Ethical Dimensions of User Centric Regulation

 In Ethical Issues, Issue 1, Volume One


We explore the role of IT designers in regulation and question the ethical dimensions of their work. The turn to the IT design community to help address hard regulatory issues posed by emerging IT systems needs deeper analysis. Through our concept of User Centric Regulation (UCR), we question the nature of their role, with specific reference to end users and their legal rights. UCR developed from wider analysis of how a specific domain of IT design, human computer interaction, can interact with a field of regulation, information technology law (Urquhart, 2016). Accordingly, for this discussion we focus on unpacking two ethical dimensions of involving IT designers in the practice of regulation. Firstly, the nature of their wider responsibilities to users and secondly, the relationship between mediating user experiences through IT design and regulation. We look at these issues in the context of the challenges posed by smart cities.

To do this, in Part I, we introduce our concept UCR. Importantly, UCR stems from several key assertions. Firstly, that IT designers are now regulators, but they are not traditionally involved in the practice of regulation. Secondly, that the nature of their role in regulation is ill-defined. Lastly, that they need support in understanding what this new role entails, particularly managing ethical dimensions beyond legal compliance. UCR helps situate the role of designers in regulation and unpacks what shifts towards closer alignment of the IT design and regulation communities might mean. In Part II, we look at ethical dimensions of designers doing UCR. Firstly, we suggest that beyond legal responsibilities to act, for example in privacy by design, designers have ethical responsibilities to engage with the wider social implications of their work for users Secondly, we argue that how they design technologies to regulate, by mediating user interactions, is an area for ethical reflection. Thirdly, we suggest ways designers can do this, highlighting how concepts from HCI can be used to engage with regulatory dimensions of their work. In Part III, we look at the challenges of near future smart cities, considering the role of designers in managing information flows between users, devices and services. We briefly use the HCI concept of ‘seamful design’ to explore how HCI, IT law and ethical considerations can come together. In Part IV, we offer brief conclusions.

Part I: Introducing User Centric Regulation

Our concept of UCR supports thinking about ethical dimensions of the role of IT designers in regulation. Underpinning UCR are several key assertions, which we need to briefly unpack. This is a shorter explanation, as the arguments are developed more fully in other, longer work (Urquhart & Rodden, 2016). As mentioned in the introduction, we argue the following:

  • Human computer interaction (HCI) designers are now regulators;
  • Technology designers are not traditionally involved in the practice of regulation and accordingly, the nature of their role in regulation is ill-defined;
  • Support for understanding what this new role entails is necessary, particularly managing ethical dimensions beyond legal compliance.

To understand these claims, we need to understand that the concept of regulation, and who acts as a regulator, has been broadening. Traditional definitions of regulation, such as those offered by Selznick, are overtly state centric, arguing regulation is the “sustained and focused control exercised by a public agency, on the basis of a legislative mandate over activities that are generally regarded as desirable to society” (Selznick, 1985). In contrast, Black’s more contemporary definition is much wider, arguing regulation is “the sustained and focused attempt to alter the behaviour of others to standards or goals with the intention of producing a broadly identified outcome or outcomes, which may involve mechanisms of standard setting, information gathering and behaviour-modification” (Black, 2002, p. 26).

As we can see, the activities of non-state actors can now be viewed under the umbrella of regulation. This could include corporations, non-governmental organisations (NGOs) and technical standard setting bodies like World Wide Web Consortium, Internet Engineering Task Force. Nevertheless, the state still retains a key role in defining agendas for action through legislative mandates or formal policy. State authority and legitimacy to exercise control over a jurisdiction and the actors therein is a key aspect of their power (Leenes, 2011). However, they no longer exercise an absolute monopoly in setting standards, implementing social control mechanisms and shaping behaviour of citizens (Hood & Margetts, 2007). Government often encourages hybrid regulation between state and non-state actors in both self-regulation and co-regulation (Marsden, 2011) and increasingly we see ‘regulation in many rooms’ (Black, 2002, p. 63). Accordingly, non-state actors, like IT designers, can draw on a variety of methods to shape, persuade and change behaviour to realise specific outcomes. Importantly, by mediating actions of users through their design decisions, they can define the nature of a user’s interactions with a technology, and regulate what they do.

Within IT law, the importance of technology design as a regulatory tool has longstanding provenance (Reidenberg, 1998). More formally, legislative mandates embed this idea and bring law and design closer in practice. This is often to address complexities of regulating emerging technologies and with the intent of addressing legal regulation lagging behind technology development. The concept of information privacy by design (PbD), as instantiated in Article 25 of the new EU General Data Protection Regulation (GDPR) 2016, typifies the turn to design to assist in the practice of regulation.

A turn to design means a turn to designers, but we feel the nature of their role is still not well settled in IT regulation. There is a significant gap between the legal understanding of design, and the practices and epistemic commitments of design communities, such as those within HCI (Urquhart, 2016). Theoretically, this is problematic as IT law still sits very much within abstracted, top down models of understanding how technology can regulate users’ behaviour. Theories like Lessig’s ‘code is law’ portray users as passive dots with no agency, (Lessig, 2002) and whilst Murray’s ‘networked communitarianism’ addresses this shortcoming by giving users agency, they are still largely viewed as nodes, merely part of a larger network (Murray, 2006). Such social systems led abstractions (Luhmann, 1996) of society neglect how users actually interact with technologies in practice, which we view as a significant shortcoming. A proper turn to design in regulation needs to embrace the practices of design and incorporate them into the corpus of IT regulation strategies.

To understand what this means, we focus on the role of the HCI community, as the domain of system design most proximate to the end user. HCI, as a field, has been undergoing a shift from functional concerns like interface efficiency and optimisation towards more cultural, emotional and ethical dimensions of computing (Bødker, 2016). This growing awareness of societal implications of IT and the role designers play therein, requires reflection on how best to move forward. Ethical responsibilities of designers and methods to incorporate human values into the relationship between user, technology and designer do exist, like participatory (Ehn & Kyng, 1987) or value sensitive design models (Friedman, Kahn, & Borning, 2008).

Indeed, a key strength of HCI is developing situated understandings of how users interact with IT in context. HCI designers utilise a range of approaches developing systems, experiences and interactions with users. These vary from conducting co-design processes with users, testing and iteratively developing prototypes and conducting design ethnographies to understand the requirements of a setting and the practices therein (Crabtree, Rouncefield, & Tolmie, 2012). We believe the HCI community can help address hard regulatory challenges and shape how legal interests of IT users are protected in practice.

Nevertheless, by calling on non-state actors like designers to be involved in regulation, lack of legitimacy must be addressed, as they are not held to the same standards of accountability or transparency as the state. However, we believe the user centric nature of HCI is one route to the designers obtaining legitimacy as regulators. HCI designers can addressing the gap in current regulatory practices left by seeing users as ‘nodes’ or ‘dots’ instead of understanding of how actual users interact with technology in practice. Indeed, if HCI designers can understand the needs of end users in a grounded manner, they can respond to regulatory challenges in more contextually appropriate ways.

Bridging the gap between IT law and HCI communities is critical. Engaging with the practices, concepts and epistemic commitments of the HCI community, is the first step to unpacking what role design, and designers, can play in IT regulation. Nevertheless, accepting their role as regulators, within this paper, we want to briefly reflect on two elements of their role. We are interested in where ethical responsibilities designers owe to users’ stem from.[1] As HCI designers shape behaviour and ‘regulate’ users by ‘mediating’ their interactions with IT, how they do so offers scope for ethical reflection, and we want to consider this more deeply in Part II.

Part II: Ethical Dimensions of User Centric Regulation

To better situate the nature of an IT designer’s responsibility and ethical nature of their role in mediating behaviour through design, we turn to the long lineage of work in computer ethics (CE). CE has long responded to new ethical questions posed by IT (Johnson, 1985) and as Moor argues, the resulting “policy and conceptual vacuums about how to use computer technology” (Moor, 1985, p. 266). For Moor the field itself is defined by “the analysis of the nature and social impact of computer technology and the corresponding formulation and justification of policies for the ethical use of such technology” (Moor, 1985, p. 266). CE considers issues from computer crime and privacy to intellectual property and globalisation (Bynum, 2008), and as the mechanisms of law, like legislation and case law, often struggle to keep pace with technological and societal change, ethics have much value in considering appropriate action. As Moor argues, ethics are not static, they adapt with human values, and are thus more organically responsive to new questions posed by computing (Moor, 1985). A nice example reflecting this is the European Data Protection Supervisor, a supervisory body for EU Data Protection Law, are developing codes around data ethics in addition to formal legal mechanisms.

In terms of practical tools supporting ethical conduct of IT designers, codes of ethics play an important role. Codes, like those associated with membership of specialist bodies are primarily orientated towards professional responsibility. The Association of Computing Machinery (ACM) (1992), Institute of Electrical and Electronic Engineers (IEEE) (2017) and British Computing Society (BCS) (2015) have been providing guidance for members through respective codes of ethics and conduct for decades (for IEEE, since 1963). The IEEE Code of Ethics, asks members to consider how their work impacts quality of life of others, and introduces broader notions of responsibility to public welfare, safety and health. Critical reflection on these codes highlights significant focus on protecting reputation as opposed to having more aspirational expectations of members (Gotterbarn, 1999). Nevertheless, they have considerable value in defining high level principles and values of the community.

The responsible research and innovation agenda prompts reflection on ethical questions by reasserting the relationship between innovation and the social consequences. As Stilgoe et al put it, RRI is “taking care of the future through collective stewardship of science and innovation in the present” (Stilgoe, Owen, & Macnaghten, 2013, p. 1570). To do this, instead of a code of conduct, their RRI framework draws on four elements of anticipation, reflexivity, inclusion, and responsiveness. These principles direct reflection on questions of “uncertainty (in its multiple forms), purposes, motivations, social and political constitutions, trajectories and directions of innovation” (Stilgoe et al., 2013, p. 1570). Such considerations clearly pertain to the ethical dimensions of a IT designer’s role, as those involved in research and development of new products and services in organisations like university labs, start-ups, hackspaces, multinational R&D labs and beyond. Anticipation involves systematic consideration of risks posed by new technologies, with special precaution around forecasting unforeseen issues. Reflexivity requires reflection on assumptions, actions and appreciating alternative points of view may exist. Inclusion seeks legitimacy through dialogue and engagement with more stakeholders impacted by technologies (Stilgoe et al., 2013, pp. 1570–71). In terms of UCR, and considering the HCI and IT law communities, these principles have existing counterparts.

Anticipation has similarities with regulatory processes like conducting privacy, social or ethical impact assessments for new data driven technologies (Wright & Hert, 2012). These are increasingly popular in law, with Privacy Impact Assessments finding legislative authority in Article 35 of the GDPR. Similarly, EU wide standards for ethical impact assessments have been drawn up as part of the SATORI project (SATORI, 2017). Reflexivity has likenesses with the HCI notion of ‘reflective design’, where designers need to consider their role and impact on users (Sengers, Boehner, David, & Kaye, 2005). As Sengers et al argue, “technology design practices should support both system designers and users in ongoing critical reflection about technology and its relationship to human life… for those concerned about the social implications of the technologies we build, reflection itself should be a core technical design outcome for HCI” (Sengers et al., 2005, p. 50). Reflection is by highlighting and questioning assumptions, ideologies, and beliefs of design (Pierce et al., 2015). Inclusion aligns with HCI and Computer Supported Cooperative Work (CSCW) where the concept of participatory design has led to methods and approaches being developed to involve technology users in the design process. The involvement of Scandinavian workers in new IT systems impacting their jobs and labour rights is a key example (Bjerknes & Bratteteig, 1995).

Within the latter context, labour laws form a mandate for action and responsibility, however for RRI, the nature of responsibility is often more complex. Stahl, Eden, and Jirotka note, responsibility in RRI largely falls to individuals, who can be subject to many forms (Stahl, Eden, & Jirotka, 2013). A software engineer may have professional responsibilities to customers, moral responsibilities to users, role responsibilities as leaders to peers, or legal responsibilities to compliance with laws (Stahl et al., 2013, pp. 201–202). Their interviews with scientists for the FRRIICT[2] project, broadly showed less sense of responsibility for social consequences when conducting ‘fundamental’, ‘generic’, ‘enabling’ research than those closer to or working with specific end user groups, doing more ‘applied’, ‘application orientated’ work (Stahl et al., 2013, pp. 209–211).

Accordingly, whilst HCI and IT designers have different dimensions of responsibility for the wider social implications of their work, the ways they reflect on these wider responsibilities are multifaceted. Any role for IT designers in regulation needs to go beyond just legal compliance, to reflect on the wider ethical dimensions of their role. However, supporting them in doing so is a complex task.

We will now briefly consider how IT designers mediate experiences of users through their design decisions. We feel this offers an opportunity to reflect on ethical implications of design. As there has been considerable work in the field of engineering ethics on mediation and the role of designers, we now turn there.

The relationship between ethics and design is strong. As Verbeek argues, “engineering design is an inherently moral activity” (Verbeek, 2006, p. 368) and as Millar states, “in effect, engineers ought to be considered de facto policymakers, a role that carries implicit ethical duties” (Millar, 2008, p. 4). Indeed, design[3] decisions on how users can act when using a technology are moral judgments, ultimately ‘inscribed’ into the technology (Akrich, 1992). As Millar frames it, technologies act as ‘moral proxies’ by shaping the relationship between users, artefacts and designers through design decisions made by designers (Millar, 2008). If we look to Latour, he argues non-human artefacts are often delegated human functions, thus allowing them to prescribe human behaviour (Latour, 1992, p. 157) where “the distance between morality and force is not as wide as moralists expect, or more exactly, clever engineers have made it smaller” (Latour, 1992, p. 174). With that in mind, the power designers can have as regulators is significant.

Nevertheless, it is not necessarily absolute, and in assessing limits to shaping behaviour through design, we look to Verbeek and Ihde. For Verbeek, technology co-shapes user understandings of their surroundings where “technological artefacts are not neutral intermediaries but actively co-shape people’s being in the world: their perceptions and actions, experience and existence” (Verbeek, 2006, p. 364). However, following Ihde’s concept of ‘multistability’ (Ihde, 1990; Verbeek, 2006, p. 365),[4] whilst technologies may have ‘inscribed’ intentions of use/function,(Verbeek, 2006, p. 362)[5] the actual meaning is determined by use. As Ihde (2011) puts it, “no technology ever remains limited to designer intent”, as we see with examples like claw hammers being used for removing nails, violence and art (Ihde, 2011). Technology and humans relate, interact and co-construct, with the relationship between them mediating the purpose and meaning of technology. To quote Ihde again, “left on a shelf, the Swiss army knife or the cell phone ‘does’ nothing” (Ihde, 2011, p. 24).

Aligning this with notions of responsibility, we see designers have a moral duty to look beyond function and consider mediating impacts of technology, as Verbeek argues, to “bridge the gap between the context of use and the context of design” (Verbeek, 2006, p. 378). However, unpredictable differences between what designers intend through design and how technology is used in practice makes such forecasting and anticipation hard. Practically speaking, Van Gorp and Van de Poel show that ethical decisions are made during technology design when designers decide to prioritise certain requirements, with some trade-offs being acceptable and others unacceptable (eg safety against sustainability) (van Gorp & van de Poel, 2001, p. 16).

They normally use ‘satisficing’ where ‘a designer is satisfied with any solution that is good enough given the design requirements and will not look for optimal solutions’ (van Gorp & van de Poel, 2001, p. 19). This might not create the most ethical decision, but equally on a practical level the questions to be engaged with are not simple eg “how should one decide for example, on the relative importance of safety versus costs? Who is to make this decision? The engineers, the manager or principle of the project, the portrayed users, the public possibly affected, the general public? And how is this decision to be made in an ethically acceptable way” (van Gorp & van de Poel, 2001, p. 19).

Engaging with moral decisions and ethical dilemmas can pose challenges for designers, hence why they need greater support in doing so. As Van den Hoven et al (2012) argue, engineers can suffer from ‘moral overload’ of making difficult, practical moral decisions involving value trade-offs and balancing competing interests during design. This leads to ‘moral residue’ which is the “moral emotions and psychological tensions that are associated with the things that were not done, the road not travelled, the moral option foregone” (Van den Hoven et al., 2012, p. 143). This can be useful insofar as it motivates a response to these issues as early as possible, as engineers seek to avoid such overload in the future.

Fundamentally, designers are not neutral and by participating in design processes, they are making ethical decisions (van Gorp & van de Poel, 2001, p. 21). Seeing ethics as a process of reflection, not necessarily tied to normative absolutes (e.g. privacy is good or bad), but instead on reflecting on the mediating effects of a technology on the user can be useful (Verbeek, 2006, p. 377).[6]Anticipating the differences between use and design needs to be addressed. From a UCR perspective, whilst legislation may define thresholds for legal requirements and rules, such as safety guidelines, product safety or accessibility specifications, engineers/designers can still make choices, to exceed these and reach to a higher ethical standard. The esoteric nature of laws and regulations can challenge this, as baseline understanding of law may necessitate translation to make standards relevant to designers’ work, an area requiring increased attention (Birnhack, Toch, & Hadar, 2014; Urquhart, 2016).

Designers need mechanisms to support reflection on both regulatory and ethical impacts of their design decisions. In aligning HCI and IT law, there are a range of options, such as value sensitive design (VSD) or participatory design frameworks mentioned earlier, and discussed in depth in our longer paper (Urquhart & Rodden, 2016).

To introduce one briefly, VSD, Friedman et al argue for including ‘values with ethical import’ in design, namely those which ‘centre on human well-being, human dignity, justice, welfare and human rights’ (Friedman & Kahn, 2006, p. 1180). VSD uses conceptual, empirical and technical investigations in an iterative way to unpack how values are involved in a system (Friedman & Kahn, 2006, p. 1187). This involves conceptually assessing philosophical questions of establishing values, balancing competing values and potential impacts of the system (Friedman & Kahn, 2006, p. 1181). It also requires empirically grounded analysis through specific examples, to see how individuals, groups, or larger social systems that configure, use or are otherwise affected by the technology (Friedman et al., 2008, pp. 71–73). VSD has been critiqued from different directions, mainly on what (or whose) values are considered, and how they are formulated. Borning and Muller, for example, argue VSD should be more pluralistic and open to different value systems from different cultural contexts, and less focused on a position of universal Western liberal values as default (Borning & Muller, 2012).

For HCI and IT law communities, UCR can support concepts from each community to find new perspectives on regulatory challenges. We see opportunities in extending VSD from ethical to legal values. Privacy, ethical and even social impact assessments can also have a key role in structuring reflection on both ethical and legal dimensions of design. Privacy patterns are another useful design tool (Colesky, Hoepman, & Hillen, 2016). In other work, we have sought to bring these communities closer together. One example is repurposing Benford et al’s trajectories framework (Benford, Giannachi, Koleva, & Rodden, 2009) used for designing interactive user experiences to developing adequate consent mechanisms in the Internet of Things (IoT) (Urquhart & Rodden, 2017). Another is our deck of physical privacy by design playing cards in workshops to help structure reflection by system designers on data protection concerns in IT design (Luger, Urquhart, Rodden, & Golembewski, 2015). For this paper, we do not reiterate these ideas in detail. Instead we briefly suggest another HCI concept to consider for UCR below, seamful design, and suggest how it can frame reflection on the role of designers in regulation through the context of smart cities.

Part III: UCR and Smart Cities

To understand seamful design, we first must understand seamless design. The utopian vision of Ubicomp, a forbearer to the current IoT and smart city trends, is for users to have seamless interactions with IT across different contexts. IT has become so integrated into daily life that it is invisible in use (Weiser, 1993). Realising this future prompted many strands of research in computer science, from Ambient Intelligence and pervasive computing to context aware and calm computing (Aarts & Marzano, 2003; Weiser & Brown, 1997). The engineering principles of seamless networking and invisibility in use through new interface designs, networking protocols and so forth were never far from the research agenda.

However, within the HCI community, increased critical reflection on these goals sugested adherence to engineering design principles of near future technical visions, such as seamlessness, often led to neglect of user interests and the realities of the present (Bell & Dourish, 2007; Reeves, 2012). Research on smart homes, for example, shows user interests are often side-lined for the desire to engineer the technical vision of contextually relevant, responsive devices and services to make life simpler and more convenient (Wilson, Hargreaves, & Hauxwell-Baldwin, 2015).

We see similar trends emerging in smart cities, where utopian rhetoric abounds. Multiple stakeholders driving forth a multitude of agendas are normally framed around efficiency, convenience and security from the smart urban future. As Kitchin argues “the smart city promises to solve a fundamental conundrum of cities – how to reduce costs and create economic growth and resilience at the same time as producing sustainability and improving services, participation and quality of life – and to do so in commonsensical, pragmatic, neutral and supposedly apolitical ways by utilising a fast-flowing torrent of urban data and data analytics, algorithmic governance, and responsive, networked urban infrastructure”(Kitchin, 2015). Interaction between local government and multinational corporations are a key relationship to consider in these changes. The significant investment in Glasgow, through the Future Cities project before the 2014 Commonwealth Games is a good practical example. Goals such as opening-up access to streams of data through smart city dashboards aim to encourage innovation and create value added services and foster local economic growth were important.[7] Multinationals corporations offer ‘smart city in a box’ type solutions, providing software and hardware to upgrade dated infrastructure to become intelligent.

As the vision goes, sensors, networking and actuators can manage many parts of civic life. Urban congestion can be decreased by intelligently rerouting rush hour traffic (Catapult, 2017). Crime can be managed more effectively with smart CCTV systems using machine learning to detect suspicious visual behaviour or microphones to monitor noise volumes in the street. More efficient street lighting can stretch already tight local government budgets, whilst supporting carbon footprint reduction targets and wider environmental sustainability goals (Glasgow City Council, 2017). Despite these admirable goals, a key challenge with this vision, as with Ubicomp or smart homes that have gone before, is how to use data to make city life better for citizens and local communities (Thomas, Wang, Mullagh, & Dunn, 2016).

Turning again to authors like Kitchin, we see concerns about lack of attention paid to local interests and how this can impact the nature of emerging smart cities. As he argues, “the realities of implementation are messier and more complex than the marketing hype of corporations or city managers portrays and there are a number of social, political, ethical and legal concerns with respect to the kind of society smart city initiatives seek to create” (SCL, 2017). Similarly, researchers Murakami Wood and Graham are concerned about links between smart cities, increased surveillance and militarisation of urban space, unpacking how increased urban control might impact citizens human rights (Graham, 2013; SCL, 2017).

Indeed, those building and managing cities need to understand the inhabitants, and respect what they need from their urban environment. Cities exist within regulatory frameworks, where different actors have both rights and responsibilities, for example around ensuring privacy in public spaces or ethical standards of policing. Within these frameworks, smart cities pose a range of regulatory challenges.[8] Edwards has argued that smart cities bring together the regulatory challenges inherent in three IT sectors: big data, cloud computing and ubiquitous computing. She argues this creates a ‘perfect storm’ of privacy and security threats (Edwards, 2016). Designing adequate consent mechanisms for IoT, lack of algorithmic transparency for big data, and third country data transfer with the cloud are just three of the many regulatory challenges she argues smart cities can pose (Edwards, 2016).

In responding to these, we believe the practices of the HCI community, as a new type of regulator, can come to the fore. They can draw on their key route to legitimacy as regulators, user centricity, to engage with the needs of local citizens. By understanding their interests, HCI designers can both establish ethical or regulatory concerns but then act, by how they decide to design, and consequently mediate interactions, through their technological deployments. It is important to remember, that designers do not operate in isolation or a vacuum, and will be subject to the competing interests of other smart city stakeholders. Nevertheless, they have a clear opportunity for action and thus an important role to play.

To unpack this further, users living in a personal data rich smart city may require designers to create more effective consent mechanisms when interacting with smart public infrastructure, (Edwards, 2016) increased transparency around how personal data flows between users and these services, and even build in the ability for users to ‘go under the radar’, to resist being monitored in their daily lives. Users have legal privacy rights, such as the right to be forgotten (Article 17 GDPR) or the right to object (Article 21 GDPR), which could support realisation of such resistance practices. Indeed, new clothing that confuses smart CCTV algorithms has been developed to assist in this regard (Hern, 2017). Without the HCI designers who can mediate the user/IT interactions, and implement these perspectives, realising these rights in practice will be more complex. The benefit of aligning these IT regulation and design questions under the concept of UCR is the ability for action, for designers to listen to and respond to the needs of users, particularly around their legal rights. The alternative of leaving users to rely on expensive, after the fact legal action through litigation, is less than ideal.

Nevertheless, even if designers have routes for action, and a sense of responsibility to respond to their users’ interests, the complexity and uncertainty of the legal landscape may make it hard to know what rights users have and how these may look in practice.

Accordingly, we think the notion of seamful design, as an HCI concept (Chalmers & Galani, 2004), is useful here. Seamful design involves embracing the physical features and limitations inherent in designing interactive user experiences, where a key example is network connectivity. It is unlikely that there will always be reliable WiFi, GPS, or 3G signal for designing truly seamless user interactions ‘in the wild’, even now. There are often dead-zones with no connectivity, and depending upon how a system interface is designed this can impact the functionality and overall experience for end users. Accordingly, seamful design suggests recognising features and restraints that will shape the overall design and then responding by reflecting or highlighting these in the new end user experiences.

Repurposing this notion slightly, we can foresee seamful design as a way of surfacing uncertainty in IT regulation. Legislation may exist to cover regulation of a new technology, such as GDPR, but interpretation may be challenging. It may be a new piece of law with a lack of test cases, or the nature of what it requires, as is often the case, may be quite nebulous and inaccessible to non-lawyers. This can be exacerbated by the lag between law and technology, where the scope of legal challenges a new technology can pose are hard to determine with certainty, as it is a substantially new or disruptive system.

Actively playing with and raising awareness of the uncertainty in regulation of emerging technologies can be a role for designers. Thinking about legal uncertainty as a seam gives scope for law and HCI to come together in creative ways to reframe how user experiences and the associated legal rights of users come to be mediated in practice.

With consent mechanisms in smart city infrastructure, for example, how the legal threshold of informed, explicit consent in Article 7 GDPR for special categories of personal data[9] (racial or ethnic origin, genetic data, biometric data etc) is achieved in practice, is uncertain. However, designers have opportunities for action, to obtain input from users as to what they think this requires, and to respond accordingly. Building on the formal legal requirements as a baseline, the seams of uncertainty in interpreting the law can be highlighted in the end user experience. Through joint reflection by designers and users on how these rights and requirements might manifest in practice, new mechanisms and interpretations for how to obtain explicit consent in practice may emerge. Similarly, for the right to be forgotten, there is scope for designers to co-create new ephemeral interactions with users, to both realise the legal intent whilst creating engaging and rewarding user experiences. The challenges of doing this at scale in the smart city context adds a layer of complication, but also offers new opportunities.

Contrasts between designing interactions for transient visitors who may only visit the city and local residents who are there for decades are just one attribute to consider. Another is how to implement change whilst engaging with the diverse assemblage of local practices of neighbourhoods and communities, and not disrupting the patchwork that makes up life in that area. Another is managing the volume and diversity of stakeholders in a city, each with competing demands from design interventions, where the differing levels of input from investors, government bodies (local and state), industry, retail businesses and other residents will shape what is possible through design.

To conclude this part, thinking about smart cities in terms of local practices, relationships and interactions with technology is key. It moves us past how macro level visions of a ‘smart city in a box’ can solve all the socio-economic problems of an urban environment. It returns thinking to how user interactions with these technologies can be constructed in ways that respect their legal rights and wider interests. By bringing HCI designers into the remit of IT regulation, there are great opportunities to understand the impact of smart city developments at this local level, and to creatively address some of the big challenges they pose for users. However, greater interaction is needed between the law and HCI communities to support designers in doing this (Urquhar & Luger, 2015). We now turn to some brief conclusions.

Part IV: Conclusion

In this paper, we discussed the importance of bringing HCI and IT law communities closer together. We did this through our concept of UCR. Turns in technology regulation to design coupled with growing awareness in HCI of the wider social implications of IT underpin this. We discussed how HCI designers can shape behaviour and regulate users through design. We focused on the importance of their role in mediating user interactions through IT, but concurrently, we recognise user relationships with IT may play out differently in use. Designers need to reflect on these complexities when considering how to address legal and ethical dimensions of their work.[10] We explored some challenges posed by smart cities, and considered the role designers may have in addressing these, for example by using the concept of seamful design to engage with uncertainty in the law. Importantly, HCI designers need to obtain legitimacy as regulators. We argue their proximity to end users and their tools for understanding user relationships and interactions with technology in context are key to this. Importantly for UCR, this offers opportunities for new regulatory strategies to emerge. HCI designers can begin to understand and then shape the relationships between ethical and legal interests of users and IT design in practice.

<Full References provided in Footnotes, as per template request>


Aarts, E., & Marzano, S. (Eds.). (2003). The new everyday: views on ambient intelligence. Rotterdam: 010 Publ.

Aarts, E., & Marzano, S. (Eds.). (2003). The new everyday: views on ambient intelligence. Rotterdam: 010 Publ.

Akrich, M. (1992). The De-Scription of Technical Objects. In W. E. Bijker & J. Law (Eds.), Shaping Technology / Building Society. Cambridge: MIT Press.

Association for Computing Machinery. (1992, October 16). ACM Code of Ethics and Professional Conduct. Retrieved February 1, 2017, from

Bell, G., & Dourish, P. (2007). Yesterday’s tomorrows: notes on ubiquitous computing’s dominant vision. Personal and Ubiquitous Computing, 11(2), 133–143.

Benford, S., Giannachi, G., Koleva, B., & Rodden, T. (2009). From Interaction to Trajectories: Designing Coherent Journeys Through User Experiences. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp. 709–718). New York, NY, USA: ACM.

Birnhack, M., Toch, E., & Hadar, I. (2014). Privacy Mindset, Technological Mindset. Jurimetrics, 55, 55–114.

Black, J. (2002). Critical Reflections on Regulation. Australian Journal of Legal Philosophy, 27, 1–35.

Black, J. (2007). Tensions in the Regulatory State. Public Law, 58–73.

Bødker, S. (2016). Third-wave HCI, 10 Years Later—participation and Sharing. Interactions, 22(5), 24–31.

Borning, A., & Muller, M. (2012). Next steps for value sensitive design. In Proceedings of the SIGCHI conference on human factors in computing systems (pp. 1125–1134). ACM. Retrieved from

British Computer Society. (2015). Trustee Board Regulations – Schedule 3 Code of Conduct for BCS Members. Retrieved February 1, 2017, from

Bynum, T. (2008). Computer and Information Ethics. Stanford Encyclopaedia of Philosophy.

Catapult. (2017). The Catapult Programme. Retrieved February 1, 2017, from

Chalmers, M., & Galani, A. (2004). Seamful interweaving: heterogeneity in the theory and design of interactive systems. In Proceedings of the 5th conference on Designing interactive systems: processes, practices, methods, and techniques (pp. 243–252). ACM. Retrieved from

Colesky, M., Hoepman, J.-H., & Hillen, C. (2016). A Critical Analysis of Privacy Design Strategies. In Security and Privacy Workshops (SPW), 2016 IEEE (pp. 33–40). IEEE. Retrieved from

Crabtree, A., Rouncefield, M., & Tolmie, P. (2012). Doing Design Ethnography. Springer Verlag.

CREATe. (2015, June 3). Smart Cities Resource Page. Retrieved February 1, 2017, from

Ehn, P., & Kyng, M. (1987). The Collective Resource Approach to System Design. In G. Bjerknes, P. Ehn, & M. Kyng (Eds.), Computers and Democracy: A Scandinavian Challenge. Aldershot.

Friedman, B., & Kahn, P. H. J. (2006). Human values, ethics, and design. In J. A. Jacko & A. Sears (Eds.), The human-computer interaction handbook (2nd ed.). CRC Press.

Friedman, B., Kahn, P. H. J., & Borning, A. (2008). Value Sensitive Design and Information Systems. In K. Himma & H. Tavani, The Handbook of Information and Computer Ethics. Wiley and Sons.

Friedman, B., Kahn, P. H. J., & Borning, A. (2008). Value Sensitive Design and Information Systems. In K. Himma & H. Tavani, The Handbook of Information and Computer Ethics. Wiley and Sons.

Future City Glasgow. (2017). Intelligent Street Lighting. Retrieved February 1, 2017, from

Glasgow City Council. (2017). Future City Glasgow. Retrieved February 1, 2017, from

Gotterbarn, D. (1991). Computer Ethics: Responsibility Regained. National Forum: The Phi Beta Kappa Journal, 71, 26–31.

Gotterbarn, D. (1999). How the new Software Engineering Code of Ethics affects you. IEEE Software, 16(6), 58–64.

Graham, S. (2013). The new military urbanism. In K. et al Ball, , in K Ball et al ,  accessed 1 Feb 2017 The Surveillance-Industrial Complex: A Political Economy of Surveillance. Routeledge.

Hern, A. (2017, January 4). Anti-surveillance clothing aims to hide wearers from facial recognition. The Guardian. Retrieved from

Hood, C., & Margetts, H. Z. (2007). The Tools of Government in the Digital Age. Palgrave MacMillan.

IBM. (2011, March 9). Glasgow named an IBM Smarter city [CTB10]. Retrieved February 1, 2017, from

Ihde, D. (1990). Technology and the lifeworld: from garden to earth. Bloomington: Indiana University Press.

Ihde, D. (2011). Smart? Amsterdam Urinals and Autonomic Computing. In M. Hildebrandt & A. Rouvroy (Eds.), Law, human agency, and autonomic computing: the philosophy of law meets the philosophy of technology. Milton Park, Abingdon, Oxon ; New York, NY: Routledge.

Institute of Electrical and Electronic Engineers. (2017). IEEE Code of Ethics. Retrieved February 1, 2017, from

Johnson, D. (1985). Computer Ethics. Englewood Cliffs.

Kitchin, R. (2015). Data-Driven, Networked Urbanism. SSRN Electronic Journal.

Latour, B. (1992). Where are the missing masses? The sociology of a few mundane artifacts [in] Shaping technology/building society: studies in sociotechnical change. In W. E. Bijker, J. Law, & American Council of Learned Societies (Eds.), Shaping technology/building society: studies in sociotechnical change (Vol. Inside technology, pp. 225–258). Cambridge, Mass: MIT Press. Retrieved from

Lessig, L. (2006). Code Version 2.0. Basic Books.

Luger, E., Urquhart, L., Rodden, T., & Golembewski, M. (2015). Playing the Legal Card: Using Ideation Cards to Raise Data Protection Issues within the Design Process (pp. 457–466). ACM Press.

Luhmann, N. (1995). Social systems. Stanford, Calif: Stanford University Press.

Marsden, C. T. (2011). Internet Co-Regulation: European Law, Regulatory Governance and Legitimacy in Cyberspace. Cambridge University Press.

Moor, J. H. (1985). What is computer ethics? Metaphilosophy, 16(4), 266–275.

Murray, A. (2006). The Regulation of Cyberspace: Control in the Online Environment. Abingdon: Routledge-Cavendish.

Pierce, J., Sengers, P., Hirsch, T., Jenkins, T., Gaver, W., & DiSalvo, C. (2015). Expanding and Refining Design and Criticality in HCI (pp. 2083–2092). ACM Press.

Reeves, S. (2012). Envisioning ubiquitous computing (p. 1573). ACM Press.

Reidenberg, J. (1998). Lex Informatica: The Formulation of Policy Rules through Technology. Texas Law Review, 76, 553.

SCL. (2017). The Promise and Perils of Smart Cities. Retrieved February 1, 2017, from

Selznick, P. (1985). Focusing Organizational Research on Regulation. In R. G. Noll, Regulatory Policy and the Social Science (pp. 363–367). University of California.

Sengers, P., Boehner, K., David, S., & Kaye, J. “Jofish.” (2005). Reflective design (pp. 49–58). ACM Press.

Stahl, B., Eden, G., & Jirotka, M. (2013). Responsible research and innovation in information and communication technology—identifying and engaging with the ethical implications of ICTs. Responsible Innovation, 199–218.

Stilgoe, J., Owen, R., & Macnaghten, P. (2013). Developing a framework for responsible innovation. Research Policy, 42(9), 1568–1580.

Urquhar, L., & Luger, E. (2015). Smart Cities: Creative Compliance and the Rise of “Designers as Regulators.” Retrieved May 22, 2017, from

Urquhart, L. (2016). Towards User Centric Regulation: Exploring the Interface Between IT Law and HCI. University of Nottingham.

Urquhart, L., & Rodden, T. (2016). A Legal Turn in Human Computer Interaction? Towards “Regulation by Design” for the Internet of Things (SSRN Scholarly Paper No. ID 2746467). Rochester, NY: Social Science Research Network. Retrieved from

van Gorp, A., & van de Poel, I. (2001). Ethical considerations in engineering design processes. IEEE Technology and Society Magazine, 20(3), 15–22.

Verbeek, P.-P. (2006). Materializing Morality: Design Ethics and Technological Mediation. Science, Technology, & Human Values, 31(3), 361–380.

Weiser, M. (1993). Some computer science issues in ubiquitous computing. Communications of the ACM, 36(7), 75–84.

Weiser, M. (1993). Some computer science issues in ubiquitous computing. Communications of the ACM, 36(7), 75–84.

Weiser, M., & Brown, J. S. (1997). The Coming Age of Calm Technology. In P. J. Denning & R. M. Metcalfe, Beyond Calculation (pp. 75–85). New York, NY: Springer New York.

Wilson, C., Hargreaves, T., & Hauxwell-Baldwin, R. (2015). Smart homes and their users: a systematic analysis and key challenges. Personal and Ubiquitous Computing, 19(2), 463–476.

Wright, D., & Hert, P. de (Eds.). (2012). Privacy impact assessment. Dordrecht ; New York: Springer.

  1. Article 25 EU General Data Protection Regulation 2016
  2. Framework for RRI in ICT
  3. Engineering and design used interchangeably in this paper
  4. A technology can have several stabilities, depending on the way it is embedded in a use context. Technological intentionalities, therefore, are always dependent on the specific stabilities that come about
  5. Like the script of a movie or a theatre play, artefacts prescribe their users how to act when they use them. A speed bump, for instance, has the script “slow down when you approach me” and a plastic coffee cup “throw me away after use
  6. Verbeek (2006) states “Ethics is about the question how to act, and technologies appear to be able to give material answers to this question by inviting or even exacting specific forms of action when they are used. This implies that technological mediation should play an important role in the ethics of engineering design. Designers should not only focus on the functionality of technologies but also on their mediating roles (p377).”
  7. £24m Glasgow Smart City Demonstrator funded by Innovate UK/TSB see Glasgow Future City Website (Overview) (Glasgow City Council, 2017)
  8. See all articles in Computers and Law: Special Edition on Smart Cities (2015) – based on 2015 CREATe conference chaired by Prof L Edwards – Designing Smart Cities: Opportunities and Challenges (CREATe, 2015)
  9. Article 9 GDPR (2016)
  10. Article 25 GDPR
Cite this article as: , "Ethical Dimensions of User Centric Regulation," in Orbit, 05/06/2017,
Recent Posts
Showing 2 comments
pingbacks / trackbacks
  • […] The full paper has just been published in a new journal, Orbit, that has emerged from a big EPSRC RRI project. The paper has also been nominated to be published in the ACM SIGCAS publication, Computers and Society, so hopefully, I’ll be able to link to that in due course too. […]

  • […] The full paper has just been published in a new journal, Orbit, that has emerged from a big EPSRC RRI project. The paper has also been nominated to be published in the ACM SIGCAS publication, Computers and Society, so hopefully, I’ll be able to link to that in due course too. […]

Leave a Comment

Contact Us

Please use the form below to send us an e-mail, we will respond to all e-mails as soon as possible.


Start typing and press Enter to search