This is an open question on how to get the masses to care…
Unfortunately, if other people don’t protect their privacy it affects those who do, because we’re all connected (e.g. other family members, friends). So it presents a problem of how do you get people who don’t care, to care?
I started the Rebel Tech Alliance nonprofit to try to help with this, but we’re still really struggling to convert people who have never thought about this.
(BTW you might need to refresh our website a few times to get it to load - no idea why… It does have an SSL cert!)
So I hope we can have a useful discussion here - privacy is a team sport, how do we get more people to play?
you should stop calling people “normies”, if you want them to care about what you have to say
I call them normies not because I look down upon them or I hate them I do that because whenever I educate them to use privacy oriented services they mock me saying “you are crazy” “you aren’t president” “nobody cares about your data” yada yada yada…
It makes me frustrated :(
Framing “them” as fundamentally different reinforces the mental barrier that your requirements and their requirements are different. Avoid it.
You’d better believe marketing execs and specialists in branding will divide and conquer market segments of apathetic typical people.
Addicts in recover programs can call the general population of non-addicts ‘normies’; people that have been marginalized for neurodivergent thinking often call the mainstream population of neurotypicals ‘normies’ etc.
Gatekeeping by commonly accepted language across diverse circles only serves for your own purity testing instead of focusing on the core issue of how to sell people on exercising their own basic self-interest.
The problem is their arguments are not wrong. Nobody does care about your data. Which makes it so hard to convince people about the dangerous.
noted, and you’re right.
I actually mis-applied that term in my post. I’ve been trying to learn about tech, and self hosting in particular, along this journey. I found that ‘normies’ is the term that tech-savvy people apply to people who don’t know about tech - i.e. me! - and I started using it. In the sense of “these install instructions will never work with normies”.
In this context I shouldn’t have used it to refer to people who do not care about data privacy. I’ll edit my post.
Thank you for pointing that out!
Privacy is a team sport - how do we get more more people to play?
now you’re calling them "more"s 🙂
yeah that is definitely the core of the problem
Sounds like something normies would say. 🤣
Starting by not calling people that don’t know/care about privacy “normies”, and educating them I guess.
Also I’d say start with the “easier” ones, for instance anti-capitalist people are more open to find ways to avoid surveillance capitalism. If enough of these people care and educate their respective circles, eventually all people will care.
Also I’d say start with the “easier” ones, for instance anti-capitalist people are more open to find ways to avoid surveillance capitalism. If enough of these people care and educate their respective circles, eventually all people will care.
And pro-capitalism people should simply avoid being under surveillance of someone who can potentially help their competition with targetted info about them.
I have friends and family who occupy both sides of the political spectrum, so it’s impossible to have just one message that suits both. That’s why I’ve largely avoided politics my whole life…
But tech has become political, so it’s not that easy to avoid anymore 😬
On my website homepage Rebel Tech Alliance.org I try and make it clear that we’re trying to undermine a business model, not a political ideology. But the presence of the word ‘capitalism’ in surveillance capitalism does trigger some people to start talking politics.
Webpage not accessible
I think certain arguments work, and certain don’t.
I live in a very high trust society, Norway. This has a lot of advantages, but also some downsides.
We trust eachother, our neighbours, our government and our media. Which is fantastic, and well deserved. The government deserves the trust.
This makes it hard for me to make people realize how important privacy is, because they trust organizations with their data.
During COVID, Norway made their own app for tracking who met to prevent the spread. Of all the apps in the world, Norway wanted to push about the least privacy friendly app in the world. This from a country with the highest press freedom and rankings for democracy. Most people though it was fine, because why not? We trust our government.
https://www.amnesty.org/en/latest/news/2020/06/norway-covid19-contact-tracing-app-privacy-win/
Luckily someone protested enough, and it got scrapped for something better.
When I try to convince someone I have a couple of angles:
-
You trust the government and organizations with your data today. But do you trust the government in 30 years? Because data is forever. The US has changed a lot in a very short time, this can happen here as well
-
You have a responsibility for other peoples privacy as well. When you use an app that gets access to all your SMSes and contacts you spy on behalf of companies on people that might need protection. Asylum seekers from other countries for instance.
Something similar happened in Denmark with the new Sundhedsloven, which had provisions allowing the government to forcefully isolate people in concentration camps, along with forcefully vaccinating them. This was during the COVID-19 pandemia.
This was of course alarming for those who were in the know, but very few people protested (and the law was subsequently amended), but the general attitude from the public was “it’s not a problem because something like THAT would ever happen in Denmark.” 🤡
We had some emergency law that was almost passed recently. As in it passed the first of two rounds. The second voting round is just a formality, all laws are just passed after the first in practice. Luckily some law professor raised the alarms and it did not pass the second time. So within a couple of hours margin it was stopped.
The law gave the government the ability to force people to do a lot of stuff, work any job at any place in Norway. If you do not comply you could get up to three years in prison. It would not be a problem with the current or any government in the near future, but it is a law. And we can’t have laws that rely on trusting politicians. Because we might have politicians with anti democratic tendencies in the future
This is the same argument against trusting opaque algorithms from proprietary systems (usually billionaire owned). You just don’t know when they’re going to tweak it for their purposes.
The Swedish authorities have been known to mess with the reproductive rights of minorities, didn’t Denmark also meddle in extremely unethical bullshit? Is your comment an obvious reference I’m missing?
Convince them to trust open source
While I agree in theory, in practice open source has a similar amount of expected trust as closed source can have in many cases. I use all sorts of open source software without reading the code. I ain’t got time for that.
I can trust that software from a lot of organizations are trustworthy even if it is closed source, but I can’t trust any open source repo without reading the code. I habe to use other ways to evaluate it, is it probable that someone has audited it? Is it popular? Is it recognized as safe and trustworthy? Is the published and finished build the same as the one I would get if I built it myself?
But yes, you can never be 100% certain without open source and auditing it yourself.
I do trust that my travel pass app from a government organization doesn’t install malware / spyware on my phone. I can’t trust a random github repo even if it is open source.
This is a VERY interesting perspective - thank you for sharing!
You are lucky in Norway to have that level of trust, but I’d never considered the flip side: that it would create a dangerous apathy about privacy.
Your two angles are great:
-
This is so true but for some it is so nebulous, and it countries like the UK (and especially if you are white and not struggling financially) then there is an exceptionalism that creeps into the thinking. Probably because we’ve never been invaded and occupied. I was in Norway last year, and Denmark this year, and no one wants that to happen again. It seems to have shaped thinking a lot - correct me if i’m wrong 😊
-
This is a big one - privacy is a collective problem. It’s a team sport. I have had some success with this argument.
What’s very hard is to convey to people just how amazingly powerful and efficient big tech’s profiling models really are. Trillions of computations a minute to keep your creepy digital twin up to date. Most people cannot get their head round the scale of it, and I’m struggling to visualise it for them!
-
-
I have a feeling a whole bunch of people are about to start caring, when they see normal things being used as excuses to arrest friends, family, colleagues.
This depends on your country though. America sure.
Acknowledge.
I’m in the UK and there’s a feeling amongst some that “we’re next” if we don’t curb the rise of the far right.
The Reform party’s victories here this week are another alarm bell.
I’d say those some are spot on. Governments love the "look what that country is doing!” while doing the same or worse, surreptitiously. Prestidigitation, really.
I have learned that the best game is simply not to play. You risk annoying the hell out of people. Let them get curious, maybe mention it but they have to come to you. Pushing it onto people who do not care is simply not worth it. You are wasting your time, this is real life. Some people will simply not want to care. It is their choice and sometimes that choice will not match yours.
The people I have so-called converted where people who actually were interest to know more. If you push it on people who are not interested then you risk being that annoying person who comes off as an activist or ideologue.
People want convinience. You’ll never get people to do it, unless it personally affects them. Realisticly, you can convert a few.
But most importantly. It shouldnt be that hard to have privacy. THATS the problem. People shouldnt need to do alot of things to get it.
Do something about the problem (political, legally change privacy laws) instead of every single person.
But I know that can be near impossible depending of where you live.
oh yes, convenience… a big problem when moving from the alternatives.
And I have to acknowlege that I’m an unusual case - I would rather use a less-good service than give my data to a better one. I know most people don’t think like that.
That’s why the alternatives we recommend are usually the zero knowledge encrypted ones, and they need to have a good experience. But privacy by design is sadly not that widely adopted in products. It has been increasing though, but just very slowly.
And about your point to hit the problem when mass change can happen e.g. political, legal - that is more the domain of our friends at other orgs like EFF, noyb, The Citizens etc. But you’re right, that is where change needs to happen. Not easy when the big tech firms lobby so hard and throw money at the problem.
Yeah, they really do throw money around to keep control…
And I know it doesnt help to always say “we need political change” because it’s also an easy escape to just say that.
Im also trying my best moving me and my friends to other platforms, and we shouldnt stop. Be the change.
Maybe start by not calling them “normies”.
What else? “Ignorant and inexperienced consoomers” doesn’t sound very nice…
You’re right. I replied to someone else about this - I’ll change the post.
I think it’s a good idea. People are more likely to cooperate and take advice from people who don’t call them names. Although i understand that “normie” was not meant as an insult. But it might be perceived that way.
Hard disagree.
There’s several overlapping problems:
First, that the problem is complex. It’s not just “Microsoft bad.” There’s a turducken lasagna of layered problems that make it hard for the average person to wrap their heads around the issue.
Next, there’s no direct monetary incentive. You can’t say “you lose $500 a year because data brokers know your address.” Most people also have relied their whole lives on free email, so the average person in already in “debt” in terms of trade offs already.
You’re also starting from a point of blaming the victim in a way. It’s the same problem companies have with cybersecurity, blaming everyone except the executive that didn’t know the risks of skimping on cyber budgets. Hiding the problem to avoid public shame is the natural human response.
Finally, that resolving the problem is fucking hard. I know, we all know, it’s a constantly moving target that requires at the very least moderate technical skill. My partner wants to have more privacy online, but would rather have conveniences in many cases. And has zero patience for keeping up with changes, so I have to be a CISO for a household. So the average person, and the average household, does not have the skillset to care “effectively” if they wanted to.
First of all, it’s May 4th so happy Star Wars day Han Solo!
Your points land… hard. Yes it is so messed up that privacy has been pushed on the end user as ‘their problem to fix with consent choice’. As you all know here it’s not a real choice.
Yes this should all be solved at the regulatory / gov level, but whilst the EU has been doing some great things recently, and the US has just kicked Apple and Google and Meta in the balls for antitrust, it’s never enough - there’s just too much lobbying and money washing around.
So, sadly, it does come down to the individual. My position is “if huge numbers of people starve the system of their behavioural data, then the surveillance economy is less effective, and perhaps other business models will have a chance”. Do you think that holds water?
And may The Force also be with you.
And don’t take it personally, it’s a fair question with an answer that it’s exactly why people get degrees in things like public policy.
The way to “solve” this for the average person is two steps: services like DeleteMe making them feel like they can “get back” their privacy. Second is dumbed down education with easy means. 1 year ago, uBlock did amazing stuff, and only 33% of internet users were using it. Exclude 25% of the remainder as enterprise setups not allowing extensions, and you still have 40+% of people online just rawdogging MSN and Yahoo and Drudge Report. Like, have you seen that internet lately? It’s fucking intolerable. But the same peoe that install searchbars won’t install uBlock. You have to be aggressive explaining value for 10 seconds of time.
It’s a genuine campaign that takes time and alluring promos.
The data broker one is kind of week though addresses have never been private. I mean we used to give everyone a book with everyone’s address and phone number. Also anyone could look up who owns what land you would have to do some serious stuff to hide owning some land and most people are not going to do that.
Steal their identity and doxx them. They’ll play along after that experience
harsh! but might work lol
It has to be easy, low effort, and something there friends are doing too.
Education.
This is my attempt at that: Rebel Tech Alliance - Learn Section
I’d like to crowdsource this learning section but not sure how. I linked to the Codeberg site on the homepage but that probably won’t work as too techy.
In my experience all the good arguments in governments that change, big companies making money etc are still too abstract to people.
But i have found one argument that at least made women and older men with daughters think about it. Stalking. With reverse image search and stupid people finder apps and ai that can estimate how you look now based on an old picture and vice versa, stalking got soooo easy. Anyone can just secretely take a picture of a girl they find interesting in public and find her social media profile and see where she usually hangs out etc. (Of course also all other genders get stalked - this is just the most known example).
That can work, but it could go the other way too. We’ve already seen scaremongering claims like “right to repair will allow creepy car mechanics to stalk your location”, “encryption is used by criminals”, “local image scanning prevents child abuse”, etc.
What moves people is stories of why you should care. Getting these stories highlighted and then providing the solution (or multiple solutions) is a sure way to call people to action.
Devs and marketing then need to have an easy onboarding experience. But if people have a will they will find a way. Just don’t be an AH when they ask stupid questions.
This. You’re so right. It’s stories that move people not facts - I constantly forget this!
I’ve made a note to use the blog to put the messages in story form - case studies.
Thank you for writing that!
So can you provide some stories?
Tell them how governments, employees and scammers buy from data brokers the data collected from apps in their phones to surveil, blackmail or scam them. Do a research and send them a good summary with the links. When a told my brother in law about this, he was stunned. He’s still using his phone as always lol, so don’t have too much expectations.
I’ve had a bit of success with this - a cousin for example was shocked by a report I sent him about the RTB system - but I worry that if I send too many of those kinds of info then people will think I’m some kind of conspiracy theorist. 😱
One method is to put a $ on privacy. Consider this: if you were offered $5 for every piece of information you shared about yourself, would you still share it? Probably not. But the true cost is far less obvious, spread out over time, and often masked by the convenience of “free” services.
I like this concept and I feel like that a step along the way as it is essentially what’s happening. The EULA’s, TOS’s, SLA’s, etc are all contracts, which should be negotiable by both parties and allow the individuals or groups to define value, be that monetary value (the $5) or something in trade. Some how we the masses skipped over the negotiation, and are left with an almost binary choice either accept and use it or not. (You could sue, or protest, or etc, but without standing or a large following this is not effective for an individual.)
So whilst’ I agree, I also think it might be more useful to focus on the reason the information is valuable.
I mean we already know people would go for this no questions asked.