The activities of DataGame project continue to progress
Since November 2023, the DataGame consortium has been working on an educational initiative yielding more and more interesting results. As the project activities progress, we decided to share with the general public some thought-provoking insights on data protection in the field of vocational and adult education and training.
These “insights” were both drawn from our desk research as well as from some of the interviews we have already conducted throughout our research phase.
It is undeniable that we now live in a digital society where increasingly more public and private activities are conducted online. In a time before instant communication technology and cloud storage, it can be argued the necessary practices of protecting the integrity and confidentiality of private information was and straightforward—regardless of whether that information was used for business, personal, educational, political or other purpose. Today, having common knowledge and a good moral compass prove hardly sufficient to do the job. On the other hand, while large organizations, government institutions and research facilities are the driving force of technological advancement in the modern world, smaller enterprises such as adult education centres struggle to keep up with the latest technologies and the relevant enacted regulations.
In light of this, the goal of DataGame project is to provide adult education experts and decision-makers with both the knowledge and the tools required to implement the necessary data privacy and safety practices in their work that would supplement their increased administrative use of digital technologies.
While at the start of our research phase we were especially focused on finding out the needs of the EU adult education sector in terms of increasing the transparency, integrity and usability of data for its clients, and ensuring a high standard of data safety and protection, we also had to conduct interviews with cybersecurity experts to convince us that an organization’s cybersecurity precedes any application of GDPR or similar policies designed to protect user data.
In Bulgaria, for example, cybersecurity is for various reasons a topic that is largely taboo. One prominent example is the data breach in the National Revenue Agency in 2019, which exposed the personal data of millions of Bulgarian citizens. This incident highlighted the severe gaps in cybersecurity practices within national institutions and the urgent need for comprehensive reforms. What further exacerbates this issue is the ineffective and insufficient investment in education since the early 2000s, combined with the low tendency and capacity of Bulgarian SMEs to provide adequate cybersecurity training to their staff. At the same time, NSI data shows that an increasing number of people have been going into adult and professional education in the last five years, while there is also an apparent decline of graduation rates in both private and state schools. This shows both that adult education is on the rise, as well as that more focus needs to be given to ensuring decision makers and experts in the sector become better equipped to face the adversities of its growing digitalization – something that can be witnessed across all EU countries.
On the other hand, a recent incident in Greece has also underscored the importance of robust data protection measures. Greece’s data protection authority fined the interior ministry 400,000 euros for leaking the email addresses of thousands of expatriate voters in June 2023. A document containing the contact information of more than 20,000 expats who voted in a national election was forwarded to individuals outside the ministry, leading to unauthorized political emails being sent. This breach of data confidentiality highlights the critical need for secure data handling practices within government institutions. The paradox here is that the EU has already passed a vote on the minimal information security standard for government institutions, while the same regulation is yet to come into effect regarding SME’s – a growing sector in the provision of adult education nowadays.
Thus, every modern organization, as far as cybersecurity is concerned, is pressured by digitalization and globalization to at least comply with the minimum requirements clearly described in the NIMIS (Minimum Requirements for Network and Information Security) regulation. The consequences of failing to meet these minimum criteria involve data breaches, financial losses, loss of customer trust, operational disruption, intellectual property theft, as well as serious legal consequences.
For this reason we aim to deliver within the scope of the DataGame project a specialized gamified training on the best data safety and protection practices the adult education sector. The training will be made available on a free online platform built from scratch by our development team. It will become live in 2025, and will be based on in-depth research, including interviews with both experts in education and cybersecurity, primary and secondary data analysis, and an extensive collection of good practices.
Currently we have achieved a consensus that the inclusion of all employees in at least basic cybersecurity training is one such practice that precedes in importance the application of data safety and protection protocol. Failing to do this is one of the most common mistakes organizations make when it comes to ensuring their information security is up to the standard. Another one is relying on an external service provider to do the job.
Here is what you can expect from us until the end our project:
- A comprehensive online guide on data protection and cybersecurity awareness in the field of adult education, with a collection of good practices and interesting, engaging material that would make for “not just another dull guide”.
- A gamified scenario-based training covering the hottest topics in the adult education sector when it comes to data safety and protection. The training will step on the needs of decision makers and experts in the field and will be tailor made to increase their competence through set goals within a competence framework.
- An online toolbox with the best tools, gimmicks, guides etc. in the sphere of data protection and safety to support our beneficiaries in their extended learning and upskilling.
- Live piloting and dissemination events where all of the above can be experienced first-hand by our target group and anyone interested in the project results.
In partnership with die Berater (Austria), I&F (Ireland), CARDET (Cyprus), and CATRO (Bulgaria), we have set out not only to create a free, high-quality learning experience, but to raise the general awareness among European citizens of the imperativeness of being up-to-date with the latest developments in digital technology and improving our digital competence, of which cybersecurity and data protection have long been an inseparable part.
We encourage you to take part in our initiative and urge you to stay informed. We are in this together.
- Project website: https://www.datagame-project.eu/
- LinkedIn: https://www.linkedin.com/company/datagame-project/
- Facebook: https://www.facebook.com/profile.php?id=61555561276516