Connect with us

Hi, what are you looking for?



Online Game Teaches Risks of Personal Data Exposure

VIENNA – Sexual orientation, private debt, medical records, even your favorite ice cream flavor: do you know much of this personal information is out there and available for sale?

And what if it could affect your job applications, whether you can rent a house or how high your insurance premium will be?

VIENNA – Sexual orientation, private debt, medical records, even your favorite ice cream flavor: do you know much of this personal information is out there and available for sale?

And what if it could affect your job applications, whether you can rent a house or how high your insurance premium will be?

A new Austrian-designed online game titled “Data Dealer”, set for launch this week, hopes to make people a little more aware of their exposure to these risks, even if at a minimum it prompts them to switch off the GPS application on their smartphones.

“(Companies) are collecting more and more personal data,” designer Wolfie Christl told AFP. “At the same time, people are bored with thinking about this… so we had the idea to make a game out of it.”

A colorful demo was released last year, and “Data Dealer” — a browser game in the same style as Facebook’s popular “FarmVille” — won the Games for Change “most significant impact” award in New York in June.

“Here’s the most amusing way to learn the depressing news about your vanishing privacy,” Forbes magazine commented.

Some 80,000 players have already tested the game, which received funding from the Austrian government and the City of Vienna and will be available online for free.

Advertisement. Scroll to continue reading.

“I don’t think most people can really imagine what it means not only to collect but also to collate and to combine all these massive amounts of personal data,” said Christl, one of the game’s four core designers.

Even “really boring” information can be a goldmine, the cheerful young designer added.

That is the premise of “Data Dealer”.

Players get to collect thousands of profiles at the click of a mouse, using shady characters such as a Bernie Madoff-lookalike and a disgruntled nurse who has no qualms about selling patients’ records to supplement her meagre salary.

The characters are colorful and amusing. But the scary bit is the message behind the game.

For a few hundred euros (dollars), the manager of a tanning salon will hand over his client list, including names, birthdates and email addresses. Loyalty cards reveal diets and buying habits. A dating site profile turns up a person’s relationship status and even the age when they had their first sexual encounter.

The player can then sell this information to a major employer, a rental authority or a security agency to make a quick buck and expand his or her virtual empire.

Regaining control

“Data Dealer” is just a game, but what if fitness-monitoring systems such as Nike+ sold information to your health insurance provider: would your premium go up if you failed to run a required distance per day?

“People don’t know about the value of this personal data and they also don’t control it,” Christl said, adding: “If we want to have a positive future digital society then we really need to enable people to make the self-determined use of personal data and get back control of it.”

The City of Vienna’s creative agency Departure praised “Data Dealer” as “the most innovative international approach to… data protection and online media competence”.

“A game will probably not make a big difference, but it is a building block,” Tassilo Pellegrini, communications expert at St. Poelten technical college, told AFP.

“Data Dealer can boost people’s awareness, and with more awareness they might then act differently.”

Mass surveillance and privacy concerns became a major issue this year after US whistleblower Edward Snowden revealed the extent of the US National Security Agency’s spying on civilians.

Last week, the UN General Assembly’s rights committee passed a “right to privacy” resolution, which found that surveillance and data interception by governments and companies “may violate or abuse human rights”.

For Christl, who has been working on this not-for-profit project with a small team for two years, the Internet is still a great communication and innovation tool.

But he hopes “Data Dealer” will make people pay more attention to their privacy settings.

The team is now planning an educational version of the game and is working with schools and digital literacy programs.

Developments in the news will be regularly inserted into the game and a later version will even allow players to hack into each other’s accounts for an even more realistic effect.

As Christl put it: “It should also be entertaining; it’s not about preaching.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.


Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.