Challenging gender stereotypes in cybersecurity: a feminist perspective
The technology industry has been the subject of one of the most extreme gender flips in history. How would the tech sector look differently if women felt like they were empowered to help build tech and design for their concerns? We designed a project to find out.
“Are you keeping up with the Commodore? Because the Commodore’s keeping up with you.” The friendly jingle plays over a mullet-wearing kid who salutes the viewer enthusiastically from behind his many-Macbooks-thick Commodore 64 keyboard. In the 80s, adverts like this one became commonplace as previously specialised computers spread to people’s homes. In these ads, the person behind the keyboard is almost always a young boy.
Today, the line between male geeks of the 80s and the tech bros of Silicon Valley seems self-evident. However, this assumption masks a forgotten history of women in computing. Just thirty years before the Commodore 64 and associated dawn of personal computing, six female mathematicians were tasked with programming the world’s first electronic computer.
Figure: Two programmers wiring the ENIAC, the world’s first electronic general-purpose computer, c. 1946
Over the next couple of decades, as computers shrank and their uses multiplied, the discipline and industries surrounding computing retained their female-dominated expertise until, as historian Mar Hicks wrote, “Britain discarded women technologists and lost its edge in computing.”
The rise of the ‘IT guy’
By the 1960s, women were abruptly pushed out of their technical posts to make way for a new human category that is still very much alive today: the IT guy.
Here, we use “default IT guy” to reference a series of persistent stereotypes about who computing and computers are for. Video games are for teenage boys with poor social skills and violent dispositions. Men are natural solvers of technical problems because they think differently (and ever so rationally). A hacker is a young man with a hoodie and a smirk, fingers darting across his keyboard while some other, older men with earpieces and suits shout “what’s going on?!” at each other. These stereotypes influence the use, design and discourse around the computers of today — the laptops, smartphones, smartwatches and IoT devices that mediate modern life.
As an action research group, we are particularly interested in the impact of these stereotypes on attitudes to safety while using technology. In other words, how they shape attitudes to cybersecurity.
Masculinisation of technology
Within the field of cybersecurity or digital privacy, we believe that at least three negative impacts exist stemming from the masculinisation of technology:
- People who do not identify as male do not believe they are “good at” technology, and therefore fail to take affirmative control of their digital lives.
- People who do not identify as male have few role models within technological industries, and therefore, do not gravitate towards such jobs or practices.
- Male-led design and use-cases fail to cater for technology uses and needs that are relevant to people who do not identify as male.
Introducing Reconfigure Feminist Digital Privacy Workshops
In order to address these issues our project, Reconfigure, has designed a series of feminist digital privacy workshops. We are “learning by doing” by combining research with activism to understand a problem and find solutions. In other words, we want cybersecurity to be more open, fair, and inclusive.
We launched the project with a pilot workshop held at the University of Oxford in 2019. After a short introduction, participants engaged in self-led training to reflect on and improve their existing cybersecurity practices. Following the period of reflection, a structured discussion provided an opportunity for comment and debate on feelings around mainstream cybersecurity narratives and how they affect everyday life.
The participants submitted their thoughts to an interactive platform and everyone’s contributions were shared live on-screen.
Key findings from the pilot workshop
The workshop generated some very interesting results. Firstly, in a departure from cybersecurity research, which prioritises criminals and hackers as primary threats, participants said more often than anything else that what made them feel threatened online was “targeted ads”. When asked what data they wanted to protect online, responses ranged from browsing history, to sexts, to banking details.
Participants also had creative ideas for “cybersecurity tools or features that you haven’t encountered yet but that you wish existed”: like a “forget me” button on websites, timed self-destruction for photo sharing or a “tool to see whether my personal details are out there on the darkweb”.
Secondly, participants shared perspectives on how their class, gender, culture, and sexuality shaped their experiences of cybersecurity. One participant described coming from a culture where personal privacy is not emphasized and having to adapt to western security practices quite uncomfortably. Another pointed out that being in different LGBTQ+ Facebook groups with open, closed, secret settings (to protect people from being outed) made them more aware of security.
Overall feedback was very positive: participant appreciated having a space and platform in a domain that they often feel excluded or distant from. Many expressed the intention to maintain changes made to their digital practices during the session.
Shaping an inclusive future
We are building on the successful pilot by running more workshops between now and May 2020 in Oxford, London, and Paris. If you would like to get involved, follow us on Facebook or join our mailing list.
Slupska and Duckworth write on behalf of Reconfigure, a group of feminist cybersecurity advocates & researchers seeking to engage with groups excluded from technology and improve industry and academia. Reconfigure includes OII Senior Research Fellow, Professor Gina Neff.
For those interested in more information about the Reconfigure workshops, here we share a blog from Carlos Camara-Menoyo, who attended the second Reconfigure workshop in Oxford, giving his perspective on key takeaways from the session.
Reconfigure is running a series of Feminist Digital Privacy Workshops between now and May 2020 in London and Paris. Details of upcoming workshops:
March 14: Time’s Up – organisation founded to combat harassment in the film industry following #metoo. Register here.
March 15: Power Play – a feminist activist theatre group working on image-based abuse. Register here.
A Blog by Julia Slupska, Doctoral Candidate, Centre for Doctoral Training in Cybersecurity, Oxford Internet Institute and Scarlet Dawson Duckworth, Cyber Technologist, Darktrace. Slupska and Duckworth write on behalf of Reconfigure, a group of feminist cybersecurity advocates & researchers seeking to engage with groups excluded from technology and improve industry and academia.