Digital Benefits and Disbenefits (DBD) logo Digital Benefits and Disbenefits

Porosity 10 (PO-10) Card

DBD Cornucopia > Deck > Porosity > 10

Card Details - Ten of Porosity

Abbreviation

PO-10

Card's focus

The focus of this card is third party access

Threat to claimants

Samuel puts into practice a system without supporting, or making it very difficult, for third parties to access the service together with claimants and/or on their behalf (e.g. shared-use, assisted use, indirect intermediated use, proxy use), and to do so regularly, periodically, occasionally or as a one-off

Image of Porosity 10 card

Threat to claimants

Samuel puts into practice a system without supporting, or making it very difficult, for third parties to access the service together with claimants and/or on their behalf (e.g. shared-use, assisted use, indirect intermediated use, proxy use), and to do so regularly, periodically, occasionally or as a one-off.

Some examples of how this threat could lead to harms (negative effects on claimants)

The design recommendations and implications relevant to the card are listed below in the next section, but even those can be somewhat abstract and difficult to think about during practical day-to-day implementation. Therefore, some example harms are provided to complement the more formal research outputs. These examples are unique per card, and are only published on these web pages (i.e. in no other project outputs).

  • Claimants end up giving friends and relatives their service login credentials, to be able to get help to enter information and make claims
  • Third parties are prevented from building systems which integrate with the service to aggregate their own clients, to offer services to multiple claimants, such as to monitor and manage claims (like accountants do for tax affairs) and this limits how many claimants the third parties can help
  • Claimants cannot delegate online access to selected, and changing, trusted advisors, and so have to either give away their login credentials, or only get help in face-to-face situations, or create an appointee
  • Claimants have reduced or complete loss of influence on claiming, despite still having accountability, as there is insufficient granularity of control of delegated access
  • Authentication of people with explicit consent to help a claimant is inconsistent and unreliable via the helpline, leading to many aborted attempts, frustration, delays and incorrect data

The examples are to help understand the threat on the card, not to suppress thinking and innovation. Incorporating these examples exactly, or closely matching ones, should be scored down when playing DBD Cornucopia as a game.

Applicable design recommendations and implications

These are reproduced here from Research Briefing NO2. Multiple cards reference each design implication.

Support claimants’ own ecosystems

  1. Recognise how wider ecosystems contribute to social protection service delivery
    For these systems, the 'service user' is rarely just one person and there should be provision for other actors in people's wider ecosystems. Facilitate and aid these existing assets by enabling, encouraging and promoting information sharing, additional user roles with different privileges, delegated access, real-time-integrations, and other ways to involve the assistance of others.

Embrace a wider ecosystem and fuller claimant activity viewpoint for digitised public services

  1. Legitimise extensibility and customisation of digital infrastructure
    Deploy technology in ways that will permit, support and advocate integration with digital welfare by other actors. Provide timely, free and open access to system information, supporting content, and details of upcoming changes and updates to support these efforts.

Design systems which support the division of labour with claimants' ecosystems

  1. Integrate accurate specific and contextual primary guidance about making claims within systems and promote secondary professional assistance
    None
  2. Recognise changing trust effects in design of digital systems
    Claimants have different opinions about the trustworthiness and motivations of the state, unfamiliar claimants and other actors, which affect their tolerance to accept harms, requiring flexibility in choosing assistance and recognition how this trust can change over time: prior to making a claim, while maintaining a claim, and after ceasing to be a claimant.

Design to assist claimants across the full span of their own activities

  1. Accept, permit and encourage direct sole-use, shared-use, assisted use, and indirect intermediated use and proxy use of systems
    The nature of activities requires flexibility in how claimants and other actors in ecosystems interact with each other and with state systems, and these can change over time.

Signpost when additional assistance should be sought and recognise the time and effort needed to complete these activities

  1. Indicate to claimants when professional advice is crucial
    Some activities undertaken to receive a social protection payment award require much more specialist knowledge and experience than most citizens have; such involvement can counter complexity to avoid becoming overwhelmed; increase visibility of when claimants should check whether advice can help by highlighting higher-risk parts of the process; avoid overly simplifying processes which can hide the underlying and necessary complexity of making and maintaining a claim and thus discourage seeking knowledge and experience in the wider ecosystem.

General Notes

Card values (i.e. '10' for this card) are for game play and are not correlated with the severity of harm. This is because threats cannot be ranked directly since they can affect individuals in different ways due to situations and circumstances, or affect fewer or more claimants, or the harms can arise in claimants' support networks and wider society.

The threat description uses a person's name as the "attacker" (i.e. 'Samuel' for this card), which can be thought of someone involved with implementation. They could have any role which influence digitisation. So they could be a database administrator, or a copy writer, or a quality assurance specialist, etc, or all of these. Everyone could have some influence on the claimant threat described. The names were randomly selected from those currently most popular as given names for boys and girls (UK Office for National Statistics).

The example harms provided are drawn from the research data (which explored not only parts of existing services but also the effects of possible changes to those), from the author's own knowledge of web application development and testing, the author's own experience of helping citizens to claim Universal Credit (UC) and Personal Independence Payment (PIP), and from suggestions submitted by other people (make a suggestion). The threats and example harms do not necessarily exist in the current UC or PIP deployments or in ecosystems around those services, but they might well do.

All the cards in this Porosity suit are:  2  3  4  5  6  7  8  9  10  J  Q  K  A 

The other suits in the deck are: Scope, Architecture, Agency, Trust and Cornucopia (plus Jokers).

'