Digital Benefits and Disbenefits (DBD) logo Digital Benefits and Disbenefits

Trust 9 (TR-9) Card

DBD Cornucopia > Deck > Trust > 9

Card Details - Nine of Trust

Abbreviation

TR-9

Card's focus

The focus of this card is misuse of system by valid users

Threat to claimants

Maeve enables other users of the system to accidentally or maliciously cause harm to one or more claimants (e.g. inadequate access control, not preventing the misuse of valid functionality, including functionality unrelated to claimants' use the service, testing changes in the live environment)

Image of Trust 9 card

Threat to claimants

Maeve enables other users of the system to accidentally or maliciously cause harm to one or more claimants (e.g. inadequate access control, not preventing the misuse of valid functionality, including functionality unrelated to claimants' use the service, testing changes in the live environment).

Some examples of how this threat could lead to harms (negative effects on claimants)

The design recommendations and implications relevant to the card are listed below in the next section, but even those can be somewhat abstract and difficult to think about during practical day-to-day implementation. Therefore, some example harms are provided to complement the more formal research outputs. These examples are unique per card, and are only published on these web pages (i.e. in no other project outputs).

  • Claimants` awards are affected because other people with authorised access, such as friends or relatives, who are trying to help forget to do something important
  • Other people with valid access are able to find out information about claimants from the system and spread malicious gossip
  • Government officials use the system to surveil claimants' lives, or to use information gathered for some other purpose than the service (tracking, advertising, behavioural studies)
  • Some claimants see test versions of features/functions/content in the live service which disadvantages them relative to those who were not given the test version (e.g. makes them less likely to claim, makes them more likely to get a lower award, makes them more likely to be penalised)
  • System users look up personal data about claimants, to sell or give it to journalists, reporters, tiktokers, vloggers, bloggers, influencers, politicians, gossipmongers, etc

The examples are to help understand the threat on the card, not to suppress thinking and innovation. Incorporating these examples exactly, or closely matching ones, should be scored down when playing DBD Cornucopia as a game.

Applicable design recommendations and implications

These are reproduced here from Research Briefing NO2. Multiple cards reference each design implication.

Acknowledge claimants as people in digital design

  1. Prioritise claimants' interests over system efficiencies
    All digital welfare design processes, methods and decision-making should prioritise claimants' needs to achieve best outcomes for individuals rather than system efficiencies. Organisational knowledge and resources should be utilised to this respect including intervening in advance to identify matters that affect claims or what claimants may have forgotten about.

Design systems which support the division of labour with claimants' ecosystems

  1. Recognise changing trust effects in design of digital systems
    Claimants have different opinions about the trustworthiness and motivations of the state, unfamiliar claimants and other actors, which affect their tolerance to accept harms, requiring flexibility in choosing assistance and recognition how this trust can change over time: prior to making a claim, while maintaining a claim, and after ceasing to be a claimant.

General Notes

Card values (i.e. '9' for this card) are for game play and are not correlated with the severity of harm. This is because threats cannot be ranked directly since they can affect individuals in different ways due to situations and circumstances, or affect fewer or more claimants, or the harms can arise in claimants' support networks and wider society.

The threat description uses a person's name as the "attacker" (i.e. 'Maeve' for this card), which can be thought of someone involved with implementation. They could have any role which influence digitisation. So they could be a database administrator, or a copy writer, or a quality assurance specialist, etc, or all of these. Everyone could have some influence on the claimant threat described. The names were randomly selected from those currently most popular as given names for boys and girls (UK Office for National Statistics).

The example harms provided are drawn from the research data (which explored not only parts of existing services but also the effects of possible changes to those), from the author's own knowledge of web application development and testing, the author's own experience of helping citizens to claim Universal Credit (UC) and Personal Independence Payment (PIP), and from suggestions submitted by other people (make a suggestion). The threats and example harms do not necessarily exist in the current UC or PIP deployments or in ecosystems around those services, but they might well do.

All the cards in this Trust suit are:  2  3  4  5  6  7  8  9  10  J  Q  K  A 

The other suits in the deck are: Scope, Architecture, Agency, Porosity and Cornucopia (plus Jokers).

'