Self-Determination in a World of Digitalisation-Caused Complexity

There is no doubt that digitisation promotes innovation and social welfare. Consumers as well as public and other private actors associate digitisation with the innovation of products, services and even business models or, at least, with efficiency gains or comfort promises. However, particularly at the beginning of the internet, it has often been overlooked that digitisation also entails new social risks and leads to an enormous increase in the complexity of our “digitised” social systems. The novel nature of such risks and the increase in complexity result from the progressive connection of these systems and their increasing (and increasingly non-linear) dynamics of development.

One consequence of this is that it is becoming more and more difficult for the respective actors to recognise these risks in good time and to clearly assign the responsibilities for risk control among each other. This applies to companies operating in the private sector, to citizens (in their roles as consumers, voters, patients, etc.), as well as to government authorities and legislators. A well-known example of such uncertainty is the current practice of data protection law, in particular, the EU General Data Protection Regulation.

Against this background, the aim of our research program is to develop mechanisms, tools and concepts that help the various actors to better identify or understand the risks, to assign responsibilities more clearly and control the identified risks more effectively and efficiently as well as, as a consequence from this, to better exploit the advantages of digitisation-caused innovation. To this end, we structure our projects along the following research clusters:


We apply the findings and methods of our interdisciplinary research approach also to various projects in practical contexts. For example, together with regulators (e.g. the legislator or public administration), economic enterprises and citizens, we apply interdisciplinary and interactive formats to better understand complex real world problems (like data protection) and explore innovative regulatory, economic or social solutions. Beside many interdisciplinary hackathons, one example is our educational game “Admins & Hackers”, which we use for training purposes in our university teaching but also for further education of citizens as well as employees within companies.


Selected publications and events:

  • Paper: "Effective regulation through design - Aligning the ePrivacy Regulation with the EU General Data Protection Regulation (GDPR): Tracking technologies in personalised internet content and the data protection by design approach"
  • Exploring the "Design" in "Privacy" by design. CPDP2018 Computer, Privacy and Data Protection. Les Halles de Schaerbeek, Brussels, Belgium: 24.01.2018
  • Grafenstein, M. v., et al. (2018). Nudging: Regulierung durch Big Data und Verhaltenswissenschaften.
  • Launch of the new board game: Admins and Hackers. CPDP 2020 Computer, Privacy and Data Protection Conference. Area42, Brussel, Belgium: 23.01.2020
  • Rogers, J. et al. (2019). Our Friends Electric – Reflections on Advocacy and Design Research for the Voice Enabled Internet. ACM CHI Conference on Human Factors in Computing Systems.
  • Jakobi, Timo, et al. "Evolving needs in iot control and accountability: A longitudinal study on smart home intelligibility." Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 2.4 (2018): 1-28.
  • Jakobi, Timo, et al. "It is about what they could do with the data: a user perspective on privacy in smart metering." ACM Transactions on Computer-Human Interaction (TOCHI) 26.1 (2019): 1-44.
  • Ulbricht, L. & Grafenstein, M. v. (2016). Big data through the power lense: marker for regulating innovation. Internet Policy Review.

Seleted cooperation partners:


Selected partner institutions:


CVs of the scientists involved: