Our Landscape surgery session on 11th February was a session organised by Royal Holloway’s own PhD Student Laura Shipp and Julia Slupska, a PhD student from the Centre of Doctoral Training in Cybersecurity and the Oxford Internet Institute, also the sister programme of Laura’s interdisciplinary project (Geography/Information security).
The session was an active one, in which we participated in the Re:configure: Digital Privacy Workshops, co-facilitated by Julia and Laura. The workshop applies feminist principles to cyber security, in both theory and practice. It aims to democratise cybersecurity by opening it up to be more open, fair and inclusive and providing cybersecurity advice in a space that is approachable and accessible way.
The session started with an introduction from the co-facilitators. We learn that the project rose out of frustrations with the exclusive realms of cybersecurity, that are often male-dominated, hierarchical and elitist, in which there are definite rights and wrongs, and opinions of those outside of the space are invalid, resulting in an intimidating and in many cases condescending space. The workshop then, offers a chance to destabilise this narrative and create a space in which to learn and share ideas for those who are generally excluded from it. It forms part of a larger project of Julia and Laura’s that aims to listen to opinions of a broad range of people, with an emphasis on those who are generally excluded from cybersecurity discussions and bring them back into cybersecurity research, as well as offer cybersecurity advice in an inclusive and supportive environment.
To this end, the workshop was split into two sections, a threat modelling section and tech support section. Firstly, in the threat modelling section, we split off into groups and shared ideas about what online data we wanted to protect most. Topics of conversation spanned from personal photos, smart home systems, financial data, passwords, location data and cloud-based back-up data. The discussions were often informed by personal experiences of life online, and things that made us feel insecure for multiple reasons. From there, we were then encouraged to think about how we could improve our current security practices in regard to the things we valued most valuable to protect.
Secondly, in the tech support section, we were introduced to a wide range of resources that could help us in that task of protecting the data valuable to us. A noteworthy resource here is the DIY Guide to Feminist Cybersecurity (https://hackblossom.org/cybersecurity/). At this point, we were given just over half an hour to scour the guide (usually this time is an hour, but we were on time constraints so had to run a condensed version of the workshop), which offered simple, and mostly free, methods to improve our cybersecurity, as well as an opportunity to ask to facilitators for advice of help with case-by-case confusions or worries.
Importantly, the workshop provided a great space to discuss openly what we didn’t know (which for me, is quite a lot!). We were given time to articulate what we considered important in data privacy, and then offered ways to improve on those things. Personal experience filters into how we experience the world, both physical and virtual, and so everyone’s online life is different, and people have different values and methods in conducting themselves. Crucially then, this workshop realised that, and offered cybersecurity advice in a space that brought people together, as well as allowing us time that we may all put off in doing our own cybersecurity work. By paying attention to feminist approaches and concepts such as inclusivity, personal experience, consent and hierarchy more broadly, the spaces of cybersecurity can be fundamentally changed, and can have a significant positive impact on how people experience and conduct their life online.
Written by Rhys Gazeres.
Edited by Rachel Tyler.