**Abstract**

The benefits, deriving from utilizing new Information and Communication Technologies (ICTs), such as Internet of Things or cloud computing, raise at the same time several privacy risks and concerns for users. Despite the fact that users' inability to protect their privacy has been recognized, hence users do not get involved in processes for enhancing their awareness on such issues. However, in order to protect their fundamental right of privacy and to manage it in a practical way when using ICT, privacy literacy is crucial. Users should be trained on privacy issues through appropriate educational programs. Specifically, the development of instructional simulation programs could be of great importance. Relevant methodologies for the development of such services have been recorded in previous literature. Since the concept of training is advanced by creating attractive interaction environments, the educational privacy process could be also more efficient. Towards this, the implementation of game elements serves that purpose, contributing to the design of gameful educational programs. However, despite its benefits, gamification has been noticed to be used more as a tool rather than a concept which could be included in instructional methods. Thus, in this work, gamification features are explained to highlight their importance along with the recorded in the literature educational methods and privacy awareness issues.

**Keywords:** gamification, game elements, privacy, training program, instructional simulation, educational simulation, method, framework, model

### **1. Introduction**

The established utilization of technologies in various activities, such as the use of cloud systems [1] is an accepted fact [2]. However, several challenges arise concerning privacy protection due to the storage of users' information. Personal information is crucial to be protected while using any type of technology. Thus, privacy should be taken into consideration at the early stages of designing a system. A sequence of methods and steps have been recorded in previous literature and by following them, privacy concepts can be analyzed in systems [3–5] in order for users' privacy to be protected. This analyzation includes the incorporation of privacy requirements in systems [3, 6]. Especially, according to the General Data Protection Regulation – GDPR [7], users' personal data should be protected while using

systems. Except this, individuals have the right to be informed about each process concerns their data. Further to this, each type of organization has to follow specific rules referred in regulations, to ensure that data is protected and to define a person who will be the Data Protection Officer (DPO). Additionally, six principles related to processing of personal data should be considered by each organization [8].

Equally crucial is for the audience to be aware on such issues in order for the privacy protection processes to be accomplished more effectively. For instance, employees should be educated on the rights that they have regarding their data, so as to be able to protect themselves. However, the complexity of such issues signifies that specific educational processes are needed, aiming at training individuals on privacy subjects. This combination could be achieved by introducing several privacy topics in educational methods, in order for a privacy awareness program to be developed. Except this, to maintain users' interest is needed to have attractive interaction environments with elements by which the educational process will be occurred through a more engaging way. Gamification method [9] supports this purpose as the incorporation of game elements in systems creates gameful products, aiming to increase users' engagement on using ICTs. Considering this, by implementing such elements in educational processes on privacy issues, users will have the illusion that they participate into a game but in fact they will be trained.

In spite of the benefits offered by this approach, it has been noticed that developers of instructional models have not emphasize on the consideration of its features during the development phases. Gamification has been mostly used as a tool for the development of applications [10], rather than as an approach which can be considered, so that to design a gamified instructional method. Further to this, the introduction of privacy issues into a such method would be useful for the design of products that purposing on having privacy aware users. Towards this, two main questions arise and will be addressed in this chapter, concerning the offered instructional methods and the mentioned privacy concepts on which users can be educated. The aim is to identify which features and phases have been recommended for the design of educational products and on which privacy topics would be helpful for users to be trained, so that to be able to protect their personal information. Additionally, gamification features are explained to highlight how this method is useful for creating an attractive educational process, especially, when the concept is complex for users, like privacy. These results could be useful for the development of an approach aiming on designing services on privacy awareness within a gameful environment.

To select all this information regarding the two research questions, the PRISMA review method [11] has been followed and implemented. We, first, defined our research questions and the search terms based on each question. According to our search strategy and eligibility criteria, the final results were conducted for each research question which, afterwards, were described. The rest of the paper is organized as follows. In Section 2 gamification features are described. In Section 3, the methods, implemented for the conduction of the results are described. In Section 4, the findings are presented based on the described methods. A discussion of the results is presented in Section 5. Finally, Section 6 concludes the paper.

#### **2. The features of gamification**

The provision of attractive ICTs which increase users' engagement is needed while most of users' activities are accomplished through technologies, e.g. e-learning [12]. Such services can be developed through gamification method, as it concerns the implementation of game elements in applications [9]. According

**3**

*Gamification: A Necessary Element for Designing Privacy Training Programs*

to the literature, several models have been recorded that developers have used to design a gamified system [13–16]. Despite that these methods differ respectively to their processes, their common aim is to show the steps for creating an attractive system to engage users. This approach has been used in various domains [17]. For instance, gamified services in marketing domain aim at raising each company's selling, while customers collect points which can be used for earning gift cards or discounts in products [18]. Furthermore, the use of such services for health issues engages users on protecting their health. For example, they can be notified in order to take their prescription, while they win points or gifts each time they react [19]. Gamified services have been provided in tourism sector as well, in order for the participants to discover several places that may care to visit [20, 21]. Additionally, to increase cultural awareness, such applications are helpful, as it has been recorded in previous literature [22, 23]. Users get familiar with the cultural heritage of various countries through a more interesting process. Thus, several benefits arise by using

In our previous work, a sequence of game elements has been recorded based on several studies in the literature for the creation of gameful applications [17, 24]. Some of them support the interaction between users, so that they are engaged to participate. These elements are the *communication, challenges, competition* and *collaboration* [25]. The results of each interaction may be presented in *leaderboards*, which engage users on participating in several tasks against or with others. In addition, *alternative activities* [26], such as *quizzes* [12], are provided to users to select *points* and pass *levels*, so that to win *badges* and *rewards* [27]. Users have the ability while creating profiles, to select either a specific role depending on their preferences or an *avatar* for an animated representation [28]. Some of the gamified applications may provide *feedback* to users in order to know their progress or improve their actions [29]. Others include *rules* which have to be followed during the completion of each task or the connection with users' *location* [26]. The last one has mostly noticed in applications regarding tourism domain. Additionally, *notifications* are presented, e.g. for reminding a specific action that should be accomplished [25]. Through these features, gamified applications can be developed in several domains. As described previously, the incorporation of game elements in instructional methods is also crucial, so that the training process to be more interesting and effective, especially, in case the education concerns difficult concepts, such as the protection of users' privacy. However, there is a lack of such models. Two questions arise and addressed in this work, regarding the recorded instructional methods and the privacy awareness topics. These results along with the gamification features could be considered for the creation of a method aiming at training users on privacy

In this Section, the implemented methodology for the conduction of the review results is described. This research was conducted during September 2020. The review protocol was based on the PRISMA statement [11]. First, the research questions (RQs), presented in **Table 1**, were addressed. The aim of the first research questions is to identify which studies refers to instructional models which can be implemented for developing programs, by using them individuals could be educated on various domains, and to record the steps that each one recommends. According to the second question, the aim is to identify the mentioned privacy topics in literature, which can be taken into consideration while designing training

programs for making users to be aware of privacy issues.

*DOI: http://dx.doi.org/10.5772/intechopen.97420*

gamification.

issues through gamification.

**3. Methods**

#### *Gamification: A Necessary Element for Designing Privacy Training Programs DOI: http://dx.doi.org/10.5772/intechopen.97420*

to the literature, several models have been recorded that developers have used to design a gamified system [13–16]. Despite that these methods differ respectively to their processes, their common aim is to show the steps for creating an attractive system to engage users. This approach has been used in various domains [17]. For instance, gamified services in marketing domain aim at raising each company's selling, while customers collect points which can be used for earning gift cards or discounts in products [18]. Furthermore, the use of such services for health issues engages users on protecting their health. For example, they can be notified in order to take their prescription, while they win points or gifts each time they react [19]. Gamified services have been provided in tourism sector as well, in order for the participants to discover several places that may care to visit [20, 21]. Additionally, to increase cultural awareness, such applications are helpful, as it has been recorded in previous literature [22, 23]. Users get familiar with the cultural heritage of various countries through a more interesting process. Thus, several benefits arise by using gamification.

In our previous work, a sequence of game elements has been recorded based on several studies in the literature for the creation of gameful applications [17, 24]. Some of them support the interaction between users, so that they are engaged to participate. These elements are the *communication, challenges, competition* and *collaboration* [25]. The results of each interaction may be presented in *leaderboards*, which engage users on participating in several tasks against or with others. In addition, *alternative activities* [26], such as *quizzes* [12], are provided to users to select *points* and pass *levels*, so that to win *badges* and *rewards* [27]. Users have the ability while creating profiles, to select either a specific role depending on their preferences or an *avatar* for an animated representation [28]. Some of the gamified applications may provide *feedback* to users in order to know their progress or improve their actions [29]. Others include *rules* which have to be followed during the completion of each task or the connection with users' *location* [26]. The last one has mostly noticed in applications regarding tourism domain. Additionally, *notifications* are presented, e.g. for reminding a specific action that should be accomplished [25].

Through these features, gamified applications can be developed in several domains. As described previously, the incorporation of game elements in instructional methods is also crucial, so that the training process to be more interesting and effective, especially, in case the education concerns difficult concepts, such as the protection of users' privacy. However, there is a lack of such models. Two questions arise and addressed in this work, regarding the recorded instructional methods and the privacy awareness topics. These results along with the gamification features could be considered for the creation of a method aiming at training users on privacy issues through gamification.
