to two iterations of evaluations instead of three.. 1.6. Results. The results of the this thesis contributes to the field of serious interactive board games for privacy awareness in many ways. Firstly, the literature review contributes to the knowledge base by showing how SIBGwMPs have been, and can be made. It describes a possible design options that can be used to create SIBGwMPs in the future. Secondly, the game concept and its evaluations contributes by exemplifying the literature review, and shows how creating a SIBGwMP can be done. The game concept is based on a workshop and a similar literature review performed in the specialisation project as well. All together, these results stands as possible guidelines to be used for anyone who wishes to create a SIBGwMP or any serious game educating on DPs in the future. An overview of the workflow of the two projects and how they tie in with each other can be seen in Figure 1.2. The overview is based on DSR.. 7.

(25) Figure 1.2: Workflow for the specialisation project and the master thesis. 1.7. Report outline. The thesis is divided into the following chapters. In chapter 2, the goal, research method and results from the specialisation project is recounted. Next, in chapter 3, the problem that the thesis is aiming to contribute with a solution to is described. The chapter delves into the issue of privacy and dark patterns, as well as how the suggested solution fits in. An improved version of the game concept developed in the specialisation project is described in chapter 4 and evaluated in chapter 5. A systematic literature review on how the mobile phones and boards could be used to support learning in serious interactive board games is performed in chapter 6. Based on the literature review and the game concept evaluation, the game concept from the previous chapter is improved and described in chapter 7. The final evaluation is an expert evaluation, and is performed in chapter 8. Finally, the conclusions for the thesis and its discussion is written in chapter 9.. 8.

(26) CHAPTER. 2 BACKGROUND. This chapter will give a short summary of the specialisation project [Nyvoll, 2019] that was performed during the autumn semester of 2019. The project forms the basis of a lot of the work done in this thesis. Its main contributions to the field is the co-design workshop that was performed, the literature review, and the resulting game concept. The concept not evaluated due to time constraints. DSR was utilised as research method during the specialisation project as well, with the main focus being on the relevance and the rigour cycle, which is represented by the workshop and the literature review, respectively. The workshop results are used as as basis for the understanding of the environment in this thesis as well. The problem definition and focus on DPs are similar to the ones of this thesis. The title of the specialisation project was ”Serious Interactive Board Games: Increasing Awareness of Dark Patterns in Teenagers”, and its research questions are shown below. Specialisation project RQ1 was answered through its sub questions, while RQ1.1. and RQ1.2 was answered through the workshop, and RQ1.3 was answered through the literature review. • (SP)RQ1 How can serious games in the form of interactive board games be used to raise awareness among teenagers on dark patterns? – (SP)RQ1.1 What are teenager’s attitude to and knowledge level of privacy? – (SP)RQ1.2 What game elements and game goals do teenagers prefer?. 9.

(27) – (SP)RQ1.3 How does using mobile phones as the interactive component affect interactive board games? In addition to the workshop and the literature review, the specialisation project has also received guidance from a political advisor at the Norwegian Consumer Council (NCC)1 , through an informal interview. During this, details of DPs were explained and ideas of game concepts were aired.. 2.1. Workshop. The workshop was performed in cooperation with another student’s specialisation project, [Johansen, 2019], which had similar problem definition, target group and goals as [Nyvoll, 2019]. The main goal of the workshop was to better understand the target group, the context and the field, to again improve the resulting game. The workshop had many different activities for learning more about teenagers and their views, see Figure 2.1 for an example, and lasted approximately 6 hours. The final activity was a co-design workshop based on the SPRIG workshop2 [Bergen et al., 2018], in which the participants designed their own serious games. The setup from the co-design workshop can be seen in Figure 2.2. Two days of workshops were arranged with a total of 22 participants from different schools in Trondheim. The participants were all between 13 to 18 years old, with 45% of them being male and 55% being female. All of the participants were hired as a part of the OD-day3 work, and received a small compensation that went to charity for their participation. During the workshop, data was collected by gathering notes from the participants, as well as recording some of their conversations on a recorder. As a result, most of the results are based on qualitative artefact analysis. The use of the recorder was of course allowed and approved by the NSD4 . Overall, the results showed that participants believe privacy to be important, but have varying knowledge on the different aspects of privacy. They demonstrated a high level of awareness of interpersonal privacy, in the sense 1. Forbukerrådet (2020) https://www.forbrukerradet.no/ (Visited 17/02/2020) SPRIG, Website of the Serious Privacy Game Workshop! (2018) http://sprigwork. shop/ (Visited on 19/05/20) 3 Operasjon Dagsverk (2020) https://www.od.no/ (Visited 19/05/20) 4 Norwegian Centre for Research Data (2020) https://nsd.no/ (Visited on 19/05/20) 2. 10.

(28) Figure 2.1: Collected post-it notes from an activity in the workshop, game brainstorming. Figure 2.2: Set-up during the co-design workshop that they are knowledgeable on when, what and with whom to share information, videos and photos online with. When it came to knowledge on privacy between companies and users, however, they displayed very little 11.

(29) awareness. During the workshop, several of them answered that they were not sharing their data with companies, while at the same time they answered that they shared their location with selected friends and family through the Snapchat feature Snap Map. Seemingly, the participants did not realise they are implicitly sharing their location with the Snapchat company as well. This discrepancy in privacy awareness is an important for this thesis, as it focuses on DPs, which are closely tied in with the privacy issues of companies as well. The results also showed that some of the participants knew of and actively uses the privacy settings on their mobile phones. Several of the participants also implied that they knew that their online privacy habits are unfavourable, but still refrained from improving them due to convenience. The participants also revealed that they learned very little about privacy in school, and that most of them learns about privacy through their parents, or other family members or friends. An exception would be the ”Delbart” (Eng. ”Shareable”) campaign launched by the Norwegian National Criminal Investigation Service5 , which aims to teach teenagers and youth about sharing private pictures. Several of the participants mentioned this campaign during the workshop. When it comes to the participants’ views on serious games, they appeared to be intrigued by being able to learn through games, though they did not know a lot about serious games before the workshop. Their interests in recreational games were mostly focused on games with cooperative and/or competitive multiplayer, and with themes such as action and exploration. Games like Minecraft6 and Overwatch7 were mentioned several times. The characteristic of serious games that they valued the highest was ”fun”, though what that entails may differ from participant to participant [Bartle, 1996]. During the co-design workshop all of the groups favoured mobile phones among the available technologies as the created game’s platform, which among other things led to the mobile phone focus in the literature review. There were many interesting and well thought through game ideas generated from the co-design workshop, some illustrations from three of the groups can be seen in Figure 2.3. The developed game concept in the specialisation project is 5. Er dette delbart? (Eng. ”Is this shareable?”) (2019) https://www.politiet. no/globalassets/dokumenter/kripos/delbart/delbart_brosjyre_bm.pdf (Visited 20/05/20) 6 Minecraft (2020) https://www.minecraft.net/en-us/ (Visited 21/05/20) 7 Overwatch (2020) https://playoverwatch.com/en-us/ (Visited 21/05/20). 12.

(30) based on group Red’s game concept, which is a simulated social media app.. (a) Group Orange. (b) Group Red. (c) Group Blue. Figure 2.3: Illustrations of the games created during the co-design workshop. 2.2. Literature review. The results from the systematic literature review that was performed, in short, showed that mobile phones are easily available, and are relatively easy and cheap to develop on. They have many interaction opportunities and technologies that are beneficial for game development, and they are 13.

(31) shown to have a positive effect on engagement and reflection in the games in which they are used. Mobile phones come with many relevant affordances that can be used to support learning within SGs, the ones described in the literature review can be seen in Table 2.1. Within the context of mobile phones, affordances are properties of the phones, either physical or virtual, that invite the users to interact with them in a certain way. In addition to the affordances described, mobile phones were shown to be able to support situated learning.. 2.3. Developed concept. The concept that was developed was, as mentioned, based on group Red’s game, which is a simulated social media. In the case of the game concept, the fictional social media deploys several DPs. The concept is an example of a SIBGwMP, and uses mobile phones as a result of the participants preferring them during the workshop, and as a result of the literature review. Using mobile phones with a simulated social allows for situated learning, as the players most likely experience DPs through social media in everyday situations as well. The game concept is based around social deduction games, such as Mafia, where there is an informed minority and an uninformed majority8 . The job of the majority is to track down the minority, while the minority aims to stay hidden. All players do this by communicating with each other and by bluffing each other. In the concept, the minority is represented by the fictional CEO of the social media while the minority is represented by the social media app users. This role based gameplay is partially based on the game created by group Orange, which made the players see privacy issues from the viewpoint from several different characters to teach about the consequences of privacy issues. The reason for basing the concept on social deduction games, are that the participants of the workshop appeared to have very low awareness on company/user privacy issues. By being allowed to play both sides of the social media app, the players should be able to gain more awareness of the ways they interact with social media apps and the DPs on them. A social deduction game would also allow the players to utilise their mobile phones 8. Mafia (party game) (2020) https://en.wikipedia.org/wiki/Mafia_(party_game) (Visited on 21/05/20). 14.

(32) Affordance Private/public spaces. Inter-mobile cooperation. Extended gameplay. Combination with game tokens. Description By using several screens, the game can have spaces that are designated for the entire group or just for individuals. This can be used as a design element in the game to up the tension and support cooperation, coordination and communication among the players Mobile phones have the technology to communicate amongst themselves. For example, players can send each other private messages, or line up their mobile phones and connect the screens, to be able to solve puzzles together The technology in mobile phones allows for players to play in a geographically distributed settings, and even in a asynchronous way The players can use the mobile phone in unique ways to interact with the game. Examples are using the phone to shake, flip or otherwise move the phone as an interaction method, or use the mobile phone as a controller for what happens in the game. Another use is to utilise the phone directly as a game token by using it as a pawn or something similar. Table 2.1: Affordances of mobile phones in SIBGwMPs, as found in the literature review of the specialisation project as a private space, as well as secretly communicating and creating alliances, making the most of the technology at hand. Another reason for choosing social deduction games was that the participants greatly enjoy playing multiplayer games with either cooperative or competitive gameplay. Social deduction games are multiplayer, and they are examples of cooperative-competitive [Morschheuser et al., 2017] games, where. 15.

(33) the players are cooperating with their teammates and competing against the other team(s). Basing the game concept on an existing concept also greatly favours the entertainment it can deliver, which is useful, as the participants of the workshop described ”fun” as the most important aspect of serious games.. 2.4. Conclusions and future work. The specialisation project concluded that it had answered the RQs in an adequate manner, and that the results from the workshop and the literature review was the main contributions to the field. As a consequence of the time frame, the project did not allow for any prototype to be made or tested. In future work, it was suggested that the game concept could be further developed, iteratively evaluated, and then finally used to see the effects on the player’s awareness on DPs.. 16.

(34) CHAPTER. 3 PROBLEM DEFINITION. This chapter looks into the problem the thesis is trying to solve, by examining privacy as a concept, different privacy violations and their consequences, app permissions and Dark Patterns, as well as the Privacy Paradox and the role of the game. This chapter represents a part of the relevance cycle in DSR. It is based on the problem chapter of [Nyvoll, 2019], as both are focusing on the same issues.. 3.1. Privacy. Privacy is a human right1 . Conserving privacy for the individual is important, as it helps in limiting the power of those in power, it increases trust between individuals and between individuals and those in power, and it helps maintain social boundaries. Privacy is essential for respecting people as individuals, and for giving them control over their own lives. With the development of the internet and of social media, and especially following the years after General Data Protection Regulation (GDPR)2 was established in Europe, privacy has become a hot topic of debate. Privacy is also a complex phenomenon, and often exist as a part of a social system. What people may choose to share will depend on their social groups and communities, and what the context is. With today’s intricate online services, privacy often exist as a part of a trade-off between the user 1. Universal Declaration of Human Rights (2020) https://www.un.org/en/ universal-declaration-human-rights/, see Article 12 (Visited 25/06/2020) 2 General Data Protection Regulation - GDPR (2020) https://gdpr-info.eu/ (Visited 25/06/2020). 17.

(35) and the company, where the user trades some of their private data against access to online networks and services. In good cases, this will benefit both the user and the company. In bad cases the company may deceive the user, and try to exploit their trust in order to gain access to an monetise their data. Privacy is not black and white, but has nuances of grey. Many major and well-known companies, such as Google, Amazon, Facebook, Twitter, Snapchat, Microsoft, Apple etc., have business models where the users trade data against access to the service for free. Many of companies have some of the world’s highest market values3 , and have many young users as well. Most of these companies are heavily reliant on advertisement revenue45 , where they sell access to their users data to advertisement companies. In 2018, Facebook’s advertisement represented 90% of their total income [Øverby and Audestad, 2018, p. 153]. While this is not necessarily an issue in itself, if the consumers are unaware of this business model, they become easy to exploit through methods such as Dark Patterns. The overarching problem this thesis is aiming to solve is that users could be tricked into sharing their data with and by companies. The users normally do not know about this happening. With this, they lose control of their data, by not knowing what is taken, when it is taken, what it is used for, or where it ends up. The users are essentially surveilled6 against their wills, they do not know the details of it, not how to change it. The problem focused on in this chapter is largely based on the report Surveillance Giants by Amnesty International [Amnesty International, 2019], as well as several reports made by the NCC, Out of Control [Forbrukerrådet, 2020], Every Step you Take [Forbrukerrådet, 2018b], Appfail [Forbrukerrådet, 2016] and most prominently Deceived by Design [Forbrukerrådet, 2018a]. 3. Statista, The 100 largest companies in the world by market value in 2019 (2019) https://www.statista.com/statistics/263264/ top-companies-in-the-world-by-market-value/ (Visited on 25/06/2020) 4 Wikipedia: Advertising revenue (2020) https://en.wikipedia.org/wiki/ Advertising_revenue (Visited on 25/06/2020) 5 How the Tech Giants Make Their Billions (2019) https://www.visualcapitalist. com/how-tech-giants-make-billions/ (Visited on 25/06/2020) 6 Surveillance Giants: How The Business Model Of Google And Facebook Threatens Human Rights (2020) https://www.amnesty.org/en/documents/pol30/1404/2019/en/ (Visited on 25/06/2020). 18.

(36) 3.2. Privacy violations. While privacy issues may seem like having little consequence to the user, privacy violations could have many consequences to the user and society as a whole. Knowledge is power. When a person, an organisation or a nation has information on people or societies, they have a power over them. With many technology companies, there is an extreme power imbalance between companies and users, where the companies know everything about their users, and the users know nothing about them [Amnesty International, 2019]. This disparity can easily lead to misuse of power and little accountability for the companies. Users’ data can usually be separated into the three categories of identifiable data, personal data and sensitive personal data7 . Identifiable data is data that collectively can be used to identify a person. An example of this could be the the collection of data such as age, gender, address and shoe size. None of these data points alone are enough to identify a person, but when collected, they can. Personal data is data that alone can be used to identify a person, such as full name, social security numbers or mobile number. Sensitive personal data is in simple terms the data that could be problematic for the owner if it got out. Examples of sensitive personal personal data are religion, political affiliations, biometric data, health data, trade-union membership, ethnicity and sexuality8 . The data gathered is normally used for advertisements, earning the company revenue. Any kind of data made available to the application and websites can be gathered, such as the user’s age, gender, nationality, location, online activity, etc. Facebook even has a function that records activities done while the user is using other apps9 . This sort of business approach was been coined ”adtech industry” by the NCC’s report Out of Control [Forbrukerrådet, 2020], and ”the surveillance-based business model” by the Amnesty 7. What is considered personal data under the EU GDPR? (2020) https://gdpr.eu/ eu-gdpr-personal-data/ (Visited on 25/06/2020) 8 What personal data is considered sensitive? (2020) https: //ec.europa.eu/info/law/law-topic/data-protection/reform/ rules-business-and-organisations/legal-grounds-processing-data/ sensitive-data/what-personal-data-considered-sensitive_en (Visited on 25/06/2020) 9 Off-Facebook Activity: The best person to be in control of data is you. (2020) https: //www.facebook.com/off-facebook-activity (Visited on 25/06/2020). 19.

(37) International report Surveillance Giants [Amnesty International, 2019]. According to Amnesty this business model, while very profitable, may not even be necessary [Amnesty International, 2019]. The reports suggests other business models that have yet to be tried, that are far less invasive. The gathered data of every user can easily be misused, either for simply earning money or sometimes for more sinister intentions. The next section discusses different consequences of privacy violations. Facebook is known to have misused their user’s data in the past for profit. Perhaps the most prominent example of this is the Cambridge Analytica scandal, which is said to have effected the US election in 201610 . In many cases, the only things holding companies back from exploiting the data is the risk of bad PR or fines. For many of the companies, even fines are ineffective and have little impact. In the wake of the Cambridge Analytica scandal, it was found that the fine that Facebook had received, had little effect on their company structure or financial incentives, which is lead to the privacy violations in the first place11 . It is important to mention, much of the data gathered could reveal more than what is immediately obvious. A prime example of this is location data. Mobile phone GPS technology is usually very accurate, and can even register what floor the owner is on. With enough data points, the mobile phone will be able to register what locations the owner frequents, which likely includes where they live, where they work or study, when they leave for work and what route they take, where they shop and friend’s and family’s houses. It may also contain locations such as the owner’s place of worship, which doctors, specialists or hospital wards they visit, immigration clinics, union halls and protests. The last few examples could give the companies information on the user’s religion, health, immigration status, union status, and political affiliation [Forbrukerrådet, 2018b]. All of this information is considered sensitive personal information. Needles to say, the user had likely not agreed to all of this data being gathered when they agreed to sharing their location in order to use a map application. Even while using the map application, gathering the user’s location is usually not needed. The user does not need to locate themselves to to know the location of point A, nor do they need it 10. ‘The Great Hack’: Cambridge Analytica is just the tip of the iceberg (2020) https://www.amnesty.org/en/latest/news/2019/07/ the-great-hack-facebook-cambridge-analytica/ (Visited on 25/06/2020) 11 Dissenting Statement of Commissioner Rohit Chopra: In re Facebook, Inc. (2019) https://www.ftc.gov/system/files/documents/public_statements/1536911/ chopra_dissenting_statement_on_facebook_7-24-19.pdf (Visited on 25/06/2020). 20.

(38) to know the route from A to B. Much if this data gathering is not for the sake of the user, but rather for the sake of the company. There has been an increase in use location data and the following privacy issues during the COVID-19 outbreak1213 . In many cases, the users are usually not aware of how much data on them that is being gathered. The users also usually do not want to be tracked [Forbrukerrådet, 2020, p. 44]. Additionally, as seen in the NCC’s Appfail [Forbrukerrådet, 2016] report, it is difficult to trace where exactly the data goes, even for professionals. For an average user, knowing exactly where their data ends up is next to impossible. As a result, there is a risk of the users becoming numb to the problem, as they often feel powerless facing it [Forbrukerrådet, 2020]. During the course of the experiment conducted during the Out of Control report, it was discovered that the ten apps they looked into sent user data to at least 135 different third parties, all of which were involved in behavioural profiling or advertising. ”Since the number and complexity of actors involved in digital marketing is staggering, consumers have no meaningful ways to resist or otherwise protect themselves from the effects of profiling. These effects include different forms of discrimination and exclusion, data being used for new and unknowable purposes, widespread fraud, and the chilling effects of massive commercial surveillance systems. In the long run, these issues are also contributing to the erosion of trust in the digital industry, which may have serious consequences for the digital economy.” - Out of Control [Forbrukerrådet, 2020] There major networks behind the surveillance-based business model. Companies described as third parties could be anything from publishers, marketers, third party vendors, and major platforms [Forbrukerrådet, 2020]. 12. Googles posisjonsdata fra mobiler viser hvordan Norge har stoppet opp (Eng: Google’s location data from mobiles show how Norway has stopped) (2020) https://www.insidetelecom.no/artikler/ googles-posisjonsdata-fra-mobiler-viser-hvordan-norge-har-stoppet-opp/ 489320 (Visited on 25/06/2020) 13 Hvorfor kan appen Smittestopp være problematisk for personvernet? (Eng: Why can the app Infectionstop be problematic to privacy?) (2020) https://www.datatilsynet.no/ regelverk-og-verktoy/sporsmal-svar/korona/smittestopp-og-personvern/ (Visited on 25/06/2020). 21.

(39) Most companies does not sell the users’ data itself, they wither sell access to the information, or meta-data generated from algorithms that analyse the collected data1415 . A user could have countless online identifiers, but no access to the information about them that is stored online by third-parties, and could even affect things like the user’s credit score.. 3.3. Consequences of privacy violations. While there are many possible consequences of privacy violations, this section will give a quick summary of different types of consequences and some examples. Violating people’s privacy could be done with the intention of subjecting people to human rights violations or discrimination. In countries where certain political opinions, religions or sexualities are illegal or unofficially prosecuted, having personal data either freely spread or accessed by the government could spell disaster for individuals or a group. Technology companies have already been asked in the US and the UK to share users’ data with the authorities, such as intelligence, law enforcement and immigration agencies16 . Privacy is often interchangeable with security, in which the companies that gather and transfer data are also responsible for its security17 . There have been several cases of smart watches for children with nonexistent or poor security, which enables strangers to track the children18 . Another example are that the victims of the Equifax incident in 2017, where the personal data 14 Alphabet, Annual Report on Form 10-K, part 1, item 1 (2018) https://www.sec. gov/Archives/edgar/data/1652044/000165204419000004/goog10-kq42018.htm (Visited on 25/06/2020) 15 Facebook, Annual Report on Form 10-K, part 1, item 1 (2018) https://www.sec.gov/ Archives/edgar/data/1326801/000132680119000009/fb-12312018x10k.htm (Visited on 25/06/2020) 16 US, UK sign first-ever deal to access data from tech companies like Facebook and Google (2019) https://www.cnbc.com/2019/10/04/ us-uk-sign-agreement-to-access-data-from-tech-companies-like-facebook. html (Visited on 25/06/2020) 17 Art. 32 of GDPR: Security of processing (2020) https://gdpr-info.eu/ art-32-gdpr/ (Visited on 25/06/2020) 18 Significant security flaws in smartwatches for children (2017) https://www. forbrukerradet.no/side/significant-security-flaws-in-smartwatches-for-children/ (Visited on 25/06/2020). 22.

(40) of 143 million Americans were breached, are targeted with phishing and fraud attempts in the wake of the incident [Forbrukerrådet, 2020, p. 51]. Privacy breaches could also have serious personal consequences. In 2018 it was discovered that the dating app Grindr sold information about their users’ HIV status to third-parties19 . Since the data is difficult to track and remove, it could potentially end up anywhere. Needless to say, having this kind of sensitive information spread poses as a major strain the the users. As shown by the aforementioned Cambridge Analytica scandal20 , privacy violations could affect society as a whole, both on a national and international level. Amnesty’s report, Surveillance Giants [Amnesty International, 2019] has also shown how collected data can be used for profiling the users with the goal of giving them advertisement. This again can be used for discrimination, manipulation and exploitation of the users. An example of this could be a Facebook user getting marked with the characteristic of ”lower 50% income bracket”, and therefore getting different advertisements that their peers. That user is then treated differently by the advertisement algorithm, solely based on their economic situation [Amnesty International, 2019, p. 37]. ”Amnesty showed how these data-driven business models are a serious threat to human rights such as freedom of opinion and expression, freedom of thought, and the right to equality and non-discrimination.” - Amnesty, Surveillance Giants [Amnesty International, 2019]. 3.4. App permissions and Dark Patterns. App permissions are permissions the user can give the app in terms of what data the app is allowed to access. An example of this could be allowing a 19. The Guardian: Grindr shared information about users’ HIV status with third parties (2018) https://www.theguardian.com/technology/2018/apr/03/ grindr-shared-information-about-users-hiv-status-with-third-parties (Visited on 25/06/2020) 20 Amnesty: ‘The Great Hack’: Cambridge Analytica is just the tip of the iceberg (2018) https://www.amnesty.org/en/latest/news/2019/07/ the-great-hack-facebook-cambridge-analytica/ (Visited on 25/06/2020). 23.

(41) specific app to use the camera functionality, or allowing the same app to use photos for facial recognition. App permissions are sometimes clear and sometimes composite. With the business model described above, many companies would like access to as much data as possible. [Gates and Matthews, 2014] describes personal data as the new currency. With this, the companies may utilise DPs to either nudge or deceive their users into sharing their data. DPs are an umbrella term for different tricks that can be used on websites or in apps that tricks the user into doing what the company wants. There is not necessarily an official list of DPs, but rather a collection of different means to nudge the user, which may or may not overlap. DPs are not always an issue of privacy. An example of a non-privacy related DP is when ticket companies write ”only X tickets left!” on their website, when this number is false and only placed there to stress the users into buying their ticket quickly. This thesis will only focus on privacy-related DPs. Below are some examples that will be used later in the thesis: • Ease: This DP is about making the privacy friendly option far more cumbersome than the one that is bad for privacy. The prime example of this could be when a user enters a web page, and a banner asking for permission to store and use the user’s cookies. Many of these banners have a button that says ”yes” in prominent colours, and one that says ”more options”. Clicking the second button usually forces the user to look through many complex settings before being able to visit the page. In this way, the DP encourages the user to choose the option that is bad for their privacy by making the privacy friendly option difficult to reach. • Framing: This DP involves the company using overly positive wording when describing the privacy unfriendly option, and negative wording when describing the privacy friendly one. An example would if a user is intending to use a map, and the app asks for permission to collect the user’s location data, stating that this will help them find their way. If the user attempts to decline this, the application might follow up with asking them if they are certain, and informing that they might get lost if they do not allow collection of location data. • Rewards and punishments: With this DP, the companies rewards the behaviour they approve of, while they may punish the behaviour they 24.

(42) do not approve of. For example, a user may get extra functionality or an extra good service when agreeing the the privacy unfriendly option, or they might, in extreme cases, be asked to delete their user if they do not agree to the minimum of data collection. • Forced timing: This DP utilises that users often are under time pressure while using certain services. As an example, a user attempting to buy a bus ticket as the bus is nearing the bus station, is far more likely to accept most conditions set by the app just to be able to buy the ticket in time. These DPs are from the Deceived by Design report made by NCC [Forbrukerrådet, 2018a], which lays the groundwork for much of the information on DPs used in this thesis. Needless to say, DPs are there to mislead, manipulate and deceive users. They are unethical, some can even be considered GDPR violations and consumer rights violations. The reason for this is the GDPR defines consent as freely given and specific, informed, unambigouos and explicit21 . By using DPs, data is sometimes shared without the users’ clear consent. As a result of this, companies like Google and Facebook have received numerous complaints and investigations based on GDPR violations2223 .. 3.5. The Privacy Paradox. An issue that will arise when trying to educate people on privacy, is the privacy paradox. Essentially, it is when a person’s behaviour and privacy concern does not match up [Norberg et al., 2007]. A person may be very concerned about their location data being stolen, but may still choose to have their location sharing enabled due to ease. The privacy paradox became apparent during the workshop as described in chapter 2 as well, with the 21. What are the GDPR consent requirements? (2020) https://gdpr.eu/ gdpr-consent-requirements/ (Visited on 25/06/2020) 22 Data Protection Commission opens statutory inquiry into Google Ireland Limited (2019) https://www.dataprotection.ie/en/news-media/press-releases/ data-protection-commission-opens-statutory-inquiry-google-ireland-limited (Visited on 25/06/2020) 23 Facebook, Google and Twitter in data regulators’ sights (2019) https://www.bbc.com/ news/business-48357772 (Visited on 25/06/2020). 25.

(43) participants insisting that they were concerned about privacy, and still having habits that did not correlate.. 3.6. Role and context of the game. A challenge in terms of raising awareness of DPs, is that at its core, it is a institutional problem. While people can learn to recognise and to some degree avoid falling for DPs, they will continue to exist as long as companies get away with using them. The problem cannot be be solved by only adjusting the users’ behaviour. To solve this problem once and for all, there will need to be clear and concise legislation that governments enforce upon companies24 [Amnesty International, 2019]. For this to happen, participants will need to get politically active, speak out among friends and officials when there is a chance to inform them and improve the situation, and demand better from their service providers. For the game to have an impact, its learning goal should educate the players on three different levels. On the first level, players will need to be able to recognise DPs and know how to avoid falling for them whenever possible. This way, the players will immediately improve their privacy in the short term. On the second level, the players should become more actively conscious of their own privacy choices and settings, to improve their general privacy and right any previous mistakes that happened as a result of DPs. For example, being actively conscious of their privacy settings on their mobile phones and apps could help the players improve their privacy in the long term. For this to work, the privacy paradox will need to be addressed. Mos likely, players will be able to overcome it if they either become angry scared with the unfairness of the current situation. On the third level, the players should demand better from their service providers, to improve everyone’s privacy in the long run on a societal level. This could include educating themselves further on the subject, talking with others and raising other people’s privacy awareness, contacting and complaining to companies when they violate their users privacy, and aim to vote for 24. NOYB: Our Detailed Concept (2020) https://noyb.eu/en/our-detailed-concept (Visited on 25/06/2020). 26.

(44) government officials who take privacy seriously when they have the chance for that. While looking into player’s changed behaviour would be interesting, this thesis only spans one semester, which is too short for accurately measuring behaviour change. For this reason, the thesis will have a larger focus on raising awareness and educating. While there is no definitive way of becoming politically active and making demands to service providers, there are many examples of consumers and organisations complaining having an effect. In 2007, Facebook attempted to start an invasive form of advertising called Beacon, which had to be cancelled due to user’s complaints25 . Similarly, Google had to stop targeted advertisement based on their users’ gmail content26 . The same thing happened for the dating app Tinder, that had to change their terms of service after complaints from their users27 . The target group of the game are, as previously mentioned, teenagers, though the intention is that anyone should be able to play the game. Currently, the game has no planned arena for where it should be played, so that option is kept open for now. Some options would be playing the game at home, playing it at school, and at different institutes such as museums or libraries. To get the most of the learning present in the game, it should be engaging enough for the players to want to play it multiple times.. 25. Facebook turns out light on Beacon (2009) https://www.theregister.com/2009/09/ 23/facebook_beacon_dies/ (Visited on 25/06/2020) 26 As G Suite gains traction in the enterprise, G Suite’s Gmail and consumer Gmail to more closely align (2017) https://www.blog.google/products/gmail/ g-suite-gains-traction-in-the-enterprise-g-suites-gmail-and-consumer-gmail-to-more-closely-alig (Visited on 25/06/2020) 27 Tinder bends for consumer pressure (2017) https://www.forbrukerradet.no/ siste-nytt/tinder-bends-for-consumer-pressure/ (Visited on 25/06/2020). 27.

(45) CHAPTER. 4 GAME CONCEPT. This chapter presents the first iteration of the game designed as a part of this thesis. It is a game concept, and a refined version of the game concept designed during the specialisation project described in chapter 2, which again is based on the co-design workshop and literature review performed during that semester. This iteration of the game design represents the first step of the Design Cycle of DSR, and helps answer RQ1.3 and in turn helps answer RQ1.. 4.1. Overarching description. As mentioned, the new game concept is heavily based on the game concept described in chapter 2. It keeps the main concept of being a fictional social media, with the user team battling the CEO team through a social deduction game. A social media based game is likely to be attractive to teenagers, as they are frequent users of social media [Xie, 2014]. The concept also keeps utilising mobile phones for private and public spaces, situated learning and for secret communication. By using social deduction games, the players will be able to see the situation on DPs from both sides. This new game concept is based on a particular social deduction game known as One Night Ultimate Werewolf (ONUW), with rules and dynamics that follow. Consequently, for the users, the goal of the game becomes to unveil the CEO, while the CEO player aims to stay hidden. The game concept also includes a night and a day phase. In the night phase each players utilise their mobile phones to privately access the social media and do specific tasks. During the day phase, they discuss the events of the night, 28.

(46) trying to track down the CEO. To win, each player has to carefully consider what information to share, when and with whom, and they need to consider when to bluff their friends. The game concept has the temporal title of ”One Night: Ultimate Privacy”.. 4.2. Learning objectives and accomplishing them. The overarching goal of the game is to increase awareness of dark patterns in the players. As described in chapter 3, this should consequently lead to the players becoming more conscious of their own privacy choices and settings, as well as encourage them to demand better from their service providers. This should lead to the players falling for DPs less often, as well as the players being exposed to them less often in the future. The learning objectives of the game concept can be seen in Table 4.1. To do this, the game needs to simulate a realistic setting, and then make room for the players to reflect on their actions and their consequences. It also needs to provide information on DPs, how they work, and their consequences. It would make sense for the players to get angry or frustrated about the current situation, by representing the power disparity between companies and users. The players should also be nudged into tying the events within the game to the real world by being provided information about previous privacy breaches and trigger them to reconsider their current behaviour patterns. ID LO1 LO2 LO3. Learning objective Increase awareness of Dark Patterns Have the players become more conscious of their privacy choices and settings Encourage users to demand better from their service providers Table 4.1: Learning objectives of the game concept. 29.

(47) 4.3. One Night Ultimate Werewolf. The concept of this game is based on the tabletop game ONUW1 . It is a social deduction game, suitable for three to ten players, and it is rather fast-paced. In it, a group of different villagers are trying to figure out who among them are werewolves and who are not. Before the game, the players are randomly assigned roles from a set of pre-decided roles, where a small number among those are werewolf roles. The roles are depicted on cards, and the players leave their role card face down in front of them, as well as three extra role cards in the middle of the table, as seen in Figure 4.1. The game is then separated into two phases, the night phase and the day phase, both of which have timers decided by the players. During the night phase, all players close their eyes. An announcer, which could be a recording on the Ultimate Werewolf app2 or a dedicated player, calls out the different roles in a specific order. When a player get their role called, they open their eyes and act out their role. This could consist of looking for others with the same role, switching role cards on different players, looking at role cards, or simply doing nothing. This simulates a chaotic night in which both the werewolves and the villagers will be unsure who is who, and every player is left with only a small piece of the truth of what happened that night. When the timer is finished the night phase ends and all players open their eyes. During the day phase, the players try to piece together what happened during the night, while they try not to reveal information that could be harmful to themselves. None or few of the players know their current role after the night ended, or who their allies are. Players that are on the werewolf team will lie to protect their identity and throw others’ off their scent, while players on the villager team will lie to trick werewolves into outing themselves. The discussions are filled with lies and often get heated. When the timer ends, every player points towards the player they think should be executed. If someone from the werewolf team is executed, the villagers win, while the opposite is true for the werewolves. The engagement elements of the game consists of uncovering the truth together and tricking the other players. The reason behind choosing ONUW is that it is a well-known and popular 1. Bezier games: One Night Ultimate Werewolf (2020) https://beziergames.com/ products/one-night-ultimate-werewolf (Visited on 19/03/2020) 2 Bezier games: One Night Ultimate Werewolf App (2020) https://beziergames.com/ products/one-night-ultimate-werewolf-app (Visited on 19/03/2020). 30.

(48) Figure 4.1: Cards setup in ONUW, for six players social deduction game3 . Due to the game’s popularity, players are more likely to be interested early and understand the game mechanics. The popularity could also be considered a sign of quality and high entertainment value, which is desirable in this game concept as well. In general, social deduction games are well suited for the learning objectives of this game concept, as all of the players get to see their situation as users from both angles. The roles in the game interact, cooperate and have secret conversations, which can be used to reflect reality, as well as bring tension to the gameplay. The dynamic from social deduction games includes an informed minority and an uninformed majority. In the game concept, the minority is represented by the people and systems responsible for the DPs and privacy violations, and the majority is represented by the users. This reflects the real situation quite well. The participants of the workshop from the specialisation project knew very little of the company aspect of privacy issues they face everyday, and similarly, the people responsible for deploying DPs in social media would like 3. Board game geek: One Night Ultimate Werewolf (2014) https://boardgamegeek. com/boardgame/147949/one-night-ultimate-werewolf (Visited on 22/05/2020). 31.

No results found