Visualisation and Other Methods of Expression (VOME)

Lead Research Organisation: Cranfield University
Department Name: Cranfield Defence and Security

Abstract

This research represents a multi-disciplinary and innovative approach to achieving assured privacy and informed consent. The proposal offers a new and highly original approach to addressing the requirement to engaging stakeholders in the debate about privacy and consent in identity management. The core of the research is multi-disciplinary and offers an integrated output from a range of disciplines (including social sciences, psychology, information security, information systems and management science) bringing together both qualitative and quantitative data to inform our understanding of privacy and consent requirements in an innovative way. One of the outputs of the research will be the development of a new methodological framework for undertaking cross disciplinary research. There are many instances now where the benefits of this type of approach are recognized but there are few methodological examples of how this can be achieved in practice. In summary, the programme of work involves identifying and enrolling large groups of research subjects onto the research project. The number of potential research subject is in excess of some 30,000 on-line service users. Some subjects will take part for the full duration of the three year project. This enables the research to achieve a longitudinal element by examining existing ways of expressing engagement with on-line privacy and consent issues and conducting action research to identify the best ways of extending that engagement through experimentation with a range of means of expression. The purpose of extending the user engagement is to make the privacy and consent decision making process more informative so that users are able to take more control over their choice of on-line services and how they use them. The result of the research will be conceptual models for expressing privacy and consent decision making that will be embedded within proto-type software which reflects the means of expression appropriate for a range of on-line communities. The proto products will be based on some of the methods of expression that are deployed in the earlier part of the work programme. At the end of the qualitative research phase a range of potential software products are selected on the basis of the qualitative research findings. A series of focus groups and other forms of user group engagement will be undertaken to ascertain which methods of expression would be the most appropriate basis for privacy and consent decision making software products and the form that software should take. The output will be small pieces of proto type software code which could be used to enhance existing on-line service software.

Publications


10 25 50
publication icon
Barnard-Wills D (2010) Public sector engagement with online identity management in Identity in the Information Society


publication icon
Barnard-Wills D (2012) E-safety education: Young people, surveillance and responsibility in Criminology and Criminal Justice

publication icon
Coles-Kemp, L (2012) Community-centric engagement: lessons learned from privacy awareness intervention design in Proc of HCI 2012: The 26th BCS Conference on Human Computer Interaction



 
Title Internet Saint or Online Demon 
Description Participatory music video made by young people from Hudson's Youth Group - http://www.vome.org.uk/toolkit/music-video-2/ 
Type Of Art Film/Video/Animation 
Year Produced 2011 
Impact Used for training purposes in private sector organisations and used in workshop settings with participants to stimulate thinking. 
URL http://www.youtube.com/watch?v=CBIN9pFp7ss
 
Description Researchers from the Information Security Group (ISG) at Royal Holloway, University of London, Salford and Cranfield University participated in a three year collaborative research project with consent and privacy specialists at Consult Hyperion and Sunderland City Council, to explore how people engage with concepts of information privacy and consent in on-line interactions.

The purpose of VOME (Visualisation and Other Methods of Expression) was to explore how user communities engage with concepts of information privacy and consent in on-line interactions. The aim is to develop alternative conceptual models of on-line privacy which enable users to make clearer on-line disclosure choices. These decision-making models will facilitate a better dialogue between the designers of privacy and consent functionality and their customers.

Researchers at Cranfield University were responsible for investigating how people currently think about privacy and consent in online interactions and, by focusing on a particular target audience, to develop interventions that would engage that target audience and help them understand the risks to their personal information when online. The research carried out by Salford University as part of the project led us to select young people as the target audience for the interventions. The interventions that were developed included a card trading game called 'Privacy' and a participatory music video called 'Internet Saint and Online Demon'.

The team at Cranfield University used a range of qualitative research methods from analysing online discussions, to using discourse analysis coupled with political science theories to investigate current e-safety training for young people as well as the responses to that training. We also used participatory approaches with a youth group to develop the music video.

Our interventions fed into the research carried out by Royal Holloway in their design of technology interventions and, together with Royal Holloway, we established some useful lessons learned for system designers. These include the importance of balancing the control of the researcher against the control of the participants. This means that researchers need to let go of control in some instances particularly when they have participants who do not have strong attitudes around a subject (such as online identity). This was the case during the making of the participatory video with the youth group. The young people involved determined what was filmed, how it was produced and the message that was conveyed. Researchers also need to understand the end user from his or her perspective and not rely on what they imagine that to be. Furthermore it is necessary to understand the involvement and influence of key stakeholders (such as youth workers). There are also limits to the approaches often used to segment target audiences. We discovered that the game and the video work with different segements of young people and that we needed to move beyond demographic or behavioural segmenting towards a more community-based approach.

The PhD student working on the VOME project at Cranfield University is looking at ways of using persuasive technology to guide end users towards more privacy aware options and behaviours. The thesis (due to be submitted in January 2013) demonstrates the complexity and challenge of designing usable privacy and explores the way that persuasive technology can overcome this.
Exploitation Route The research demonstrated that there was a strong demand from young people for practical detailed advice on how to manage technology and personal information when online. Attitudes to 'sexting' demonstrate that the way young people negotiate risk online is more complex than is currently presented and that while young people are being protected as children online (the training they receive focuses on cyber bulling and 'stranger danger') they are not being prepared for adult life online.

Our interventions fed into the research carried out by Royal Holloway in their design of technology interventions and, together with Royal Holloway, we established some useful lessons learned for system designers. These include the importance of balancing the control of the researcher against the control of the participants. This means that researchers need to let go of control in some instances particularly when they have participants who do not have strong attitudes around a subject (such as online identity).
Sectors Communities and Social Services/Policy,Creative Economy,Digital/Communication/Information Technologies (including Software),Education,Security and Diplomacy
URL http://vome.org.uk
 
Description The findings were used to inform the content of an ESRC project - CREST (Centre for Research & Evidence on Security Threats).
First Year Of Impact 2015
Sector Financial Services, and Management Consultancy,Government, Democracy and Justice
Impact Types Societal,Policy & public services
 
Description Impact Funding
Amount £4,485 (GBP)
Organisation Engineering and Physical Sciences Research Council (EPSRC) 
Sector Academic/University
Country United Kingdom of Great Britain & Northern Ireland (UK)
Start 03/2013 
End 08/2013
 
Description Critical Design 
Organisation Royal College of Art
Country United Kingdom of Great Britain & Northern Ireland (UK) 
Sector Academic/University 
PI Contribution The VOME team at Cranfield University collaborated with two critical design artists from RCA to use critical design to envision privacy, identity and security futures.
Collaborator Contribution Two pieces were produced. The first comprised three artefacts entitled 'Specimens of IT Fauna' (http://www.davidbenque.com/projects/specimens-of-it-fauna) and the second was a video entitled crime pays (http://www.austinhouldsworth.co.uk/project/crime-pays/). These were used in follow-on workshop (two held at the British Computer Society) and were the subject of a paper presented at the Praxis and Poetics Conference in Newcastle (http://www.praxisandpoetics.org/). Both pieces were exhibited at the Baltic Centre in Newcastle and 'Crime Pays' was exhibited at the RCA.
Impact Two pieces were produced. The first comprised three artefacts entitled 'Specimens of IT Fauna' (http://www.davidbenque.com/projects/specimens-of-it-fauna) and the second was a video entitled crime pays (http://www.austinhouldsworth.co.uk/project/crime-pays/). These were used in follow-on workshop (two held at the British Computer Society) and were the subject of a paper presented at the Praxis and Poetics Conference in Newcastle (http://www.praxisandpoetics.org/). Both pieces were exhibited at the Baltic Centre in Newcastle and 'Crime Pays' was exhibited at the RCA. Disciplines involved were critical design (art) and social science
Start Year 2012
 
Description Exploring Emotional Requirements for Online Identity Management 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact We ran three events - two workshops at the British Computer Society (BCS) and one workshop at the Defence Academy. At the two events at the BCS we had a total of 37 registered attendees but unfortunately there were many last minute cancellations and we had 21 attendees in total. One of the events was held in the early evening to catch people after work and the other was held as a breakfast event to catch people on their way into work. At the Defence Academy workshop we have over 30 attendees - it was relatively easy for participants to attend if they are working on site. We were, however, pleased with the cross-section of attendees at all three workshops - amongst others there were representatives from Prudential plc., GCHQ, BIS, ISC2, GetSafeOnline, Dstl, DCDC and Old Mutual Investment Group.

We succeeded in generating debate in the workshops about the social and emotional aspects of online identity management and cyber security. Over the course of the workshops we also refined the way we engaged with participants and the techniques we used to facilitate creative thinking (such as white boarding and rich pictures).
Year(s) Of Engagement Activity 2013