LINDDUN GO cards helps teams look at their software design from a complete privacy perspective to identify potential threats. Aligned with the Privacy by Design principle, at the heart of GDPR, the cards represent the 34 most common privacy threats. The accompanying process is designed to guide you through privacy threat analysis.
They come in six suits, matching the main LINDDUN privacy threat categories of:
DISCLOSURE OF INFORMATION
How to play?
Prepare a diagram of the system you want to threat model
Take turns picking a (random) card and start identifying threats that correspond with the drawn threat type card.
Each card highlights the hotspot(s) in the system where the threat can arise and contains guidance questions to identify whether or not it is applicable to the system you are analyzing.
For more information about the game, go to https://www.linddun.org/go