Speculative Harms and Anti-Goals

Most risk review is project-centric: premortems, risk registers, and launch checklists all ask whether the plan survives. They are structurally blind to the harms that arrive precisely when the plan succeeds - when the feature ships, works as designed, and reaches scale, and in doing so externalizes harm onto people who never chose to be users, or hands a weapon to someone who exploits it on purpose. Speculative harms and anti-goals exists to reach those harms. It assumes success, narrates the concrete near-future in which that success hurts people, casts the third-party victims and the bad-faith misuse actors (the stalker, the scammer, the data broker, the abusive ex, the authoritarian buyer), and then converts each speculated harm into an anti-goal: a named outcome the design commits to prevent, carried as a standing constraint on what the product must never do, enable, or optimize for.

The durable move is not the dystopian story. It is the success anchor (not failure), the cast of non-users and exploiters (not the project team), and the binding of each harm into a design constraint (not a monitoring control). The output is an anti-goals register: per harm, the narrative in brief, the harmed parties, the misuse actor and pathway, the anti-goal it implies, and the design implication that operationalizes it. The popular framings are called “Black Mirror brainstorms” and the “Black Mirror Writers Room”; the skill ships de-branded, because “Black Mirror” is a trademark of the television series’ rights holders, and the move itself is community design-ethics practice (Mauldin 2018; Fiesler’s writers-room exercise, studied by Klassen and Fiesler 2022).

When to Use

A feature’s success case could externalize harm: recommendation and ranking systems, location and presence features, data collection and inference, targeting, content amplification, or automation applied to vulnerable populations.
The team’s risk apparatus is entirely project-centric and nobody has yet asked who outside the customer relationship gets hurt, or who would weaponize the feature on purpose.
Abstract ethics principles are failing to bite, and a concrete narrative is needed to make harms specific and discussable.
The decision is consequential and hard to reverse, and the anti-goals produced will actually be bound into requirements, acceptance criteria, or a review gate.

When NOT to Use

Do not use it for project-survival risk. “Will this plan fail, and why?” is think-premortem. Running dystopian speculation to find schedule, market, and execution risk produces lurid stories and misses the boring causes. Route plan-survival risk to the premortem.
Do not use it for harms that are already present and documented. Speculation is for harms that have not happened yet. If users are being hurt now, the job is incident analysis and remediation, not fiction. This is the method’s own documented failure mode (Fiesler’s “case and caution”): speculation can foreground distant, cinematic dystopias while the mundane harms of the current release go unexamined. Pair it with present-tense methods, or skip it.
Do not use it on trivial or fully reversible decisions. The method will manufacture dystopian gravity for a button color. A two-way-door triage belongs upstream of it.
Do not run it if the anti-goals will never be bound into the design. An anti-goals register that no requirement, acceptance criterion, or review gate ever references is ethics theater - the same wall the premortem draws against rituals that bless a decision already made.
Do not use it for complete adversarial-coverage assurance. Narrative speculation is an elicitation device, not an enumeration guarantee. The nearest controlled cousin found a structured decomposition (attack trees) identified more threats than narrative misuse cases (Opdahl and Sindre, 2009). Where systematic security coverage matters, use structured threat modeling; this method is at best its warm-up.
Do not use it to produce a compliance artifact. An algorithmic impact assessment or formal harm audit is governance process work, not a thinking move, and belongs to a governance toolkit, not this library.

Instructions

When asked to stress-test a design for the harms that coexist with its success, follow these steps:

State the focal design and the success anchor. In one line, name the product, feature, or decision under examination, and assume it succeeds - it ships, works as designed, and reaches scale. The whole method runs off this anchor; if the real worry is the plan failing, stop and route to think-premortem.
Narrate the dystopian near-future. Write the concrete, specific story in which that success harms people: how did the good intention go wrong at scale, and what does the harm look like in a single vivid scene. Keep it near-future and plausible, not far-fetched science fiction - the documented failure mode is drifting to the cinematically distant while present harms go unexamined.
Cast the harmed parties, including non-users. Name who is hurt, with explicit attention to people who never chose to be users (the person located by someone else’s app, the population a model infers about, the bystander surfaced by content amplification).
Ask the misuse-actor question. For each harm, ask who exploits the system in bad faith - the stalker, the scammer, the data broker, the abusive ex, the authoritarian buyer - and name the concrete pathway by which they weaponize the feature. This is the method’s sharpest single prompt; do not skip it.
Convert each harm into an anti-goal. Bind every speculated harm into a standing design constraint: a named outcome the design commits to prevent, phrased as what the product must never do, enable, or optimize for (“never make location visible by default”; “the product must not let a third party reconstruct someone’s schedule”).
Operationalize each anti-goal as a design implication. For each anti-goal, name the requirement, acceptance criterion, default setting, or review gate it becomes. An anti-goal with no design implication is not yet bound, and an unbound register is theater.
Name where each anti-goal will live. State explicitly where in the requirements, backlog, or review process each anti-goal is carried forward, so the register binds into the design rather than sitting beside it.
Emit the anti-goals register artifact per references/TEMPLATE.md, carrying the pre-printed evidence caveat (tier A, transferred from human studies) by construction.

Output Format

Use the template in references/TEMPLATE.md. The deliverable is the filled anti-goals register - the focal design and success anchor, then one row per speculated harm carrying the narrative, the harmed parties, the misuse actor and pathway, the anti-goal, and the design implication - plus the binding line and the evidence caveat. It is not a prose essay and not a ranked risk list.

Quality Checklist

Before finalizing, verify:

The focal design and the success anchor are stated in one line, and the harms narrated are ones that coexist with success - not ways the plan fails.
At least one harm is narrated concretely (a specific near-future scene), not abstractly, and the narration stays near-future rather than drifting to the cinematically far-fetched.
The harmed parties are named, with explicit attention to non-users (people who never chose to use the product).
The misuse-actor question is asked for the adversarial harms: who exploits this in bad faith, and by what concrete pathway.
Every speculated harm is converted into an anti-goal - a standing constraint on what the product must never do, enable, or optimize for - not into a mitigation, tripwire, or kill criterion.
Every anti-goal has a design implication (a requirement, acceptance criterion, default, or review gate) and a stated home in the requirements - the register is bound, not theater.
The output is the anti-goals register artifact, not prose.
No overclaiming: the evidence is anecdotal (tier A) and transferred from human classrooms and workshops; claim a harm-elicitation aid that forces a discipline, never a measured improvement in harm anticipation or a security-coverage guarantee (see evidence/dossier.md).

Evidence

Tier A (anecdotal; governing). Speculative harms and anti-goals is a real, named, documented design-ethics practice with case accounts (Mauldin 2018, UX Collective, names the anti-goals conversion) and one peer-reviewed qualitative study of its classroom use (Klassen and Fiesler 2022, SIGCSE, 12 instructors). What the record does not contain is any controlled, comparative, or outcome study showing that dystopian narration improves harm anticipation, design decisions, or anything measurable - not for this method, and not for any of its genre siblings (Consequence Scanning, Judgment Call, Tarot Cards of Tech, Ethical OS). The strongest study measures instructor perceptions of a teaching exercise, not whether teams ship safer products, and it candidly records the method’s own failure modes. The nearest controlled evidence is a caution: Opdahl and Sindre (2009) found a structured decomposition (attack trees) identified more threats than narrative misuse cases, so where systematic coverage matters the narrative format underperforms. All evidence is transferred from human classrooms and workshops; nothing studies an AI agent running the move, and the engagement and de-inhibition benefits the pedagogy literature describes are human social dynamics an agent does not have. What plausibly transfers is the structural prompt set (assume success, cast the victims and exploiters, convert to constraints), not the documented benefits. The skill ships honestly flagged at A: the value is that it forces the discipline and produces a bound, inspectable artifact, not any outcome claim. Full grading, sources, and the honest demotion case (a maintainer could defensibly fold this into think-premortem): evidence/dossier.md.

Examples

See references/EXAMPLE.md for a completed anti-goals register on a real decision.

Deep dive: worked example

A full worked run (the shared Northwind scenario)

Anti-Goals Register - Worked Example

A completed run of the speculative-harms-anti-goals skill on a real, consequential decision. This is the quality bar a generated anti-goals register should meet.

Uses the shared recurring scenario (Northwind, a B2B SaaS weighing a self-serve free-tier launch) so examples across skills read as one coherent product. Where think-premortem imagines the free-tier launch failing and reasons back to causes, and think-futures-wheel traces the ripples of the launch on Northwind itself (support load, MRR, comp), this skill assumes the launch succeeds - millions of self-serve signups, viral adoption - and asks who outside Northwind’s customer relationship that success harms, and who weaponizes the open product on purpose. See docs/internal/AUTHORING.md.

Evidence caveat (ships with the artifact by construction). This register is the output of an anecdotal-tier (A) design-ethics practice. There is no controlled or comparative evidence that dystopian narration improves harm anticipation, for this method or any of its genre siblings; the strongest study measures instructor perceptions of a teaching exercise, not whether teams ship safer products. All evidence is transferred from human classrooms and workshops - nothing studies an AI agent running the move. Treat this register as a structured elicitation that forces a discipline, NOT as a complete harm inventory and NOT as a security-coverage guarantee. The value is in the bound constraints, not in a count of harms found.

Focal design and success anchor

Focal design: Northwind’s self-serve free tier - open signup with no sales contact, a generous free plan, and built-in sharing and collaboration so individual users invite teammates and external contacts.
Success anchor: It works. Sign-up friction collapses, the product spreads bottom-up through teams and across company boundaries, and Northwind reaches millions of free accounts including many that Northwind never vetted, onboarded, or spoke to. The harms below are the ones that arrive because of that reach, not ways the launch flops.
Why this method (not a premortem): The worry here is not whether the free tier fails to convert - that is a premortem. The worry is that an open, frictionless, sharing-heavy product at scale becomes a tool for harm against people who never signed up. A premortem cannot see this, because the plan did not fail.

Anti-goals register

#	Harm narrative (a concrete near-future scene)	Harmed parties (incl. non-users)	Misuse actor and pathway	Anti-goal (the design must never …)	Design implication (requirement / default / gate)
1	An abusive ex creates a free account, adds his former partner’s work email to a “shared workspace,” and uses the activity feed and last-seen indicators to track when she is online, what she is working on, and who she collaborates with. The free tier made the surveillance free and invisible.	The named non-user being added and surveilled (never a Northwind customer); anyone added to a workspace without consent.	Abusive ex / stalker. Pathway: unilateral add-to-workspace plus presence and activity signals exposed to everyone in the workspace by default.	…expose a person’s presence, activity, or last-seen state to anyone who unilaterally added them, or let a person be added to a shared space without an accept step.	Invite-accept required before any activity is shared; presence and last-seen off by default and per-user controllable; an added person can see who added them and leave or block. Lands as acceptance criteria on the sharing flow + a privacy-defaults review gate.
2	A data broker scripts thousands of free signups to scrape the public directory of workspaces and member profiles, assembling a cross-company graph of who works with whom and selling it as a sales-intelligence and “org chart” product. Northwind’s open signup is the supply.	Every user whose profile and relationships are enumerated; the companies whose internal structure is reconstructed; non-users mentioned in shared content.	Data broker / scraper. Pathway: automated mass signup plus enumerable directory and member endpoints with no rate or access control on the free tier.	…let a third party enumerate or reconstruct the membership, relationship graph, or internal structure across workspaces from free-tier access.	No cross-workspace directory enumeration; member and profile endpoints scoped to a single accepted workspace; rate-limiting and bot defenses on signup and directory reads. Lands as a platform-abuse requirement + an API access-scope spec.
3	A scammer uses free accounts to send Northwind-branded “shared with you” invitations to harvested email lists, riding Northwind’s trusted sending domain and onboarding emails as a phishing delivery channel that recipients trust because they look like a real product invite.	Non-user recipients of the phishing invites; Northwind’s other users whose trust in real invites erodes; Northwind’s sending reputation.	Scammer / phisher. Pathway: free account + invite-anyone-by-email with Northwind-branded templates and no send limits or content checks.	…let an unvetted free account send Northwind-branded messages to arbitrary external addresses at volume, or make a malicious invite indistinguishable from a legitimate one.	Per-account invite rate limits with progressive trust; external-invite content scanning; a clear “anyone can send this” provenance signal in invite emails; abuse reporting on invites. Lands as an anti-abuse requirement on the invite service.
4	An authoritarian-aligned buyer adopts the free tier across an organization specifically to monitor and document the affiliations of employees and the activist groups they coordinate with, using the same collaboration graph that makes the product valuable. Northwind’s success made it a ready-made surveillance substrate.	Activists and employees whose affiliations are documented; vulnerable populations a hostile administrator can map.	Authoritarian / hostile-admin buyer. Pathway: workspace-admin visibility into all member content and relationships, designed for legitimate IT administration, repurposed for surveillance.	…give a workspace administrator silent, total visibility into member content and relationships with no member-facing transparency or limits on bulk export.	Admin-access transparency (members can see what admins can see and when content is accessed); limits and logging on bulk export; a documented data-access posture. Lands as an admin-capability requirement + a transparency review gate.
5	Northwind’s recommendation feature, optimized for engagement, learns to surface the most active and visible users and quietly buries the contributions of less-active members, so a clique’s view of “who matters” hardens and quieter contributors (often the same under-represented people) are rendered invisible across thousands of teams.	Quieter and under-represented contributors across the user base; non-users whose work is mediated through these teams.	Non-adversarial externality (no bad actor; the harm is the optimization target itself at scale).	…optimize a “who matters / what is important” surface for engagement in a way that systematically suppresses lower-activity or under-represented contributors.	Recommendation surfaces audited for activity-bias and suppression effects before launch; a non-engagement fairness criterion in the ranking spec. Lands as an acceptance criterion on the recommendation feature + a pre-launch bias audit.

Anti-goals (consolidated)

The standing design constraints this register commits Northwind to, regardless of how the launch performs:

Anti-goal 1: The product must never expose a person’s presence or activity to anyone who unilaterally added them, and must never add a person to a shared space without an accept step.
Anti-goal 2: The product must never let a third party enumerate or reconstruct membership and relationships across workspaces from free-tier access.
Anti-goal 3: The product must never let an unvetted free account send Northwind-branded messages to arbitrary external addresses at volume.
Anti-goal 4: The product must never give an administrator silent, unlimited visibility and bulk export over member content and relationships.
Anti-goal 5: The product must never optimize a “who matters” surface for engagement in a way that suppresses lower-activity or under-represented contributors.

Binding line (where these live - not theater)

Each anti-goal is carried forward, not left beside the design: anti-goals 1 and 3 become acceptance criteria on the sharing and invite flows in the free-tier PRD; anti-goal 2 becomes a platform-abuse requirement and an API access-scope spec owned by the platform team; anti-goal 4 becomes an admin-capability requirement plus a standing item on the privacy-defaults review gate that every free-tier release must pass; anti-goal 5 becomes an acceptance criterion on the recommendation feature plus a pre-launch bias audit. The privacy-defaults and admin-transparency review gate is the single checkpoint where all five are verified before the free tier ships. If these cannot be bound into the free-tier requirements, that is a signal this run was premature and the launch is not ready for the open motion.

What this register is not

Not a premortem. It did not look for ways the free-tier launch fails to convert; it assumed it succeeds and found who that success harms outside the customer relationship.
Not an incident analysis. Every harm here is speculative and forward-looking. If Northwind already had a stalking or scraping incident on the books, that belongs in incident analysis and remediation, not in this fiction.
Not a security threat model. Five narrated harms are an elicitation, not an enumeration of the abuse surface. A structured decomposition would find more (Opdahl and Sindre, 2009); this register is the warm-up that motivates building one for the highest-stakes anti-goals.

Note how this differs from its neighbors on the same Northwind decision. The think-premortem example assumes the launch failed and reasons back to internal causes (the project’s risk). The think-futures-wheel example traces the consequences of launching on Northwind itself (support, MRR, comp). This register assumes the launch succeeds wildly and asks who outside Northwind that success harms - including people who never signed up - and who weaponizes the open product on purpose, then binds each harm into a constraint on what Northwind’s product must never do. The deliverable is a set of standing design refusals, not a failure analysis and not a consequence map.

Grounding: the full evidence dossier

What the research does and does not show, with graded sources

Evidence Dossier: Speculative Harms and Anti-Goals

The single source of truth for the speculative-harms-anti-goals skill. The SKILL.md, the sidecar (skill.meta.yml), and the eval cases all derive from this file. If a claim is not here, it does not belong in the skill. Reformatted from the vetted proposal dossier (_local/proposed-builds/speculative-harms-anti-goals/dossier.md) and admitted as a Build at the governing tier A. The honest low grade with a hard When NOT wall is the product, not a dressed-up grade.


Skill	`thinking-framework-skills.speculative-harms-anti-goals` (installable name `think-speculative-harms-anti-goals`)
Family	ethics-values-deliberation
Evidence tier	A governing (anecdotal: documented practice plus one qualitative perception study; no controlled outcome evidence anywhere - see “What the evidence shows”)
Confidence	Low that dystopian narration measurably improves harm anticipation, design decisions, or any outcome; the move ships as a structural elicitation prompt, not a validated method
Status	draft (admitted from the v0.7.0 phase-2 ethics tranche; the closest-run Build in the batch, recorded honestly)

1. The mechanism (what actually does the work)

Speculative harms and anti-goals stress-tests a product, feature, or decision by assuming it succeeds - it ships, works as designed, and reaches scale - and then narrating the concrete near-future in which that success harms people. The narration is deliberately dystopian and specific, in the mold of a television episode pitch (the popular framings are literally called “Black Mirror brainstorms” and the “Black Mirror Writers Room”): how did the good intention go wrong, who is harmed (including people who never chose to be users), and crucially, who exploits the system in bad faith - the stalker, the scammer, the data broker, the abusive ex, the authoritarian buyer. The closing move converts each speculated harm into an explicit anti-goal: a named outcome the design commits to prevent, carried forward as a standing design constraint with its design implication (“never make location visible by default”; “the product must not let a third party reconstruct someone’s schedule”).

The method has two working components, and both matter for placement:

Success-anchored harm and misuse projection. Unlike failure-anchored methods, the generative question is not “why did our plan die?” but “our plan thrived - who paid for that, and who weaponized it?” The cast is third parties and bad actors, not the project team, and the harms speculated are precisely the ones that coexist with product success.
The anti-goal conversion. Each harm narrative is bound into a constraint on the design itself - what the product must never do, enable, or optimize for - rather than into project risk controls (mitigations, tripwires, kill criteria) that monitor whether the plan is surviving. Joshua Mauldin’s 2018 treatment states this outcome explicitly: “the outcome of this exercise is to more clearly define our anti-goals.”

The durable cognitive move is success-anchored third-party-harm and misuse projection converted into anti-goals: assume the design works at scale, generate the harms that coexist with that success (including harms inflicted through deliberate bad-faith exploitation by named actor types), then bind each into a standing design constraint.

The output is an anti-goals register: for each speculated harm, the harm narrative in brief, the harmed parties, the misuse actor and pathway (if the harm is adversarial), the anti-goal it implies, and the design implication that operationalizes it.

2. Lineage

The method braids two traditions. The narrative spine is design fiction and speculative design: Julian Bleecker’s 2009 Near Future Laboratory essay coined design fiction, and Anthony Dunne and Fiona Raby’s Speculative Everything (MIT Press, 2013) established speculation as a design stance. The ethics-classroom branch belongs to Casey Fiesler (University of Colorado Boulder, Internet Rules Lab), whose Black Mirror Writers Room exercise (written up in 2018 with an explicit “case and caution” framing) became a widely used computing-ethics teaching device and the subject of the field’s one peer-reviewed study, by Shamika Klassen and Fiesler (SIGCSE 2022). The product-practice branch is Joshua Mauldin’s 2018 UX Collective exercise, which contributed the anti-goals conversion this entry is named for. The surrounding harms-envisioning genre is worth reading for contrast: Doteveryone’s Consequence Scanning (2019), Microsoft’s Judgment Call game (Ballard, Chappell and Kennedy, DIS 2019), Artefact’s Tarot Cards of Tech (2018), and the Ethical OS toolkit (Institute for the Future and Omidyar Network, 2018). The security cousin with the actual experimental literature is the misuse case line (Guttorm Sindre and Andreas Opdahl; abuse cases from John McDermott and Chris Fox, ACSAC 1999).

On naming: “Black Mirror” is a trademark of the television series’ rights holders, which is why this entry ships de-branded as speculative harms and anti-goals. The exercise itself is community design-ethics practice, not a proprietary method; the attribution credits Mauldin and Fiesler as courtesy, and the trademark is carried honestly rather than used.

3. What the evidence shows, and what it does NOT show

The honest grade is A (anecdotal): a real, named, documented practice with case accounts and a peer-reviewed qualitative study of its classroom use, but no controlled or comparative evidence anywhere that it improves harm anticipation, design decisions, or anything else measurable.

What the record supports. The method exists as a named, teachable practice with verifiable treatments. Mauldin (2018, UX Collective) lays out the product-design exercise end to end - brainstorm the misuse, write the quotes and plot points, poster the dystopia - and names the anti-goal conversion as its outcome, motivating it with real incidents (Target’s pregnancy-prediction coupons; Facebook’s Year in Review surfacing a dead child to a grieving parent). Fiesler’s Black Mirror Writers Room is an established computing-ethics teaching exercise; Klassen and Fiesler (2022, SIGCSE) interviewed 12 instructors who had run it and documented its perceived benefits - engagement, concreteness, permission to discuss harms - alongside real cautions. The method has method-catalog standing (the UXP2 lab’s Ethics-Focused Methods collection; a chapter in Universal Methods of Ethical Design). And it sits inside a verifiable genre of harms-envisioning practice: Doteveryone’s Consequence Scanning (2019), Microsoft’s Judgment Call game (Ballard, Chappell and Kennedy, DIS 2019, validated only by two qualitative industry workshops), Artefact’s Tarot Cards of Tech, and the Ethical OS toolkit (2018). The genre is real; teams demonstrably run these exercises.

What the record does NOT support. No controlled, comparative, or outcome study tests whether dystopian narration improves harm anticipation - not for this method, and not for any of its genre siblings. Klassen and Fiesler (2022) is the strongest study in the area and it measures instructor perceptions of a teaching exercise, qualitatively, in a pedagogy context; it says nothing about whether teams that run the exercise ship safer products, and it candidly records failure modes (speculation drifting to the far-fetched, centering imagined futures over present harms). Counting the genre’s breadth toward the grade would be cousin-laundering; it is not counted. The grade is A rather than P because the practice is young (2018 onward), scattered, and its named treatments are practitioner essays plus a perception study - not the decades of documented professional case application that earn a practitioner grade. It is A rather than C because the use is real and documented, not merely conceptual.

The nearest controlled evidence, explicitly not counted. Security requirements engineering has a genuine experimental literature on its sibling move, misuse-case elicitation: Opdahl and Sindre (2009) ran two controlled experiments (28 and 35 participants, Latin-squares design) comparing attack trees against misuse cases for security threat identification, and found attack trees identified more threats. This measures a different move (security threat elicitation from narrative use-case inversion) in a different domain (system security, not societal harm), so it cannot raise this entry’s grade - and its direction is a caution for this method, not support: the narrative format underperformed a structured decomposition on coverage. Where systematic adversarial threat coverage matters, structured threat modeling beats storytelling, and this method is at best its warm-up.

Excluded figures (required). No effect size or percentage is claimed for this method anywhere in the located sources; the write-ups are qualitative. There is no widely-quoted statistic to exclude, and any “improves harm anticipation by N%” framing would trace to no primary source and could not move the grade.

4. Transferred-evidence flag (required honesty for this library)

Every piece of evidence above is from human classrooms and workshops. Nothing studies an AI agent running speculative harm narration, and the de-inhibition and engagement benefits the pedagogy literature describes are human social dynamics an agent does not have. What plausibly transfers is the structural prompt set (assume success, cast the victims and exploiters, convert to constraints), not the documented benefits. The evidence is transferred from human contexts and not validated for AI-augmented use, which independently caps any claim. The skill ships honestly as an A-tier harm-elicitation aid: it makes the move cheap to run and forces a real discipline (the success anchor, the third-party and misuse cast, the anti-goal conversion, the binding into requirements), benefits that do not depend on any outcome claim because none exists.

5. When it works / when it fails (drives the eval negative cases and “When NOT to Use”)

Works best when:

A feature’s success case could externalize harm: recommendation and ranking systems, location and presence features, data collection and inference, targeting, content amplification, automation applied to vulnerable populations. These are exactly the harms a project-centric risk review never reaches, because the project is doing fine while they happen.
The team’s risk apparatus is entirely project-centric (premortems, risk registers, launch checklists) and nobody has yet asked who outside the customer relationship gets hurt, or who would weaponize the feature on purpose. The misuse-actor question (“who exploits this in bad faith?”) is the method’s sharpest single prompt.
Abstract ethics principles are failing to bite. The documented pedagogical value (Klassen and Fiesler 2022) is that concrete narrative makes harms discussable and specific where a principles checklist stays vague.

Fails or misleads when (poor-fit / anti-patterns):

The real question is project survival. “Will this plan fail, and why?” is a premortem; running dystopian speculation to find schedule, market, and execution risk produces lurid stories and misses the boring causes. Route to think-premortem.
The harms are already present and documented. Speculation is for harms that have not happened yet. If users are being hurt now, the job is incident analysis and remediation, not fiction - and this is the method’s documented failure mode: Fiesler’s own “case and caution” framing warns that speculation can foreground distant, cinematic dystopias while the mundane harms of the current release go unexamined. Pair it with present-tense methods, or skip it.
The stakes are trivial or the decision is fully reversible. The method will manufacture dystopian gravity for a button color. A two-way-door triage belongs upstream of it.
The anti-goals are never bound into the design. An anti-goals register that no requirement, acceptance criterion, or review gate ever references is ethics theater - the same wall premortem draws against rituals that bless a decision already made.
Complete coverage of an adversarial threat surface is the need. Narrative speculation is an elicitation device, not an enumeration guarantee. The nearest controlled cousin found that a structured decomposition (attack trees) identified more threats than narrative misuse cases (Opdahl and Sindre 2009), so where systematic security coverage matters, structured threat modeling beats storytelling.
A compliance or assurance artifact is the deliverable. An algorithmic impact assessment or formal harm audit is governance process work, not a thinking move; that need belongs to a governance toolkit, not this library.

6. Why it is a skill here (distinctness)

Verdict: Build, confirming the registry’s preliminary cand / build / A tag of 2026-06-11 after adversarial vetting. This is the closest-run call in the ethics-family batch, and this dossier records the demotion case honestly.

The distinct move is success-anchored third-party-harm and misuse projection converted into anti-goals. Two elements of that move exist nowhere in the shipped catalog: the misuse-actor question (no shipped skill asks “who exploits this in bad faith?”) and the anti-goal artifact (no shipped skill emits design constraints on what the product must never do or enable).

The closest shipped skill is premortem, and the overlap is real but bounded. Both run a prospective-narration engine (imagine a concrete bad future, enumerate, convert to pre-committed responses), and the wild alias “dystopian premortem” exists precisely because practitioners feel the kinship. The wall: premortem’s declared anchor is the plan’s failure (“it is six months out; this plan has failed badly”), its cast is the project, and its conversion emits project risk controls - mitigation, tripwire, owner, kill criterion - that monitor whether the plan survives. A product that succeeds wildly while immiserating non-users is structurally invisible to a premortem: the plan did not fail, so there is no failure to explain. To make premortem produce an anti-goals register you must replace its anchor (success for failure), its cast (third-party victims and misuse actors for the project team), its generative question (who is harmed and who profits, for why did we die), and its artifact (design constraints for monitoring controls) - at which point you are running this method inside premortem’s shell. The registry’s own pre-parade precedent sharpens the line: catastrophic-success mapping folds into premortem because it changes only the anchor while keeping premortem’s project-centric cast and register; this method changes the anchor, the cast, the question, and the artifact.

The other neighbors are farther. futures-wheel traces consequences neutrally - no success anchor, no victim cast, no misuse actor, no normative conversion. boundary-critique names the affected-but-excluded, sharing the who-is-outside-the-frame instinct - but it audits the present frame’s inclusion judgments and emits an audit, with no future speculation, no misuse pathway, and no constraint conversion. red-team-light attacks the argument for a proposal; this method attacks the deployed artifact through its misuse surface. Among the batch siblings, ethical-matrix is the complementary analytic move (a present-impact grid of stakeholders against principles; no narrative, no future, no adversary) and veil-of-ignorance-reasoning imposes an impartiality constraint on a judgment already in hand - neither generates harm scenarios. The recipe test fails for the same reason the folds do: a futures-wheel-then-boundary-critique-then-premortem chain still never asks the misuse-actor question and still has no skill that can emit an anti-goal.

The honest demotion case, recorded. The shared prospective-narration engine with premortem sits near the library’s roughly-20-percent overlap ceiling, the “dystopian premortem” alias exists in the wild, and a maintainer who weighs the engine more heavily than the cast and artifact could defensibly fold this into premortem as a harms mode. The vetting judges the distinct elements (misuse actor, anti-goal artifact, success-coexistent harms) to be the load-bearing majority of the mechanism, but this is the closest call in the family batch and the entry does not pretend otherwise. Because premortem is shipped, that fold is available to the maintainer without further work.

Family placement. ethics-values-deliberation is the right home: the generative question is normative through and through (whose harm counts, who is owed protection, what the design must refuse to do), which is what separates it from the risk family’s project-survival frame. The fallback home would be risk-failure-and-resilience as premortem’s third-party complement, but fold pressure from premortem rises in that placement.

7. Output artifact

The skill must emit an anti-goals register, not prose: the focal design and the success anchor stated in one line; for each speculated harm a row carrying the harm narrative in brief, the harmed parties (including non-users), the misuse actor and pathway where the harm is adversarial, the anti-goal it implies (a standing design constraint on what the product must never do or enable), and the design implication that operationalizes it (the requirement, acceptance criterion, or review gate the anti-goal becomes). The register carries a pre-printed evidence caveat by construction (tier A, transferred from human studies), and a binding line that names where each anti-goal will live in the requirements - because an unbound register is ethics theater.

8. Sources

Joshua Mauldin, “Black Mirror brainstorms - a product design exercise,” UX Collective (2018). The product-design treatment: brainstorm misuse, dramatize it, and “more clearly define our anti-goals.” Practitioner essay; qualitative, motivated by real incidents. (A)
Shamika Klassen and Casey Fiesler, “‘Run Wild a Little With Your Imagination’: Ethical Speculation in Computing Education with Black Mirror,” SIGCSE 2022. Qualitative interview study of 12 instructors who used the writers-room exercise; documents perceived pedagogical benefits and cautions. Measures perceptions in a teaching context, NOT harm-anticipation or decision outcomes. (A, the strongest direct evidence)
Casey Fiesler, “The Black Mirror Writers Room: The Case (and Caution) for Ethical Speculation in CS Education,” CUInfoScience on Medium (2018). The exercise’s origin write-up, including the displacement caution this dossier carries into the When NOT wall. Practitioner / pedagogical. (A)
Doteveryone, “Consequence Scanning: an Agile event for responsible innovators” (2019). The sibling practitioner method (intended/unintended/positive consequences, then act categories); evidence of the genre’s real-world adoption, not of outcomes. Not counted toward the grade. (A)
Stephanie Ballard, Karen M. Chappell and Kristen Kennedy, “Judgment Call the Game: Using Value Sensitive Design and Design Fiction to Surface Ethical Concerns Related to Technology,” DIS 2019. Microsoft’s design-fiction ethics game; validated by two qualitative industry workshops. Genre sibling; not counted toward the grade. (A)
Andreas L. Opdahl and Guttorm Sindre, “Experimental comparison of attack trees and misuse cases for security threat identification,” Information and Software Technology 51(5): 916-932 (2009). Two controlled experiments (28 and 35 participants, Latin squares); attack trees identified more threats than narrative misuse cases. The nearest controlled cousin - different move, different domain, direction cautions against assuming narrative superiority. Explicitly NOT counted toward this entry’s grade. (M, for misuse cases in security RE only)

Excluded under the evidence rule: no primary-source effect size exists for speculative harm narration or anti-goal setting; all located treatments are qualitative. The Opdahl and Sindre (2009) result is recorded but deliberately not counted toward the grade - it measures a different operation in a different domain, and where relevant it cautions against, rather than supports, the method’s narrative format.

Was this page helpful?

Thinking Framework Skills v0.8.0 · 56 frameworks