Alison mentioned that any small impact that one can make in terms of privacy concern mitigation is important – but I wonder about how we encourage individual actions like using password managers without that becoming a status symbol that shames those who don’t take the same action. I think about this in terms of plastic straws and climate change in that yes it is important to lessen one’s ecological footprint but demonizing those who don’t take a specific action when there are other much more egregious offenders out there is unfair. So I guess the question is how do we create a culture that encourages but doesn’t shame our community? Or should we just shame them?
I teach mainly adults when it comes to my privacy classes and I make it clear that they are just that. Adults. I give them the information they need but make it clear that they have the ability to pursue it or not. We discuss threat modelling and I let them know who might be after their information and why. Once they have that information it’s up to them to implement it (I always let them know I’m available to help if they need it).
But keep it simple. The biggest issues I had was when I tried to cram too much in too short a time. Now I do an hour long class that focuses on just a few topics.
It’s up to them to take action, but I think one of the easiest ways not to create a culture of shame is to add humor. Make it fun and funny, engage them in that way and you’ll have an easier time, at least that’s what works for me.
I think shame has it’s place, just not when it comes to education. And most important, make sure they are asking questions and if you don’t know the answer tell them you’ll get back to them. Make them feel involved and they will be more willing to make those positive changes.
I find that a lot of password managers and other harm reduction tools are not very user friendly and become inconvenient to the user; if you have low digital literacy skills and have fewer choices it becomes even more difficult. I would never encourage shaming anyone as a way of learning; instead, I would suggest creating a space and supporting users to learn about issues that affect them, their families, and communities. A space where they are asked to think critically about their personal privacy vulnerability while being supported at every step with information, user friendly tools, and a community that looks for each other.
I agree with @Bitor about what the right environment is, and during our NYC weekend we’ll learn about creating these kind of transformative workshop spaces.
Wren, I understand why you find similarities between individual actions/expectations about climate change vs systemic responses. I agree that what really needs to happen is political, systemic change – we won’t get very far just asking people to use password managers, we need bigger changes, and we’re gonna be talking a lot about what those are and how librarians can be instrumental in making those demands.
But it’s also still meaningful if we can help individual members of our communities protect themselves. It helps that person avoid potential threats like identity theft or some other data exploitation, and also ideally agitates them towards working for bigger political changes. We will talk a lot about ideas for combining these two efforts – the micro and the macro.
But I think if you’re asking “should we stop at the micro” like so much of the response to climate change has been, the answer is absolutely not! Just like with the climate, our surveillance problems are caused by a handful of very powerful multinational companies and some government entities. If we don’t address problems at their root then we’ll get nowhere.
As someone who’s had the experience of having a parent who’s been scammed by phone (with an online component) I might be inclined to say that my pop’s experience having given his credentials over the phone to a Windows scammer and then having a phony check cut and cashed was much more of a ‘shaming’ experience than when my family and I sat with him after to discuss what happened and what he could do to not repeat the incident. At that point he didn’t even want to use the computer or his iPhone at all but once we all decided on a few things he could do in the future he was much more comfortable going online and even answering his phone. One of the most difficult factors that we had to deal with was how his socialization growing up compelled him to be polite to all strangers and the idea of just hanging up the phone on someone, closing the door or ignoring an email or notification was hard for him to get past.
I agree that using tools like password managers can’t and shouldn’t be framed as the purview of ‘experts’. Is it a tendency of capitalism or professionalism to hoard certain types of knowledge in order to maintain a social or economic standing? Or to make tools an opaque, gate-kept thing except to experts or as an avocation? As librarians I think we definitely should resist that within and without; meanwhile if we can work alongside our communities to a place were they become more confident, more vocal politically and more proficient technically (different roles, maybe distributed?) in this stuff that would be a great outcome.
Just nodding vigorously along with this and wanted to add that I think you’re really gonna like our NYC workshop about creating transformative community workshops.