9.5. Design Analysis: GDPR#
We want to provide you, the reader, a chance to explore online privacy more.
In this activity, you will be looking at an official brochure on the EU’s GDPR privacy law [i29][1].
We will again follow the five-step CIDER method [i30] (Critique, Imagine, Design, Expand, Repeat).
So read through the official brochure on the EU’s GDPR privacy law [i29] (for this activity ignore any additional details or clarifications made elsewhere in the GDPR, since those weren’t deemed important enough to put on this brochure). Then do the following (preferably on paper or in a blank computer document):
9.5.1. Critique (3-5 minutes, by yourself):#
What assumptions does GDPR make about individuals or groups using social media, which might not be true or might cause problems? List as many as you can think of (bullet points encouraged).
9.5.2. Imagine (2-3 minutes, by yourself):#
Select one of the above assumptions that you think is important to address. Then write a 1-2 sentence scenario where a user face difficulties because of the assumption you selected. This represents one way the design could exclude certain users.
9.5.3. Design (3-5 minutes, by yourself):#
Brainstorm ways to change the GDPR policy to avoid the scenario you wrote above. List as many different kinds of potential solutions you can think of – aim for ten or more (bullet points encouraged).
9.5.4. Expand (5-10 minutes, with others):#
Combine your list of critiques with someone else’s (or if possible, have a whole class combine theirs).
You can also consider reading criticism of the GDPR:
9.5.5. Repeat the Imagine and Design Tasks:#
Select another assumption from the list above that you think is important to address. Make sure to choose a different assumption than you used before. Choose one that you didn’t come up with yourself, if possible. Repeat the Imagine and Design steps.