Making CryptoParties Inclusive
CryptoParties are sometimes criticised for being a "geeks in black t-shirts only" event. In response, Milena Popova offers her perspective on how to make CryptoParty events more inclusive.
Making CryptoParties Inclusive
The CryptoParty movement, kicked off by Australian activist @Asher_Wolf over a year ago, intends to help people with any level of technical knowledge acquire useful skills to protect their privacy in the digital world. The 350-page, crowd-sourced handbook includes, among others, sections on browsing the web safely, securing your email, using disk encryption and secure telephony. Explanations progress from the basic (Don's use personal details in your passwords; make sure no one's looking over your shoulder when you're typing in your password) to the rather more advanced instructions for using email encryption on your phone.
One of the criticisms commonly levelled against privacy and security technology is its lack of usability. To use many of the technologies, you need a fair amount of skill and dedication, as well as the willingness to limit your platform choices and convenience at least to some extent. Personally, I am reasonably tech-savvy, but every one of my three attempts to start using anonymisation package TOR has ended in miserable failure. My need to access email easily and quickly on the go has so far trumped my need for security in my communications as the up-front investment to get anything sensible running across the multiple platforms I use has always seemed too high. In many ways, I and people like me are the prime targets of CryptoParties.
Of course, CryptoParties originated in a rather more innocent time, before the Snowden revelations, when to suggest that the kind of government surveillance we now know is happening was even possible would have earned you a tin-foil hat. With what we know today, the focus of CryptoParties and similar initiatives needs to shift. It is no longer only the reasonably tech-savvy and part-time conspiracy theorists like me who need to worry about the security of their communications - it is all of us.
It is good to see, therefore, that CryptoParties seem to be taking off in the UK. The Open Rights Group is doing its bit by supporting organisers, providing speakers, sharing materials and expertise. But what are we all doing to ensure that CryptoParties reach as wide and diverse an audience as possible?
When your event description is full of phrases like "full disk encryption", "password generation", and "keysigning", the general public may be forgiven for thinking this is a "geeks in black t-shirts only" event - no matter how many times you say that no prior knowledge is required. The language is immediately seemingly alienating. To attract people who need a basic introduction to online privacy the most, we may need a change of approach. We need to work out what it is that people are really worried about. We need to understand our user stories, and promote CryptoParty events in a way that addresses them.
Let me give you some examples...
Lori is a food blogger worried about a rise in the number of food banks. She is also a single mum with a three-year-old daughter. She has some influence in the food blogging community now; has published a Comment is Free piece or two and is starting to get her first rape threats on Twitter. She wants to ensure her and her daughter's physical safety. Things that might convince Lori that attending a CryptoParty would be useful for her include a focus on personal safety - and maybe some activities for children so she can bring her daughter along. Indeed, the upcoming Brighton CryptoFestival is offering a range of kids' activities - big thumbs-up to them!
Liam is an accountant in his mid-30s. One of his friends recently lost his job because his boss found lots of pictures of him drunk on Facebook. Liam's worried about who can see the things he posts on Facebook. Some words around social media safety and privacy might help Liam decide to come to your CryptoParty.
Jack is unemployed and on benefits. He accesses his Gmail at the local library and uses that to manage sensitive data like job applications. He also accesses social media, newspaper websites, the JobCentre website, etc. Jack might not even know that someone using the computer after him could potentially access his CV, his search and browser history, or his social media accounts. Jack might come to a CryptoParty if we include some activities around safety on shared computers and networks - and explain up front why this is important. The fact that your event is free and advertised as such will definitely be important to Jack.
Another example: Ellen needed to hire a ladder a few weeks ago for some decorating work in her new shop, so she googled "ladder hire". Practically every website she's visited since then has had ads for ladder hire. She's beginning to suspect this is not some kind of freaky coincidence. Include some activities on tracking, what companies like Google know about you, and safer web browsing to entice Ellen to join your CryptoParty.
Of course, to some extent the kinds of activities you'll be able to offer at a CryptoParty will depend on who you've got available to share skills and teach. Having said that, it is often the more basic topics - like Facebook privacy and helping people install Ghostery on their browser - that will have the biggest appeal to the general public and the most immediate impact on individuals' privacy. Keep that in mind with planning and promoting your event, and you'll make a bigger impact.
Milena Popova is an economics & politics graduate, an IT manager and active campaigner for digital rights, electoral reform and women's rights. She is also a member of ORG's board and continues to write for the ORGzine in a personal capacity.
Wendy M. Grossman responds to "loopy" statements made by Google Executive Chairman Eric Schmidt in regards to censorship and encryption.
ORGZine: the Digital Rights magazine written for and by Open Rights Group supporters and engaged experts expressing their personal views
People who have written us are: campaigners, inventors, legal professionals , artists, writers, curators and publishers, technology experts, volunteers, think tanks, MPs, journalists and ORG supporters.