What I’ve learned from nearly three months of delivering digital confidence and skills training for Helpful Technology

I can’t believe it’s nearly three months since I started working as product lead for Helpful Technology’s Digital Action Plan.

Since joining Helpful, my work has been focused on how best to give people the confidence and skills to use digital at work. This has involved delivering face-to-face training, producing engaging online resources and offering ongoing support to participants.

Here’s what I’ve learned so far about how to approach improving people’s  confidence and skills with digital. While I am talking about digital, hopefully these lessons will also be helpful for anyone trying to bring change in other areas.

1. Never make assumptions about a person’s existing skills and confidence

It’s easy to assume a participant will have broadly similar digital skills and confidence as his or her peers. However, now that I have worked with several cohorts from across different organisations and levels of seniority, I have come to realise this is not the case.

For example, I discovered that one participant had started his career as a programmer at IBM before joining the civil service and had actively made the case for embracing digital. This person’s requirements from the Digital Action were very different from someone who had little experience or confidence in using digital at work.

2. Take a holistic approach to people’s learning

Although the Digital Action Plan is focused on giving people the skills and confidence to use digital at work, I’ve found people are more motivated to complete the training when we can link it to their needs and preferences beyond the workplace.

For example, after doing some initial research I discovered that one of our participants, Jonathan Aldridge, is a published author and has blogged about his experiences as a writer. By knowing this, we were able to tailor his learning goals so that he was able to both apply his existing skills to in-work projects and develop new skills that would benefit both his employer and his creative pursuits.

While not every participant will be a published author, by taking the time to talk to participants and regularly reviewing their learning goals with them , it is nearly always possible to link digital to both work and more personal objectives.

Another participant, for example, thought she didn’t really do much with digital but after talking to her, it turns out she has blogged about shoes in her. Knowing this, we were able to encourage her to use this outside interest to create a ‘safe space’ where she could experiment with new digital channels such as Pinterest, before applying them to a work project.

3. Connect training with real-life projects

While it can be very helpful to get participants to think about how they use digital outside of work, ultimately we want people to be using digital in their everyday job roles.

For every goal, participants are asked to apply what they are learning to a project or area of their work. For example, when learning how to use the Hootsuite dashboard to conduct a social listening exercise, policy officers are asked to ‘listen in’ on what people are saying about their policy officer.

Going forward, I am exploring ways of strengthening the connections between a participant’s learning plan and their work priorities.

Earlier this week, for example, Guy Poppy, Chief Scientific Advisor to the Food Standards Agency, explained to me his ambitions to develop a collaborative open data project to improve food safety.

We are now working together to ensure Guy’s learning plan reflects this ambition, for example relating a goal on developing blogging skills to the task of persuading stakeholders to support the open data project.

4. Always be nice (but not too nice)

Finding time for learning and development can be really difficult, particularly when many of the organisations we work with at Helpful are under pressure to ‘do more with less’. This means it’s important to strike the right balance between being supportive and firm when encouraging participants to complete their Digital Actions Plans.

I have found  that putting time in early on to build relationships with participants and course patrons makes it easier to get people through the course. By doing so I have been able to identify and take action to overcome potential barriers to learning, whether that be a participant’s workload, a lack of confidence or how useful a participant perceives their learning goals to be.

Putting in this initial effort means I am able to be firm where required. For example, having worked with a participant to tailor their learning goals or extend a deadline, I am in a strong position to hold them to account, should they not be making sufficient progress.

Dismantling the Government’s Arguments in favour of the Investigatory Powers Bill

In my last post, I argued that if campaigners (including myself) are going to take on the Government over its plans for online surveillance and win, we need to dismantle the claims they are making about these powers being necessary for security and crime fighting.

Since then, I’ve done some further online research and had some interesting conversations on Twitter and at last night’s well-attended Open Rights Group Birmingham meetup. This has helped me to develop my thinking on how to frame the argument in a way that convinces politicians and the general public to sit-up and take notice of what’s at stake with the Investigatory Powers Bill.

Winning the argument over the Investigatory Powers Bill – key lines

Security risks created by the Investigatory Powers Bill

  • The new requirement for tech firms to provide  unencrypted communications to the police or security services if requested through a warrant has been widely interpreted as an attempt to weaken encryption.
  • Tim Cook, Apple’s Chief Executive, noted in a recent interview with The Telegraph : “If you halt or weaken encryption, the people that you hurt are not the folks that want to do bad things. It’s the good people. The other people know where to go.
  • As Tim Cook explains, “Any backdoor is a backdoor for everyone. Everybody wants to crack down on terrorists. Everybody wants to be secure. The question is how. Opening a backdoor can have very dire consequences.”
  • Criminals and other bad people will still be able to access widely available open source encryption tools, while regular people who are less technically sophisticated will be left more vulnerable to data thefts and identity crime, notes security researcher. Paul Bernal, Internet privacy law researcher at the University of East Anglia, notes: “Savvy criminals already use encryption and software like Tor to hide their online activities, so storing web records won’t help combat this.
  • In addition to the weakening of encryption, the bill will create more opportunities for cybercrime. Requiring ISPs to store everyone’s Internet connection records for 12 months will create huge amounts of personal data, which will be highly attractive to criminals. How much more personal data could criminals could have stolen from TalkTalk, had the new collection system been in place? Timothy Brown, Executive Director of Security with Dell Software Group noted: “this only creates larger and more attractive targets for hackers and leaks.
  • The bill proposes granting the security services broad powers to hack computer systems. Doing so will leave critical infrastructure at risk, as the same vulnerabilities used by security services will be exploited by criminals. As Tim Cook  noted: “Any backdoor is a backdoor for everyone.”

Questionable security gains from expansion of surveillance powers

Damage to the UK economy

Expense

  • Internet service providers (ISP) have called into question the cost of implementing a key element of the Investigatory Powers Bill, the mandatory collection and retention of every citizen’s Internet Connection Records.
  • The Home Office has budgeted for £175 million but this is only intended to cover the initial up-front equipments costs, not the ongoing cost of running the system.
  • Matthew Hare, Chief Executive of ISP GigaClear said “the indiscriminate collection of mass data is going to have a massive cost
  • Asked about the feasibility of implementing a system of mass data collection, James Blessing, the chair of the Internet Service Providers’ Association (ISPA),  said ISPs would find it “very feasible – with an infinite budget”.

Human rights and international reputation

Sources

Amnesty International UK, Mass Surveillance by another name, 6 November 2015 (accessed 12 November 2015)

Ars Technica UK, Snooper’s Charter: UK gov’t can demand backdoors, give prison sentences for disclosing them, 6 November 2015 (accessed 12 November 2015)

BoingBoing, UK law will allow secret backdoor orders for software, imprison you for disclosing them, 10 November 2015 (accessed 12 November 2015)

Committee on Legal Affairs and Human Rights of the Parliamentary Assembly of the Council of Europe (PACE), Mass Surveillance Report, 26 January 2015 (accessed 12 November 2015)

EDRi, European Court overturns EU mass surveillance law, 8 April 2014 (accessed 12 November 2015)

IT Pro, Snooper’s Charter puts data at risk even with encryption, 4 November 2015 (accessed 13 November 2015)

Liberty, Investigatory Powers Bill: Spoiler Alert – this is terrifying, 4 November 2015 (accessed 12 November 2015

New Scientist, UK spying rules may drive criminals to use stronger encryption, 11 November 2015 (accessed 13 November 2015)

Schneier on Security, Data Mining for Terrorists, 9 March 2006 (accessed 12 November 2015)

The Guardian, Obama must finally end NSA phone record collection, says privacy board, 29 January 2015 (accessed 12 November 2015)

The Guardian, Broadband bills will have to increase to pay for snooper’s charter, MPs are warned, 11 November 2015 (accessed 12 November 2015)

The Telegraph, Apple’s Tim Cook declares the end of the PC and hints at new medical product, 10 November 2015 (accessed 12 Nov 2015)

To stop the Investigatory Powers Bill, campaigners will need to make a strong case for targeted, not mass surveillance

On Wednesday, after months of speculation and a flurry of off-the-record ministerial briefings and some pretty cringeworthy attempts at PR by GCHQ, the UK Government finally published its surveillance bill, which has been given the more innocuous title of the Investigatory Powers Bill.

The Guardian has produced a clear summary of the main points here. You can also check out BBC News for a less opinionated assessment.

Here’s a round-up (pun intended) of reaction to the Investigatory Powers Bill and how campaigners can  build a coalition to oppose the bill, but only if they take on the Government directly on the claims it makes on security and crime prevention.

An extended itemised phone bill or another step towards mass surveillance?

Not surprisingly, the Government’s assessment of the Investigatory Powers Bil was markedly different to that of privacy activists and human rights campaigners.

While Theresa May wants us  to  “try to think of the new powers [the requirement for all companies to keep a record of every citizen’s internet history for a year] as just an extended itemised phone bill”, Amnesty International UK were warning that the bill “would effectively legalise mass surveillance, which by definition inherently fails the test of proportionality required by international human rights laws that the UK government must adhere to.”

Liberty also performed strongly, promoting its 8 point Safe and Sound plan for targeted surveillance, which they say would keep us safe while respecting our privacy.

At Open Rights Group we punched above our weight, with Executive Director Jim Killock featured television and radio news programmes, including Radio 4’s World at One (jump to 15 min, 35 secs).

Where was Labour?

More surprisingly (and particularly disappointingly for me as a Labour member), there hasn’t been much evidence of the much talked-about ‘a new kind of politics’ from the Labour Party under Jeremy Corbyn. I cringed as I read Andy Burnham’s response to May’s proposals, wishing Labour had at least chosen to express caution and reserve judgement:

“From what the Home Secretary has said today, it is clear to me that she and the Government have listened carefully to the concerns that were expressed about the draft Bill that was presented in the last Parliament … It would help the future conduct of this important public debate if the House sent out the unified message today that this is neither a snooper’s charter, nor a plan for mass surveillance.”

After Burnham’s initial comments on the bill in the House of Commons, Labour has seemingly made no effort to communicate to the public its position on the Government’s plans for new surveillance powers. In echoes of Nineteen  Eight-Four, there is no comment whatsoever on Labour’s Twitter account of the Investigatory Powers Bill. Given the serious nature of the comments  by Amnesty and Liberty, it’s disappointing Labour doesn’t feel the need to engage on the issue, at least not in public view.

Presenting a detailed operational case for targeted, not mass surveillance

As a member and activist with the Open Rights Group, you’d expect me to be suspicious of the Government’s plans for surveillance and to be instinctively sympathetic to the arguments Amnesty and Liberty have made about the risks the Investigatory Powers Bill poses to our individual rights and civil society. But I am not so naive as to believe that a majority of the public share my outlook. I voted for Ed Miliband to become Labour leader, after all.

From talking  to friends, family  and strangers about the work of the Open Rights Group, I know how easily arguments about the need for security, mixed in with frightening examples of horrible criminal activities, more often than not crush appeals to protect privacy and other human rights. If campaigners such as myself are to convince others to oppose the Government’s plans, we need to go beyond principled appeals to protect human rights.

In particular, campaigners need to show that a ‘collect it all’ approach, which puts all of us under surveillance, is not just legally and morally unacceptable, it does not actually keep us any safer.

So far the only person I’ve seen take on this argument is Peter Ludlow, former Professor of Philosophy at Northwestern University in the United States. Here’s a clip of him refuting the effectiveness of the NSA’s bulk data collection / mass surveillance approach. While Ludlow is talking about the United States, surely it is possible to do something similar here in the UK?

[youtube https://www.youtube.com/watch?v=BWjLQiTFarU]

This clip comes from the excellent documentary, Killswitch: The Battle to Control the Internet, which I highly recommend you support.

While Ludlow is a passionate speaker, it’s a shame he doesn’t back up his point of view with hard evidence, at least not on the documentary itself.

Fortunately, campaigners do have evidence which they can draw on to help them make the case for targeted and not blanket surveillance. Back in  2013, for example, The Guardian reported on a Senate hearing in the United States which suggested the NSA had been systematically overstating the effectiveness of bulk collection of metadata.

More recently, in January 2014, the United States Privacy and Civil Liberties Oversight Board (PCLOB – great acronym, by the way) ruled that that the bulk phone records collection had not stopped terrorist attacks and had “limited value” in combatting terrorism more broadly. The board also ruled the programme as illegal but, as an unnamed ministerial source said to The Sun last week, “It would be totally irresponsible of government to allow the legal system to dictate to us on matters as important as terrorism. (link goes to The Register, not The Sun)”.

While David Anderson, in his review of the UK’s existing investigatory powers, accepted the case for continued bulk data collection, he did at least say the Government would need to set out a ” detailed operational case” before any new surveillance powers could be introduced.

Given the lack of strong political opposition to the Government’s plans, coupled with the public’s valid concerns over security, it would be foolish to think at least a plausible will not be presented. If campaigners here in the UK are to successfully oppose the bill, they must take a similar approach and try, as far as possible, to present a detailed case for the kind of system Liberty presents in its Safe and Sound plan.