Data Protection Game – demonstration during the IoT Week in Aarhus 2019

The Data Protection Game is helping players in discovering and understanding privacy risks and data protection rights in a creative and interactive way. Furthermore, the Game enables players to familiarize with all the important definitions that will help them understand the GDPR.

During last three years The Data Protection Game was presented to various IoT Large Scale Pilotsrepresentatives during several conferences and events where the researchers working for these projects and the potential users have been involved in the groups of players.

In 2019 the finalized Game was disseminated and the demonstrations were implemented during the IoT Week in Aarhus with the LSP consortia members, the end-users of the LSPs and with the general public. During 3 days of presentation at the Public Expo and the Exhibition area the U4IoT booth had a lot of participants including the representatives of LSPs that wanted to play and learn about the data protection rules under the European General Data Protection Regulation (GDPR).

Thanks to the Game, players had the opportunity to find themselves in various situations in which they could recognize that their privacy is threatened. As the game has two options, the players could play the role of Data Protection Officer and Data Protection Authority.

As Data Protection Officers (DPO) players had to answer the questions that arise from everyday situations of the work of DPO and to explain the reasons behind it. This simulation helps players to understand and to learn about the GDPR obligations.

As Data Protection Authority (DPA), the players were helping the other players to guess the word(s) in italic on the card that are in relation with the GDPR. The DPA Game gives the players the opportunity to learn and to understand the words and phrases important for the implementation of the GDPR in research processes as well as in other working processes.

The players agreed that after participating in the game, they learned about some privacy issues that they never thought of.


“I didn’t know that if you want to implement a genetical research of blood samples of patients you need the consent form these patients!”

“It is interesting that even in smart farming we have to take care of privacy of the users.”

“I learned about the GDPR compliance regarding Smart Cities and it is very useful for our future work.”

Moreover, players agreed that while participating in the Game they gained knowledge about GDPR provisions on easier way. Based on the testimonials of the players we can make conclusion that the serious game is very efficient tool to raise awareness about complex topics as GDPR is and to enable players to learn while doing, acquiring knowledge during their own experience.

Furthermore, the participants could register to be included in our daily prize draw, the Data Protection Game set to play. Every day a lucky winner received the Game to use to play with colleagues and to learn more about the Data Protection.

With a colleague from the AutoPilot project

The Data Protection Game created by Archimede Solutions within the framework of U4IoT enables the players to better understand the GDPR and to know how to apply it in various context, while having fun.

This work was undertaken in the context of the U4IoT project – User Engagement for Large Scale Pilots in the Internet of Things ( The research leading to these results has received funding from the European Commission’s H2020-ICT-2016-2017 Programme under grant agreement n° 732078.