I Went to a Cryptoparty to Ask Why People Want to Protect Their Data
It was an evening of pizza, beer, and technological subterfuge.
In light of Australia's freshly approved data retention bill, ignorance of our personal digital security is no longer an option. The government can access, and now store, everyone's metadata regarding telecommunication and online usage. This has got a lot of people asking how they can protect themselves online.
Because of this, cryptoparties—where people get together to learn ways to keep their online information safe—are becoming increasingly popular. Last night a software firm called Thoughtworks held one in Melbourne and I went along to see what it was like.
The night started with pizza and beer and progressed to discussions on technological subterfuge. Speakers at the sold-out event included Greens senator Scott Ludlum and human rights lawyer Lizzie O'Shea, both of whom highlighted the pressing need for all of us to become more engaged with data protection.
Talk swung between the trivial and the serious, with questions ranging from how best to download torrents, to whether the data retention bill will expand in the future. Attendees were introduced to PGP Encryption for emails, the Tor browser to obscure your internet use, VPN services to mask your IP address, and other tricks for encryption and how to securely use digital currencies like Bitcoin.
The varied crowd who attended did their best to learn the skills presented. After the presentations were over, I spoke to members of the crowd to find out why they came and what they most wanted to protect.
VICE: You're at this event, but I'll ask you anyway: Are you interested in data protection?
Jacob: Abso-fucking-lutely. I do a lot of organizing work. I work within the broad left. I work for a major union body, and I've had a lot of experience in the past of knowing that our information has been stolen. I guess I've always accepted that my communications are monitored, and that nothing is really truly secure.
But, you know, it's technologies like the ones we've heard about tonight that allowed Snowden get away to Russia. While it's not securable, we're in an age of the rise of the right, the crackdown on the political dissent. Any tricks we can learn, even if it only gives us a little breathing room, are going to be more useful than the surveillance tricks I may have learned in my own generation. This is keeping yourself nice in the 21st century.
In line with that then, how should the government handle our metadata?
I think they should just keep their noses out of our fucking metadata. How can you determine whether they are using your metadata for their stated purposes or not? It's like searching people's bags. When you ask why you're being searched the answer is, "Oh, you may pose a threat." It shouldn't be right that they can search everyone's bag.
Hey Scott, so you obviously came down to speak.
Scott: I didn't just come to speak, I came to learn as well. What's happening here is community-building, meeting one another and learning skills. Part of that is getting technical knowledge. We've just been, in my view, significantly betrayed by the government. For the time being, there's not much we can do about that because the law has passed. But there's a lot we can do in taking our own power and our own privacy back.
Should the government be able to access our data to any extent?
There is a level where it's necessary and useful for law enforcement, anti-corruption agencies, and intelligence agencies for legitimate purposes doing legitimate work. But with review, annual reporting, transparency, and a warranted process. Which is not perfect, obviously, but that's one way you can throw a layer of oversight on surveillance by the state.
Is there enough information about data protection available?
There should be more events like this. There were almost 200 people on a waiting list for tonight—so there's no question there's a need for it. I think as far as digital literacy being taught in schools—absolutely. Even if you're trying to protect children from being bullied online, there's quite a bit of overlap. I think it's going to become an important part of digital literacy.
Rachael, journalism student at RMIT University
So why did you come tonight?
Rachael: I'm a journalist in training and we don't learn enough about this stuff. It's quite alarming when you think about it. With these data retention laws coming in, it's not clear for young journalists how it'll affect the work they do, and how they report on government activities. As young journalists, we're the ones coming into this digital sphere where all this stuff is going to be most relevant. I thought I'd come and try and figure it out.
Why is data protection integral to journalism?
It's essential to the work you do. For me the most important thing is for people reporting on government activities—anything they are quite hush-hush about—it's important to be able to keep whistleblowers, yourself, and your source safe.
Do you use any of the technology mentioned to encrypt your information?
No, I don't. I'd heard of them. I always thought I didn't understand. But they've been explained in a semi-layman's way so I'm going to give it a go.
Why did you come down tonight?
Foad: I am relatively interested in data protection and privacy. I work in the IT industry. I didn't actually know about this night until my wife told me about it—she works for Liberty Victoria. She is very interested in civil liberties. I've been to another one of these held six months ago, so I do quite enjoy them.
Do you use any these technologies?
Yes, I use a VPN service and at one stage I did use a Tor browser. I haven't used chat much to talk securely and I hadn't heard of PGP either—I'm looking forward to learning how to use it.
Do you think this information is adequately available?
I think it's available, but that you just need to be interested enough to chase it up. The level of how little privacy you have is probably generally not known. People refuse to accept that privacy is that important.
Is there a reasonable amount of metadata the government should be able to access?
I don't think the government should have any access. I don't think there's any justified reason. That's a privacy issue—the same way a letter isn't opened up and read. Even if it has the potential to protect us—I think it's a rare case—but I suppose it's a question of whether you'll give up your liberty for security. If you want to, that's your choice.
Follow Jack on Twitter.