While more and more micro and small enterprises are engaged in online business activities, it can be rather difficult for them to know all relevant aspects of cybersecurity, data protection, and privacy. Often the manpower is lacking in smaller businesses to be completely safe. “GEIGER” is a project that aims to bring resources to these smaller businesses, for them to become aware of risks and help reduce them. Additionally, they aim to create an ecosystem where employees learn about these things and can bring their knowledge directly to the companies. This project focused on data privacy.

This project had two deliverables. Ten additional “Self-Assessment” questions and a Moodle quiz to let students learn about the GDPR. For this, we first made an analysis of the GDPR and looked at other already existing quizzes. Then we started creating the stories for the quiz. The goal was to have five stories with each having three sub-stories. For this, we bundled topics together with fitting thematic and unofficially consulted a data protection officer. We then looked at studies on how to efficiently create quizzes and finally tested them with the help of friends and family.

The value of the project comes from the ten “Self-Assessment” questions that can give business owners a more direct view of the areas in which they should and could improve. It also comes from the five “Main-Stories” and the corresponding three “Sub-Stories” which resulted in a total of 20 Moodle questions in a quiz that helps students not only to improve their knowledge of the facts but also to understand their application through realistic scenarios. The presentation of realistic cases promotes an understanding in the trainees so that they can consistently draw parallels to their own everyday work and private lives. The way question structure changes between questions and the way questions are structured allow students not to learn how to complete the quiz but to learn about components of the GDPR and how they are applied. Also failing a question is not too bad since there will be additional information shown that helps students understand the concepts. This helps them when they bring this knowledge to their own place of employment, where they can apply their learnings directly. This also helps these companies with increased security when dealing with personal information.