At the 18th edition of the European Conference on Games Based Learning (ECGBL), held in Aarhus, Denmark, Emanuela Marchetti from the University of South Denmark presented an innovative paper titled “Designing Games for GDPR: Negotiating Understandings of GDPR in EU Schools.” The presentation highlighted the potential of games in raising awareness and promoting understanding of GDPR (General Data Protection Regulation) among school students across Europe.
In this research, a participatory design approach was combined with a citizen science framework to engage students in meaningful dialogue about GDPR. Students were involved as co-researchers in designing and evaluating a series of educational apps aimed at disseminating knowledge about data protection regulations. The study spanned secondary school students in Denmark and Italy, creating a cross-country design space that provided rich insights into how students from different educational and cultural contexts interact with GDPR principles.
The results revealed that approaching students as both designers and testers allowed them to contribute valuable and candid feedback on their experiences with GDPR. One of the key findings was the students’ sense of detachment from the implications of GDPR, particularly in relation to their social media activity. This disconnect stemmed from the way social media platforms blur the boundaries between their personal and school-related lives, challenging the application of GDPR in both contexts. You can access the full text of the paper here.
In addition, students from the University of South Denmark presented the poster of the game “Viral Sphere,” which was developed using data collected from students at Oerestad Gymnasium in Denmark. The game was further tested with three classes from Oerestad, as well as students from Instituto Bona in Biella, Italy, and Arborio School. The game aims to engage students in interactive learning about GDPR and data privacy through gameplay, offering an innovative and engaging way to understand the challenges posed by data protection in the digital age.