2020 In Review: A Retrospective Analysis

About Our Work

We are Cyber Collective, a group of technology professionals with backgrounds in cyber security, privacy, public policy, and ethics. Through our collective industry, academic, and lived experience, we have become intimately aware of the ways in which technologies deployed in today’s landscape have produced, and continue to produce, unintended harmful consequences at scale for the vulnerable and marginalized in society.

Through honest and open dialogue with our community members, we investigate the ways in which technology and human life are interconnected. Specifically, we use the grounded theory approach in our creative, qualitative research, and then use the information we gather to center marginalized folks—those who have historically been pushed to the margins by decision makers in tech product and policy development—in conversations to impact the next generation of tech product and policy.

We acknowledge the challenging position in which many ethics owners, product managers, data scientists, and engineers find themselves in their work today, where personal values often come into conflict with business goals. Current contributors in the tech industry experience these tensions, for example when they use datasets that are collected without informed consent or those that are impacted by implicit biases, so we work directly with our community to educate and gather data transparently in service of creating a future where technology is overwhelmingly a force for good—for all.

About This Brief

We release briefs to share our journey with our community, industry professionals, and academic circles. It's a way of documenting our processes, sharing lessons we've learned, and exploring new areas of growth—all with the overarching objective of expanding the conversations happening in cyber security, privacy, and data ethics spaces.

In this month's brief, we'll do a case study on the events we hosted in 2020 and break down our impact and reach through our community work this year. We will also give our organizational take on cyber security and tech ethics, and share what all is in the pipe for us as an organization.

Reflections About Our Community Work In 2020

We’ll do a deep dive into reflections about our community work this year with a focus on our event series. Our goals here are twofold: to share observations and lessons learned so that other organizations doing similar kinds of outreach can learn with us, and to share our work with people and orgs who see potential for collaboration.

We’d also like to note that, while these are our reflections and observations from our work this year, our analysis of them will remain dynamic as we continue our work. It is important to us that we stay flexible and aligned with the ever-evolving digital landscape.

How We Work

Through our virtual events and social media outreach, we make topics in cyber security, privacy, and ethics accessible to a wider audience. We simplify domain-specific ideas into the points that specifically impact our community, then start conversations around these concepts with the aid of memes, pop culture references, and unfiltered language that we'd use with our friends. We connect with our community on commonly-used platforms, including Zoom for our virtual events and Instagram and Twitter for general outreach.

Observations

Event Engagement

Where 20-100 participants attend our events, we’ve noticed that one hour, the standard length of our events, is not enough time for us to cover the presentation's material and engage with every participant who asks questions. We have found that our event attendees are heavily engaged in real-time through discussions over video and chat, so our team is exploring ways we can expand our ability to conduct creative, qualitative research through our live events in 2021.

Our most-attended event, Your Ethics are in Retrograde, covered the ways in which astrology apps collect sensitive personal data from users and how this practice could have tangible, unintended effects in the real world.

We used these familiar apps as a jumping-off point to discuss the larger issue of how this practice creates the risk that these apps produce harms which could disproportionately impact marginalized folks, revealing the power structures that affect those who use the app versus profit from it. We then taught participants foundational concepts in moral responsibility, so that they could use them as a lens through which they can analyze such practices.

By working within the context of commonly-used (and beloved!) astrology apps, we reached a larger audience than we had with any other event. We simplified concepts in privacy and ethics, using them as lenses to analyze data collection practices and potential outcomes, and had conversations with a diverse group of participants who may not have otherwise had access to these discussions.

Recurring Themes

We are an impact-driven, community-centered organization, and our attendees reflect that in the conversations they start during our events. The conversations we had together covered a lot of ground, particularly at the intersection of tech and other aspects of life.

Some recurring participant-initiated themes across our 2020 event series include the following:

Family

Participants brought up the ways in which they helped take care of family members online by watching grandparents’ accounts, translating online information from English to native languages, and sharing cyber hygiene tips with parents

Power Imbalances

Participants frequently expressed frustration with the power imbalance between the tech industry and consumers, calling out questionable practices that impact small businesses and individuals alike.

Access

Participants wanted to know how to share information from events with communities and people who otherwise wouldn’t have access to cyber security how-to tips and discussions about privacy and data ethics.

Community

Participants wanted to stay involved with our community, asking how to donate to our organization and how they could get in touch with team members outside of events to continue discussions. Multiple participants shared our work with friends, family members, and colleagues.

Key Takeaways

We are currently exploring how we can allow for even more real-time conversation with our event participants because this is where we saw impactful engagement with our community. We’d also like to further structure our live-audience qualitative research and impact analysis. If we find that there are more effective ways to connect with our participants, we will ideally pivot and share our findings in a future brief.

In 2021, we also want to continue making our work as accessible as possible. Our main intention in approaching our community events next year is to continue to cultivate safe learning spaces where our participants can show up fully as their whole selves. We want our participants to speak how they speak without code-switching and having honest conversations that celebrate ourselves as we are. We predict that this will enable us to tease out our community members’ genuine insights and needs around technology.

Finally, we want to keep evolving with and responding to the needs of our community. In our work, we want to honor the values that are important to them—family and community, challenging power imbalances in tech, and improving access to these conversations—and we’ll keep listening so that we may better serve.

That’s a wrap on our events in 2020! We’ve taught a lot and learned a lot with our community, and we look forward to continuing this work next year. In the meantime, we’ve also done some reflection on our values in cyber security and tech ethics and the next section walks through our thoughts so far in these areas.

Our Values In Cyber Security And Tech Ethics

This year, we’ve been working closely as a team to tease out the values we hold collectively, in service of aligning our community work, research projects, and special initiatives. Our team members have distinct and complementary domains of expertise—cyber security and tech ethics—both of which we value immensely.

Much of our work focuses on connecting the dots between these domains for our community, and we think it would be useful to share what we've synthesized so far. Here's a work-in-progress manifesto of our values, broken out by domain

Cyber Security

1. Our Physical and Digital Worlds Are Intertwined.

As our personal information becomes increasingly available online, so increases the risk to our physical well-being. Identity theft, doxxing, and behavioral manipulation are tangible threats to our well-being, made faster and scaled online. We believe in teaching our community how to protect their physical and mental well-being by securing their lives online. We aim to instill a sense of digital identity ownership in our community members, so that they feel a responsibility to their digital and physical safety.

2. Awareness of our digital because helps the ecosystem of the internet.

Every day we use our smartphones and computers, we produce large amounts of digital exhaust, or trails of data we create by simply using the internet. By becoming aware of our digital exhaust and its impact, we can work towards creating a safer internet that works for all.

3. Our approach to education is rooted in community.

We educate through the values of community and by creating a sense of belonging for the people who have historically been excluded from conversations about cyber security. Cyber security has been an elitist bubble for too long, and this information belongs at the level of the people who are impacted by it most.

In practice, this means that we choose training facilitators who can relate to the people in the audience, leverage cultural understanding to communicate effectively, and provide safe learning environments for people of all personal, academic, and professional backgrounds. Ultimately, facilitators should create spaces to energize people to take action, and that means working human-to-human to achieve that.

4. Cyber security training need to happen at home.

We've historically seen cyber security training in professional contexts where employers provide security awareness training for their employees. Because of how expansive today's threat landscape is, we believe that cyber security training needs to happen at home, in our personal spheres too. We believe in teaching our community members to click, share, and consume mindfully as we move through spaces online.

Tech Ethics

1. Leaders in the tech industry have a responsibility to investigate and mitigate potential downstream effect produces by their products and services.

Technology developed in today's landscape has the potential to, at best, be a force for good at scale, or at worst, work against our autonomy and agency as human beings. We believe that tech industry leaders are responsible for investigating and mitigating risks of harm, particularly to groups of people who would be disproportionately affected by the development and/or deployment of their products and services.

We advocate for a future where tech industry leaders make decisions with serious consideration for how human experiences differ along the axes of race, gender, sexual orientation, disability, and socioeconomic class. Because there is so much at stake, we call on leaders in the tech industry to thoroughly consider potential downstream impacts during the development process.

2. Users of technology have a responsibility to question and consider their behavior and habits online.

As citizens of the internet, we have a responsibility to question the information we consume and share online. Where the internet is a vehicle to inform and communicate, we also risk spreading misinformation, sharing too much of ourselves, and compromising our physical and mental well-being. We have a duty to ourselves and folks in our communities to question our habits while using the internet and technology, in service of doing our part to protect our well-being, autonomy, and agency.

We expect that our views will change—we will expand and revise these lists as we continue our work. And that’s a good thing. As an organization, we want to stay agile and respond continuously to the needs of our community and the rapidly evolving tech landscape, and part of that work is creating the space for our team to learn, change our views, and share what we’ve discovered.

What’s Next

We are very excited to kick off the new year by launching our campaign with IFundWomen in January. Our goal is to fundraise to get us to the next iteration of Cyber Collective, and we plan to use a portion of the funds to continue creating a body of work around our domains of expertise. This means hiring folks to conduct research and write case studies, as well as share insight about areas in which we have knowledge gaps as a team.

Specifically, we're hiring folks with different areas of expertise and experience in cyber security, policy, ethics, and big data. We strive to make our work interdisciplinary because technology is now foundational to so many aspects of human life. It is important to us that our work reflects this, so we're seeking a wide range of domain experts to contribute to our mission and collaborate with our team. We're also looking to fill seats on our academic board with folks who can provide guidance and insight for our research program.

We're also looking for tools that facilitate gathering quality information while respecting the privacy and autonomy of our research participants. As privacy advocates, we would love to hear our community's recommendations for privacy-focused research tools—feel free to reach out to our team if you have suggestions.

In all, our org will see large amounts of change in the coming year and we look forward to growing with our community. We’re setting an intention to connect more deeply and authentically with our community members, find and create ways to effectively conduct research that reflects these genuine relationships and advocate for change in industry and policy. We extend our sincere gratitude to and appreciation for our community and audience—thank you for an incredible 2020 and we look forward to an impactful 2021.

‍