Horizon Services Campaign Final blog

The overarching aim of our ‘Services Campaign’ was to gain a better understanding about the challenges faced by sharing our personal data with digital service providers. Working with our industry partners, we created different proof of concept digital services which acted as probes for us to study and investigate their impact on consumers, and the implications for privacy and trust.

We used a range of methodologies within these projects which included stakeholder workshops to enable co-creation of the digital services. We introduced our Moral-IT and Legal-IT ideation cards – tools developed by Horizon in earlier research – to facilitate reflection and discussion on ethical and legal issues within each of the projects – which helped us identify and embed safeguards into the new technologies. In addition, we also worked with internet users to gather and examine citizens’ thoughts and understanding about how their personal data is used.

The domains of application of digital services differed significantly, however the underpinning technical approach to delivering them had a number of similarities and consistent requirements. To support this we developed a software platform – Chronicle – which underpinned and supported each of the projects. Chronicle stored the digital representation of a timeline of a ‘thing’, the thing and the events on the timeline being defined by each project – for example memories in the Memory Machine project. In addition to the platform being customised and tailored to meet the requirements of each project, we also wanted answers to important questions such as: What did it mean to delete something from an historical record? Should deletion be possible, or should a record remain indelible? If so, what would be the implications for privacy and ownership rights?

The Services Campaign explored a range of services, each chosen to reflect the sharing of different types of personal data with diverse stakeholder groups:

Memory Machine (MeMafocused on our sense of identity, and aimed to capture people’s identities through memories. The blending of personal and factual data provides an opportunity to shape how people wish to be remembered, while creating an afterlife legacy.  Within the health and wellbeing domain we collaborated with the Institute of Mental Health and the Centre for Dementia.  We worked with older adults, people with early symptoms of dementia, care home managers, historians and media experts, to seek to elicit personal stories and explored topics including privacy, consent, data security and ethics. We also addressed challenging issues such as painful memories, and events that may prefer to be forgotten.

In My Seat engaged with the public around use of their personal data with a view to improving their journey experience on public transport. We worked with bus users and stakeholders and explored the exchange of data between bus operators and travellers through the development of an app which provided dynamic, location-based, real time information. As well as practical information for bus users such as end-to-end route planning and live updates on the service, the app also provided location and profile-based notifications tailored to the current journey, which offered passengers the opportunity to learn about their local surroundings as well as their destination. The app chose content shared with the bus user – without it being necessary to include the operator as part of this information exchange. The intention was to include user-generated content from other travellers, but understandably the operators didn’t want information they had no control over associated with their service. This highlighted some of the challenges encountered when developing digital services and managing data use and distribution.

Panopticon produced a framework for tracking the interactions of people with products in public indoor environments, to create personalised ‘visitor experiences’ – meaningful to audiences, whilst at the same time providing venues with valuable information, to continually improve the experience and drive repeat visiting. We worked with the National Videogame Arcade (NVA) to capture video footage of visitors engaging with interactive exhibits and analysed the data with computer vision techniques to build measures of their emotional responses. This tracking of visitors’ movements and behaviours proved valuable to the curators of public spaces, however it yielded large amounts of unnecessary data which was very invasive. In order to address this, we combined the data with a physical token which was offered to visitors to use when engaging with interactive exhibits at the now rebranded National Videogame Museum (NVM). The tokens captured their movement and emotional responses and had the potential to be developed into digital souvenirs –  however the important aspect being that visitors could voluntarily gift these back to the venue, thus allowing them to provide their consent to the venue to use their data. This enabled the NVM to analyse each individual’s experience, which provided them with a  better understanding of the performance and appeal of their interactive exhibits.

Hybrid Gifting explored how physical products could be combined with digital media to produce novel hybrid gifts. The project aimed to enhance the experience of ‘giving’ and ‘receiving’ gifts and to support emerging gifting practices.  As a result of working with Debbie Bryan, an independent creative retailer in Nottingham, we created a gifting app that enabled ‘givers’ to curate and share media as part of a physical gift. ‘Receivers’ of gifts open the digital content embedded within their gift via the app and are able to further personalise it by adding additional media – with access to the digital content being managed through the Horizon Chronicle platform. Work continues to examine what it means for people to associate personal content with a physical artefact as part of a sharing experience – in the manner of a closed privacy-preserving online interaction – and the value of hybrid gifts and their impact on the giver/receiver relationship.

The activities we introduced to better understand the use of personal data in each of the projects demonstrated the importance of privacy –  particularly with regard to the context in which the data is shared. Whilst in one context sharing a particular type of data seemed reasonable, in another it was seen as invasive and alarming. The studies showed that users have complex ways of understanding their personal data. Our users came up with more than 20 distinct ways to describe their data, and there was a complex relationship between these descriptions – some was seen as personal but not necessarily sensitive or private, and when it had implications for other people (family members, friends), this affected how willing people were to share it. Operators and providers of services expressed concerns relating to the responsibilities involved in collecting and retaining users’ personal data, and ensuring compliance with the General Data Protection Regulation (GDPR).  Our activities highlighted the complexity of systems using personal data, such as the developer’s responsibility for system (mis)use and how a correct understanding of a system’s operation can be ensured.  The need for human oversight, clear and transparent communication relating to privacy agreements, and how captured personal data would be stored, processed and used was highlighted as particularly important. 

Our Services Campaign is now complete and we have introduced our Products Campaign – the third in the series,  and developed in collaboration with the University of Nottingham’s Smart Products Beacon – nicely fusing our personal data agenda with the design manufacture and use of products.  Please follow our Products Campaign Blog and the Smart Products Beacon website for further information.

Privacy, Law & Ethical Cross Cutting Theme update

In order to reflect on impacts for wider human values and embed safeguards into technologies being introduced by Services Campaign projects, Peter and Lachlan have been holding workshops with members of Memory Machine, In My Seat and Panopticon. These workshops used the Moral-IT and Legal –IT cards developed as part of the Towards Moral-IT and Legal-IT research ongoing at Horizon Digital Economy Research.

 

As mentioned in the previous blog, the Legal-IT cards translate a range of data related legal frameworks into card form, from the new EU General Data Protection Regulation 2016 and Network and Information Security Regulation 2016, to the earlier Cybercrime Convention 2001. The Moral-IT cards pose difficult ethical questions clustered under the themes of privacy, security, law and ethics, such as “IDENTITIES MANAGEMENT: does your technology enable users to hold and manage multiple identities?” or “SUSTAINABILITY AND eWASTE – What effects does your technology have on the environment from creation to destruction?”. These thought provoking questions help participants to think of unexpected implications of their technology.

During a workshop, participants were asked to reflect on the technology they were building and identify an overall ‘ethical risk’ that may impact the social desirability of the technology and for its users, particularly in relation to its use of personal data. This could include the identity risks from sensitive data being compromised by poor data security practices, or personal privacy harms for individuals’ private details being made visible to unexpected parties.   The groups used the Moral – IT and Legal-IT cards in a streamlined ethical impact assessment process to reflect on the overall risk, discuss and identify potential safeguards against these risks and also identify challenges of implementation of these safeguards. This activity resulted in a wide range of critical ethical questions being explored in relation to the technology with the cards and structure of the task enabling the participants to navigate the difficult ethical questions and link their technology to ethical and legal concerns more widely.

The cards were also used as part of workshop run by Lachlan and Martin Flintham, as part of their Digital Research funded project, to generate thought and encourage discussion about ethical implications of using the ‘Internet of Things’ in both the university and research environment.

We were pleased with how the participants took to the cards. They enjoyed using them and found them helpful in exploring and engaging with the ethical and legal issues in relation to their technology. They were received well, with their utility in structuring debate around complex topics. However, they also brought the wide range of issues to the fore. We are therefore encouraged that the cards have the potential to be a particularly useful tool in enabling technology developers and users to reflect on and navigate the complex ethics of their technology and produce more socially desirable technology as a result.

If you would like to know more, the Moral-IT and Legal-IT cards, and an outline of a way to use them, are now available to download online from ‘Experience Horizon’– a website which provides opportunities to try out some of the outputs from projects conducted at Horizon Digital Economy Research. If you do choose to investigate them further, we would really like to build up dialogue on who you are, how you are using the cards, why and any feedback you have on the tool/process. Please send these on to lachlan.urquhart@gmail.com.

Members of the Privacy, Law and Ethics Cross Cutting Theme are planning analysis and preparing a paper to submit to the Journal of Responsible Innovation, towards the end of the year.

Finally, following a presentation of the project, the Privacy, Law and Ethics Cross Cutting Theme project has been neatly summed up in a visual form as can be seen below – our thanks and acknowledgment to Rikki Marr of HAWK&MOUSE.

Written by: Lachlan Urquhart and Peter Craigon

Towards Moral-IT and Legal-IT by Design

We are pleased to begin the ‘Privacy, Law and Ethics’ cross-cutting project as part of the Horizon services campaign. We will be adopting a ‘responsible research & innovation’ led approach to surfacing ethical and legal issues within each of the respective service campaign projects. The goal is to reflect on impacts for wider human values and embed safeguards into the technologies from the beginning, for both research and deployment.

We will be doing this by running a series of workshops with the research teams and partners using our newly developed Moral-IT and Legal-IT cards.

The Moral-IT cards have a broad scope, drawing on a principles and concepts from ethics, privacy, security and law more widely. Their process for use is a more user-friendly impact assessment to foreground risks, likelihood of occurrence, safeguards, and strategies for implementation. We observed a wide range of frameworks from STS, HCI, computer ethics and law to distil our process. These include:

Value sensitive design (Friedman et al 2008),

Reflective design (Sengers et al 2005), a variety of impact assessments including Ethical (SATORI, 2016)/social (Edwards, Diver and McAuley 2016)/surveillance) /privacy (Wright and De Hert, 2012)/ RFID (Spiekermann, 2011) / data protection (ICO, 2014),

Responsible research and innovation (Stahl, Eden and Jirotka, 2013),

Human data interaction (Mortier and Crabtree, 2015),

Real time technology assessment (Guston and Sarewitz, 2002);

Anticipatory governance (Barben et al, 2008)

These new cards and process been developed as part of the project ‘About Algorithms and Beyond’ between project lead Lachlan Urquhart and Peter Craigon.  Peter will continue to work with Lachlan in this new project.

The Legal-IT cards focus on five regulatory frameworks relevant to IT, namely the General Data Protection Regulation 2016; Network and Information Security Directive 2016; Cybercrime Convention 2001; Attacks Against Information Systems Directive 2013, and proposed e-Privacy Regulation 2017.

This approach builds on Lachlan’s previous experience using ‘privacy by design’ cards as a tool to supporting reflection and action by IT designers on data protection compliance issues. Through the combination of both decks in exercises and games within the workshops, we will develop understanding of how a variety of issues are being negotiated within different sectors. Given the breadth of the Services campaign, this will include health & wellbeing (ALFE, Memory Machine); transportation (In My Seat); fast moving consumer goods (Hybrid Gifting) & cultural heritage (Panopticon).

For more information please contact: Dr Lachlan Urquhart, Research Fellow, Horizon Digital Economy Research