“Welcome to Elastic Versailles revision 14. You look fantastic today! Elastic Versailles is here for your convenience, tailored to your needs, offering you the best in entertainment the galaxy has to offer. Win coins in our illustrious casino’s, spend coins in our luxurious and exclusive shopping facilities, play games with our friendly bots, socialize with old and new friends, and share your way to a better world!” [1]

Naked on Pluto is a Facebook-based multiplayer text adventure, integrating players’ personal data and that of their ‘friends’ as elements of a satirical and interactive work of fiction. The game calls into question the ways in which social media affect our friendships, and how social relationships have become a commodity for targeted advertising based on the huge quantities of information we voluntarily supply to social media databases – thereby literally exposing ourselves. The game was developed in 2010 as a response to the explosive growth of the market for personal data, and the role of social media in this growth. Inspired on the critical and political text-based games of the eighties, Naked on Pluto combines a playful quest to escape the watchful eye of a corrupted artificial intelligence with serious research on underlying issues of the current crisis in online privacy. This paper examines these issues, warns against the end of anonymous data, and presents the Naked on Pluto project.

We all share a great deal of information with others online. Not only voluntarily and consciously, through the public side of social media; but also unknowingly, through searching, purchasing and browsing. Furthermore, other areas of the web are endlessly being ‘scraped’ to complete the (already very detailed) profiles data brokers and profiling companies have on us. Most people are aware of the existence of the market for personal data; but how it functions, what the further implications are, and what kind of legislation is in place to protect consumers – all of this is unclear to most of us.

To some, the trade-off between personal data and free, often customised, services paid for through advertisements seems more than fair. You get as much back as you give. Convenience comes at a price. The problem is that it has become almost impossible to make such trade-offs consciously, with a clear idea of what the consequences will be. Online, it’s hard to tell when you’re leaving a private space and entering a public one. A great deal of data is harvested without the knowledge of the consumer – not only through scraping and invisible trackers, but also through privacy settings that are intentionally difficult to manage, and set by default to share everything. Furthermore, privacy policies are often incomprehensible to anyone but lawyers. And yet we can’t stop sharing. Felix Stalder explains how new forms of sociability have arisen – how, in order to be social in the networked society, we first have to make ourselves visible. In this context, privacy is not a positive right, but a possible threat to be disconnected. [2] What is the value of privacy when we rely on visibility in order to socialise?

The ‘I’ve got nothing to hide’ argument often proposed in the ‘privacy versus security’ debate, is not easily countered by a similar one-liner explaining the value of privacy. This is a more complex and abstract story. Whether we’re being watched to catch terrorists or to sell products, the aim is always to analyse in order to control. As Bruce Schneier, security technologist and author, pointed out: “Too many wrongly characterize the debate as ‘security versus privacy.’ The real choice is liberty versus control. Tyranny, whether it arises under threat of foreign physical attack or under constant domestic authoritative scrutiny, is still tyranny. Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that’s why we should champion privacy even when we have nothing to hide.” [3] Daniel Solove quotes the philosopher John Dewey, explaining how privacy as an individual right furthers the common good. It creates a space for people to breathe, by protecting against excessive intrusion (by states, companies, etc.) into our lives. [4] Privacy is social.

The so-called open Web plays an important role in the current crisis in online privacy. Celebrated for its transparency, interoperability and decentralised nature, the open Web is not just open and accessible for the benefit of all; it also happens to be extremely suitable for data harvesting, tracking, scraping, data mining, profiling and behavioural advertisement. This tendency is fuelled by (and in turn fuels) a booming industry. On the one hand, there is a genuine endeavour towards openness, motivated by a belief in the public good; on the other, there are forces driven by purely commercial goals. How to balance the two?

The free-market approach to the protection of privacy assumes self-regulation and consumer responsibility. But when there are no reasonable alternatives for consumers, when a company’s privacy policies are unclear, when third parties invisible to the consumer are involved, it becomes impossible to make informed choices; thus governments must define and enforce standards of privacy.

Within the current framework of legislation, too much trust is placed in the mere ‘stripping’ of data directly identifying a person. With more and more open datasets available, it becomes increasingly easy to de-anonymise data using matching techniques. Peekyou for instance, a ‘people search engine,’ has applied for a patent detailing a method that matches people’s real names to the pseudonyms they use on blogs, Twitter and other social networks. [5] A 2006 paper by Narayanan and Shmatikov, researching anonymity in databases, shows how vulnerable ‘high-dimensional’ data is to de-anonymisation. [6]

Compared to the rapid growth of the market for personal data, legislation to protect users from invasion of privacy is lagging eons behind. Making an ‘opt-out’ or ‘do-not-track’ option mandatory (for browsers as well as tracking and profiling companies) would be a good start. But even if the laws were brought up to speed, is it possible to properly enforce them? This would require a close inspection of the code of every single application and online service accessing a user’s personal data.

Online games are increasingly popular, while game mechanics are applied extensively in an attempt to generate the same kind of eagerness to participate as experienced during gameplay. Globally, we spend 3 billion hours per week playing online games. [7] Jane McGonigal suggests using the positive emotions experienced by gamers for the benefit of all. In her talk during TED, in February 2010, she made a strong case for using the ‘superpowers’ of gamers to solve real-world problems, and to play games that matter.

Using games to address real-world issues is nothing new. For instance, the Landlord’s Game, a precursor of the well-known Monopoly, was designed to demonstrate the economic principles of Georgism – in this case, how renting property enriches owners while impoverishing tenants. The idea of the game is to make the economic principles tangible, rather than explaining them. This function of games, generating understanding through experience rather than explanation, is what inspired the Naked on Pluto project to choose an online game as its medium.

The goal of Naked on Pluto is not to directly solve any privacy issues, but simply to make them more tangible. Seeing your own personal information, taken out of context and put in the hands of strangers, can be upsetting; and the experience of moving about in a world of constant surveillance and scrutiny, is altogether different from reading an article on privacy issues and social media. The game actively engages you and other players in the story, so that you can discover firsthand what’s going on behind the façade of this ‘brave new world'.

“I am in the Arrival lobby. There are lines of comfortable black leather benches, a spotless floor, big windows on one side, overlooking the splendid baroque architecture of the Palace, and exits to amusement and shopping facilities. It feels like I’ve just come home.” [1]

The project uses Facebook as its platform for several reasons. First and foremost is scale: Facebook, with 500 million active users (May 2011) is clearly the most popular social networking service worldwide. [8] Facebook has also done much to fuel discussions about online privacy, with its dubious policy changes and data leaks, as well as the discrepancy between the way it markets itself (open and self-regulatory) and the way it actually functions (a multi-billion-dollar business answering only to its investors). Another appealing aspect of using Facebook as a platform, is that Facebook makes it as easy as possible for anyone, without checking who and why, to access its customers’ information. What’s known as a ‘Facebook application’ is not software running on the Facebook platform; it’s software running on any server, anywhere, outside of Facebook’s control. The ‘application’ is in fact the authorisation you give to this unknown software to access your data.

Naked on Pluto was inspired by the satirical text-based games popular in the eighties. Two games were particularly thought provoking. One was Hampstead: the player starts broke and jobless, and attempts to eventually move up to one of London’s ‘posh’ suburbs through a series of professional and lifestyle decisions. The other was Bureaucracy: the player overcomes a series of red-tape obstacles resulting from a recent change of address, eventually exploring the entire universe in order to set things straight. The critical tone and humour of these games were a welcome change from the goblin and wizard-ridden text adventures popular at the time, demonstrating that games can be critical as well as entertaining.

Naked on Pluto’s satirical sci-fi atmosphere is created purely through text descriptions. The mix of personal data and fiction, combined with the use of text, appeals directly to players’ imaginations. Those who allow themselves to be immersed in this strange and destabilising world are treated to a somewhat bizarre but magnificent journey. To start playing, you simply log in using your Facebook account. When you enter the game, you find yourself on Pluto, naked as a jaybird, in a city under the rule of Elastic Versailles, a corrupted Artificial Intelligence. After buying yourself some clothes – a cowboy hat, diver’s helmet or shepherdess bonnet – you’re ready to start exploring the city.

Elastic Versailles appears to the player as a capital of convenience, a non-stop, 24/7 zone of endless pleasure. You can stroll through the palace gardens, go clubbing, or meet one of the marketing bots dedicated to making you aware of all the stuff you want to buy. There isn’t a dull moment, with plenty of visitors to talk to, some of whom you might know personally – although it’s sometimes hard to tell whether you’re dealing with a friend or a bot. Don’t worry if you accidentally find yourself in a somewhat less polished area of the city: everything is under control, as long as you return at once to the entertainment facilities.

Specialised bots such as the ‘cleaners’ keep the city tidy, putting all that has been misplaced back where it belongs, giving the city its elastic appearance. No matter what happens, everything slowly returns to its original state. Why would anyone possibly want to change things, when everything has been so excellently tailored to match your every desire? But as you progress through the game, you find out something big has happened, and as you slowly peel away the façade, you discover the true nature of Elastic Versailles.

The interface combines two formats: the classic text-based adventure game (with a prompt to type in your actions) and the multiple-feed design of social media. The player is presented with overwhelming amounts of information, making it a challenge to figure out what is important and what is not in a ‘tweet-like’ aggregation of feeds that is at once familiar and confusing.

The game requests permission from the user to access and use non-public profile information. After the start-up screen, users are prompted to log in to Facebook, after which permission is once again requested to access certain parts of their Facebook profile. [9] This requires trust in the application, which is not easily established. Paradoxically, the more often information and permission are requested, the less trustworthy the application seems. Even though the game asks for very little information, some users will find it difficult to agree; the ‘artistic’ context may give rise to the idea that the game can disturb their Facebook experience, by writing on their ‘wall’ or changing their profile information – even though this is not possible, since all permissions asked are read-only.

To make sure users understand what the application can and cannot do, the game (free software released under the AGPL license) has a very clear, short and straightforward privacy policy, explaining that the game doesn’t store any Facebook information on its servers, other than the player’s name and public Facebook ID number. All data generated during the game can be removed on request. All Facebook data used in the game is only displayed to a player locally, on his or her computer – it cannot be altered by the application, and is not stored on any server, nor shared with any other players.

The developers are currently (May 2011) working on an improved homepage, with information on any privacy concerns users might have. Furthermore, trust will have to be established through positive user experiences and by word of mouth. The project’s makers accept that when dealing with critical users, they will face the same healthy suspicion met by commercial applications. Those who do not grant permission for access to their profile, are likely to already have an informed view of the issues the game is trying to raise.

The development of the game is combined with an investigation into how exposed we are on social networks, how our data is being used, and what this ‘second life’ in databases means to us. This research is documented on the project’s blog, which contains posts on the project’s progress, technical development and background. [10] Part of the blog is the Plutonian Striptease series – more than a dozen interviews with experts, owners, users, fans and haters of social media, covering a wide variety of views on this topic. Plutonian Striptease has been continued in the form of a lecture series during the LiWoLi 2011 festival. [11]

“I am on the Farm. It looks like it was deserted a long time ago. All the windows are broken, the roof has caved in and birds have made nests on top of kitchen cabinets. There are puddles of water on the floor. It smells mouldy.” [1]

Naked on Pluto tries to raise awareness of online privacy issues through gameplay and experience, while contextualising the project through its blog. Of course, it will take more than just a game to improve the situation, but together with other endeavours aiming to raise awareness and to tackle through legislation the problems of online privacy, we can only hope that some day the game will become obsolete or unplayable, due to locked-down user data or total refusal by users to agree to grant any third-party applications access to their information. Until that day comes, the game can be played at http://naked-on-pluto.net.

Copyleft: this text is free, you can redistribute it and/or modify it according to the terms of the Free Art license 1.3