Trust 10 (TR-10) Card
DBD Cornucopia > Deck > Trust > 10
Card Details - Ten of Trust
Abbreviation
TR-10
Card's focus
The focus of this card is misuse of system by external actors
Threat to claimants
Ezra computerises the service but fails to prevent people external to the system from using it to accidentally or maliciously harm (e.g. physical, mental, reputation, control, financial) one, some or more claimants
Threat to claimants
Ezra computerises the service but fails to prevent people external to the system from using it to accidentally or maliciously harm (e.g. physical, mental, reputation, control, financial) one, some or more claimants.
Some examples of how this threat could lead to harms (negative effects on claimants)
The design recommendations and implications relevant to the card are listed below in the next section, but even those can be somewhat abstract and difficult to think about during practical day-to-day implementation. Therefore, some example harms are provided to complement the more formal research outputs. These examples are unique per card, and are only published on these web pages (i.e. in no other project outputs).
- External people/organisations, who do not have any kind of access credentials, are able use the system to find out which citizens are claimants
- External people/organisations, who do not have any kind of access credentials, can steal claimants' identities or personal data from the system
- The system can be used by anyone to surveil claimants
The examples are to help understand the threat on the card, not to suppress thinking and innovation. Incorporating these examples exactly, or closely matching ones, should be scored down when playing DBD Cornucopia as a game.
Applicable design recommendations and implications
These are reproduced here from Research Briefing N
Design systems which support the division of labour with claimants' ecosystems
- Recognise changing trust effects in design of digital systems
Claimants have different opinions about the trustworthiness and motivations of the state, unfamiliar claimants and other actors, which affect their tolerance to accept harms, requiring flexibility in choosing assistance and recognition how this trust can change over time: prior to making a claim, while maintaining a claim, and after ceasing to be a claimant.
General Notes
Card values (i.e. '10' for this card) are for game play and are not correlated with the severity of harm. This is because threats cannot be ranked directly since they can affect individuals in different ways due to situations and circumstances, or affect fewer or more claimants, or the harms can arise in claimants' support networks and wider society.
The threat description uses a person's name as the "attacker" (i.e. 'Ezra' for this card), which can be thought of someone involved with implementation. They could have any role which influence digitisation. So they could be a database administrator, or a copy writer, or a quality assurance specialist, etc, or all of these. Everyone could have some influence on the claimant threat described. The names were randomly selected from those currently most popular as given names for boys and girls (UK Office for National Statistics).
The example harms provided are drawn from the research data (which explored not only parts of existing services but also the effects of possible changes to those), from the author's own knowledge of web application development and testing, the author's own experience of helping citizens to claim Universal Credit (UC) and Personal Independence Payment (PIP), and from suggestions submitted by other people (make a suggestion). The threats and example harms do not necessarily exist in the current UC or PIP deployments or in ecosystems around those services, but they might well do.
All the cards in this Trust suit are: 2 3 4 5 6 7 8 9 10 J Q K A
The other suits in the deck are: Scope, Architecture, Agency, Porosity and Cornucopia (plus Jokers).