This is an open question on how to get the masses to care…
Unfortunately, if other people don’t protect their privacy it affects those who do, because we’re all connected (e.g. other family members, friends). So it presents a problem of how do you get people who don’t care, to care?
I started the Rebel Tech Alliance nonprofit to try to help with this, but we’re still really struggling to convert people who have never thought about this.
(BTW you might need to refresh our website a few times to get it to load - no idea why… It does have an SSL cert!)
So I hope we can have a useful discussion here - privacy is a team sport, how do we get more people to play?
you should stop calling people “normies”, if you want them to care about what you have to say
I call them normies not because I look down upon them or I hate them I do that because whenever I educate them to use privacy oriented services they mock me saying “you are crazy” “you aren’t president” “nobody cares about your data” yada yada yada…
It makes me frustrated :(
Framing “them” as fundamentally different reinforces the mental barrier that your requirements and their requirements are different. Avoid it.
You’d better believe marketing execs and specialists in branding will divide and conquer market segments of apathetic typical people.
Addicts in recover programs can call the general population of non-addicts ‘normies’; people that have been marginalized for neurodivergent thinking often call the mainstream population of neurotypicals ‘normies’ etc.
Gatekeeping by commonly accepted language across diverse circles only serves for your own purity testing instead of focusing on the core issue of how to sell people on exercising their own basic self-interest.
The problem is their arguments are not wrong. Nobody does care about your data. Which makes it so hard to convince people about the dangerous.
noted, and you’re right.
I actually mis-applied that term in my post. I’ve been trying to learn about tech, and self hosting in particular, along this journey. I found that ‘normies’ is the term that tech-savvy people apply to people who don’t know about tech - i.e. me! - and I started using it. In the sense of “these install instructions will never work with normies”.
In this context I shouldn’t have used it to refer to people who do not care about data privacy. I’ll edit my post.
Thank you for pointing that out!
Privacy is a team sport - how do we get more more people to play?
now you’re calling them "more"s 🙂
Sounds like something normies would say. 🤣
I think certain arguments work, and certain don’t.
I live in a very high trust society, Norway. This has a lot of advantages, but also some downsides.
We trust eachother, our neighbours, our government and our media. Which is fantastic, and well deserved. The government deserves the trust.
This makes it hard for me to make people realize how important privacy is, because they trust organizations with their data.
During COVID, Norway made their own app for tracking who met to prevent the spread. Of all the apps in the world, Norway wanted to push about the least privacy friendly app in the world. This from a country with the highest press freedom and rankings for democracy. Most people though it was fine, because why not? We trust our government.
https://www.amnesty.org/en/latest/news/2020/06/norway-covid19-contact-tracing-app-privacy-win/
Luckily someone protested enough, and it got scrapped for something better.
When I try to convince someone I have a couple of angles:
-
You trust the government and organizations with your data today. But do you trust the government in 30 years? Because data is forever. The US has changed a lot in a very short time, this can happen here as well
-
You have a responsibility for other peoples privacy as well. When you use an app that gets access to all your SMSes and contacts you spy on behalf of companies on people that might need protection. Asylum seekers from other countries for instance.
Something similar happened in Denmark with the new Sundhedsloven, which had provisions allowing the government to forcefully isolate people in concentration camps, along with forcefully vaccinating them. This was during the COVID-19 pandemia.
This was of course alarming for those who were in the know, but very few people protested (and the law was subsequently amended), but the general attitude from the public was “it’s not a problem because something like THAT would ever happen in Denmark.” 🤡
We had some emergency law that was almost passed recently. As in it passed the first of two rounds. The second voting round is just a formality, all laws are just passed after the first in practice. Luckily some law professor raised the alarms and it did not pass the second time. So within a couple of hours margin it was stopped.
The law gave the government the ability to force people to do a lot of stuff, work any job at any place in Norway. If you do not comply you could get up to three years in prison. It would not be a problem with the current or any government in the near future, but it is a law. And we can’t have laws that rely on trusting politicians. Because we might have politicians with anti democratic tendencies in the future
This is the same argument against trusting opaque algorithms from proprietary systems (usually billionaire owned). You just don’t know when they’re going to tweak it for their purposes.
Convince them to trust open source
While I agree in theory, in practice open source has a similar amount of expected trust as closed source can have in many cases. I use all sorts of open source software without reading the code. I ain’t got time for that.
I can trust that software from a lot of organizations are trustworthy even if it is closed source, but I can’t trust any open source repo without reading the code. I habe to use other ways to evaluate it, is it probable that someone has audited it? Is it popular? Is it recognized as safe and trustworthy? Is the published and finished build the same as the one I would get if I built it myself?
But yes, you can never be 100% certain without open source and auditing it yourself.
I do trust that my travel pass app from a government organization doesn’t install malware / spyware on my phone. I can’t trust a random github repo even if it is open source.
This is a VERY interesting perspective - thank you for sharing!
You are lucky in Norway to have that level of trust, but I’d never considered the flip side: that it would create a dangerous apathy about privacy.
Your two angles are great:
-
This is so true but for some it is so nebulous, and it countries like the UK (and especially if you are white and not struggling financially) then there is an exceptionalism that creeps into the thinking. Probably because we’ve never been invaded and occupied. I was in Norway last year, and Denmark this year, and no one wants that to happen again. It seems to have shaped thinking a lot - correct me if i’m wrong 😊
-
This is a big one - privacy is a collective problem. It’s a team sport. I have had some success with this argument.
What’s very hard is to convey to people just how amazingly powerful and efficient big tech’s profiling models really are. Trillions of computations a minute to keep your creepy digital twin up to date. Most people cannot get their head round the scale of it, and I’m struggling to visualise it for them!
-
-
Maybe start by not calling them “normies”.
What else? “Ignorant and inexperienced consoomers” doesn’t sound very nice…
You’re right. I replied to someone else about this - I’ll change the post.
I think it’s a good idea. People are more likely to cooperate and take advice from people who don’t call them names. Although i understand that “normie” was not meant as an insult. But it might be perceived that way.
Hard disagree.
I have learned that the best game is simply not to play. You risk annoying the hell out of people. Let them get curious, maybe mention it but they have to come to you. Pushing it onto people who do not care is simply not worth it. You are wasting your time, this is real life. Some people will simply not want to care. It is their choice and sometimes that choice will not match yours.
The people I have so-called converted where people who actually were interest to know more. If you push it on people who are not interested then you risk being that annoying person who comes off as an activist or ideologue.
People want convinience. You’ll never get people to do it, unless it personally affects them. Realisticly, you can convert a few.
But most importantly. It shouldnt be that hard to have privacy. THATS the problem. People shouldnt need to do alot of things to get it.
Do something about the problem (political, legally change privacy laws) instead of every single person.
But I know that can be near impossible depending of where you live.
oh yes, convenience… a big problem when moving from the alternatives.
And I have to acknowlege that I’m an unusual case - I would rather use a less-good service than give my data to a better one. I know most people don’t think like that.
That’s why the alternatives we recommend are usually the zero knowledge encrypted ones, and they need to have a good experience. But privacy by design is sadly not that widely adopted in products. It has been increasing though, but just very slowly.
And about your point to hit the problem when mass change can happen e.g. political, legal - that is more the domain of our friends at other orgs like EFF, noyb, The Citizens etc. But you’re right, that is where change needs to happen. Not easy when the big tech firms lobby so hard and throw money at the problem.
Yeah, they really do throw money around to keep control…
And I know it doesnt help to always say “we need political change” because it’s also an easy escape to just say that.
Im also trying my best moving me and my friends to other platforms, and we shouldnt stop. Be the change.
There’s several overlapping problems:
First, that the problem is complex. It’s not just “Microsoft bad.” There’s a turducken lasagna of layered problems that make it hard for the average person to wrap their heads around the issue.
Next, there’s no direct monetary incentive. You can’t say “you lose $500 a year because data brokers know your address.” Most people also have relied their whole lives on free email, so the average person in already in “debt” in terms of trade offs already.
You’re also starting from a point of blaming the victim in a way. It’s the same problem companies have with cybersecurity, blaming everyone except the executive that didn’t know the risks of skimping on cyber budgets. Hiding the problem to avoid public shame is the natural human response.
Finally, that resolving the problem is fucking hard. I know, we all know, it’s a constantly moving target that requires at the very least moderate technical skill. My partner wants to have more privacy online, but would rather have conveniences in many cases. And has zero patience for keeping up with changes, so I have to be a CISO for a household. So the average person, and the average household, does not have the skillset to care “effectively” if they wanted to.
First of all, it’s May 4th so happy Star Wars day Han Solo!
Your points land… hard. Yes it is so messed up that privacy has been pushed on the end user as ‘their problem to fix with consent choice’. As you all know here it’s not a real choice.
Yes this should all be solved at the regulatory / gov level, but whilst the EU has been doing some great things recently, and the US has just kicked Apple and Google and Meta in the balls for antitrust, it’s never enough - there’s just too much lobbying and money washing around.
So, sadly, it does come down to the individual. My position is “if huge numbers of people starve the system of their behavioural data, then the surveillance economy is less effective, and perhaps other business models will have a chance”. Do you think that holds water?
And may The Force also be with you.
And don’t take it personally, it’s a fair question with an answer that it’s exactly why people get degrees in things like public policy.
The way to “solve” this for the average person is two steps: services like DeleteMe making them feel like they can “get back” their privacy. Second is dumbed down education with easy means. 1 year ago, uBlock did amazing stuff, and only 33% of internet users were using it. Exclude 25% of the remainder as enterprise setups not allowing extensions, and you still have 40+% of people online just rawdogging MSN and Yahoo and Drudge Report. Like, have you seen that internet lately? It’s fucking intolerable. But the same peoe that install searchbars won’t install uBlock. You have to be aggressive explaining value for 10 seconds of time.
It’s a genuine campaign that takes time and alluring promos.
The data broker one is kind of week though addresses have never been private. I mean we used to give everyone a book with everyone’s address and phone number. Also anyone could look up who owns what land you would have to do some serious stuff to hide owning some land and most people are not going to do that.
It has to be easy, low effort, and something there friends are doing too.
As a thought experiment: what would have happened if instead of a public health regulation approach, we dealt with restaurant safety by providing a few safe places and advocating everyone go there if they don’t want salmonella or e-coli poisoning. We’d have people ignorant going to the dangerous places, others misinformed or in denial, and a flood of misinformation that food poisoning is either “fine” or there’s no avoiding it anyway so best not to worry.
Interesting!
And then Fuckerberg would gaslight us by declaring that “public health is dead”
Yes, all while he’d have a private chef and a staff that keep him safe.
One method is to put a $ on privacy. Consider this: if you were offered $5 for every piece of information you shared about yourself, would you still share it? Probably not.
I mean we already know people would go for this no questions asked.
Tell them how governments, employees and scammers buy from data brokers the data collected from apps in their phones to surveil, blackmail or scam them. Do a research and send them a good summary with the links. When a told my brother in law about this, he was stunned. He’s still using his phone as always lol, so don’t have too much expectations.
I’ve had a bit of success with this - a cousin for example was shocked by a report I sent him about the RTB system - but I worry that if I send too many of those kinds of info then people will think I’m some kind of conspiracy theorist. 😱
I think making it as easy and feature packed as the big commercial apps and services would go a long way.
Right now asking someone to switch to a more private service/app is not only the work of switching over, but also learning an often much more complex system.
You’re basically studying viral pathology and immunology at that point. Remember how restaurant little can be for making and for vaccinations in American culture?
On top of it taking the slightest effort … We basically have to settle the solutions and then invite or incentivize them into it, which is hard when you’re against disinformation networks with better fundling.
Not to say it’s hopeless. Just that the incentives in a highly individualized society captured under surveillance capitalism are misaligned.
Another wall of text no one will ever read does nothing. Do this: https://lemmy.world/post/21620691 https://lemmy.world/post/20950542
I’ve noticed many people tend to look for alternatives when their mainstream apps are either temporarily down or become greedy.
I remember a few years ago Meta servers were down which resulted in my whole family and some friends at least partially moving over to Signal. Now it’s important that the alternative has at least the basic features people want. Most people are not ubernerds like us willing to sacrafice GIFs, emoji’s or whatever and would switch back once they realize it’s missing features.
For instance, I’ve noticed people becoming increasingly frustrated with Windows but won’t switch to Linux due to missing program or game support.
So ultimately I think the focus should be for privacy-respecting apps to be feature-complete. It’s much easier to convince someone to switch if there’s a reason to stay.
This probably means sacrificing on security features but I don’t think the goal should be for everyone to be on Qubes OS and SimpleX. Rather having at least basic online privacy and the ability to remove data on demand.
I sometimes wonder if NordVPN has done more for the privacy cause than anything else, purely for the sheer amount of advertising.
But most of their claims are false. And how does it do anything for privacy. And if you say obscures your ip address.
Just the fact that NordVPN claims to protect your privacy means that the average person hears about privacy a lot
It certainly make me feel safer against big tech snooping. Is obscuring your IP address not useful? I genuinely want to hear the arguments for and against VPNs. And if they’re not effective what are better ways we can protect ourselves?
VPNs hide your IP from your ISP and anyone they share that information with. Here in the UK ISPs keep a record of every internet connection you make and pass it on to the government and perhaps others. Using a VPN here means that instead of them knowing every single website you visit they just know you are using a VPN (or Tor, or a proxy etc if that’s what you’re using). All they can tell from that data is what time you’re active online and how much data you upload/download, not which websites you’re visiting.
The websites that you connect to at the other end can still determine who you are by means other than your IP address, like information that your machine presents to them which is unique. VPNs don’t protect against this.
A VPN is like a private courier. What the recipient does with the delivered message (and what you’ve put in it) is out of the courier’s hands.
