Spoiler: A lot!
Some personal reflections of a safeguarding and gender equality and social inclusion practitioner working on a cyber programme.
by Anna Gawn
Engaging online poses risks and benefits for us all. Some people – notably women, girls and marginalised groups – are at higher risk of cyber violence and cyberattacks just because of who they are and where in the world they are. The impacts of cyberattacks will vary hugely from person to person, but are often greater on women, girls and marginalised groups. However, the links between gender equality and social inclusion and cyber security are still relatively under explored.
Cyber security plays a central role in protecting our information, devices, and indeed our wellbeing from harm. Depending on the definition used (there SO many definitions of cyber security!), it can also help in the prevention of and response to cyber violence. The array of issues that can be considered in cyber security range from malware (malicious software), phishing attacks (deceiving someone into sharing personal information), and compromised personal or public information systems, to mal/mis/disinformation, and to abusive comments online and more harmful technology-facilitated abuse. Targeted online harassment and abuse can include cyber harassment, cyber stalking, impersonation, hacking, non-consensual sharing of intimate images, unsolicited pornography, sextortion, digitally enabled trafficking and ‘doxing’[i].
In practice, cyber security work can include Government or company cyber security policies, measures relating to network security, data security and cyber security systems, cyber awareness and digital literacy programmes, and, increasingly, work related to technology-facilitated gender-based violence and online child abuse. Whatever definitions of cybersecurity are used – the question of ‘who’ these measures are designed to protect is a critical one. Users of technology are diverse in their identities and needs, which means that gender equality and social inclusion must be central to cyber security design and delivery. Here are seven reasons why:
1. Offline and online violence is related
Abuse and violence, including cyber violence, is rooted in gender and social inequalities and power imbalances that exist offline and are mirrored online. A UK study of cyber stalking found that over half (54%) of the cases involved a first encounter in a real-world situation, whilst data from a 2014 survey shows that 77 % of women who have experienced cyber harassment have also experienced at least one form of sexual or/ and physical violence from an intimate partner[ii]. Separating cyberattacks from violence in ‘real life’ fails to see the bigger picture.
2. Women, girls and other marginalised groups are more often targets of online harms
Women and girls, especially those who face additional exclusion and discrimination due to their race, age, ethnicity, sexual orientation and identity, disability, religion and migrant status are at higher risk of cyberattacks. More than a third of women worldwide have experienced abuse online, and this figure rises to almost 50% for younger women[iii]. Women with a high public profile, for example climate activists, journalists and politicians, are often victims of cyber harassment or abuse[iv]. Also, minority groups in general are at higher risk of online harms - this includes people from ethnic minority groups, people of diverse sexualities and gender identities, children and young people, and people with disabilities[v]. On top of this, in low- and middle-income countries and countries where cyber security systems are in development, the risks may be even higher. For example, programmes may focus on expanding internet access without consideration of legislation and associated awareness of how to deal with harms that come about from this increased access. Separating cyber harms and the social framework from which cyberattacks and cyber harms derive is at best short sighted and, at worst, harmful.
3. Women and excluded groups suffer disproportionately from general cyber harms experienced by everyone
Internet shutdowns and data breaches have both been found to have significant impacts on women and marginalised groups. In many settings where women are using the internet their access to the internet provides them with crucial services, information, or economic opportunities. Due to a relative dependence on the internet in some settings, cyber incidents that reduce or interrupt access can have disparate implications on women and excluded groups. Similarly, a data breach or general release of personally identifiable information, can have disproportional impacts on women and marginalised groups because of underlying inequality and discrimination. For example, in 2017 WikiLeaks released the private information of millions of Turkish citizens[vi], enabling stalkers, ex-partners and others to access women’s sensitive personal data. This also contributed to incidents of offline violence.
4. The threat of cyberattacks and data protection concerns is putting off many women and girls from going online at all
Across low- and middle-income countries, 300 million fewer women than men use mobile internet[vii]. This disparity in online access is partly due to women’s concerns over privacy and security[viii]. A negative cycle is being replicated in various settings:
(1) women and girls spend less time in digital settings than their male peers (due to social perceptions and/or lack of opportunity, acceptance, security and other reasons).
(2) With less time online, women and girls are less digitally literate, which makes them more vulnerable to online risks than men and boys.
(3) Women and girls are less confident in their ability to respond to threats or harms in digital settings, and as a result,
(4) they feel less safe in digital settings, so spend less time in digital settings (and we circle back to number 1).
5. Gender and social inequalities may be replicated in cyber security programmes
Those who work in cyber security are governed by their own social norms, which are often mirrored in cyber security policy, infrastructure, software, data sets, scanning tools and artificial intelligence[ix]. In some instances, online crimes against women are not (yet) conceptualised in cybercrime frameworks[x]. In general, policy and procedures relating to National Security, the Women, Peace and Security agenda, Organisational Security and other related areas recognise (to varying degrees) differences in the capabilities, needs, and priorities across genders. Cyber security should be no different: we know that people have distinct experiences, take different decisions, and face diverse risks online (and offline), so policies should reflect this.
6. Ignoring gender equality and social inclusion can diminish cyber security objectives
People access and use digital technologies in different ways. It seems only natural therefore that understanding different capabilities, needs, and priorities will be crucial for effective cyber security design. Without this, cyber security investments and efforts to increase cyber resilience can be undermined and, ultimately, women, girls and marginalised groups will not be adequately protected (leading to a range of individual and social implications, including economic, physical and emotional harm).
7. Gender-inclusive approaches to technology transform embedded inequalities in a positive way
Examples of women taking and adapting technology in their own way and for their own purposes are impressive and growing. Examples of women using the internet to boost trade, be more creative and create community support groups are growing[xi]. Good cyber security that facilitates safe, equal and inclusive online access can help promote and encourage such initiatives.
The cyber security field is moving quickly and the focus is on getting the basics right. Considering gender equality and social inclusion as “one of the basics” of cyber security is essential for delivering effective and robust cyber security programming. Learning to balance the fast pace of the cyber security world with the slow shifting societal structures that drive gender inequality and social exclusion will be a vital challenge.
Look out for a follow up blog on how to integrate gender equality and social inclusion into cyber security programmes!
[i] EIGE, Gender equality and youth: opportunities and risks of digitalisation, (2019), Available at: https://eige.europa.eu/publications/gender-equality-and-youth-opportunities-and-risks-digitalisation and Dr Becky Faith and Dr Erika Fraser, What Works to Prevent Cyber Violence against Women and Girls?, (2018), Available at: https://opendocs.ids.ac.uk/opendocs/bitstream/handle/20.500.12413/14764/vawg-helpdesk-report-212-what-works-cybervawg.pdf?sequence=1&isAllowed=y
[ii] EIGE, Gender equality and youth: opportunities and risks of digitalisation, (2019), Available at: https://eige.europa.eu/publications/gender-equality-and-youth-opportunities-and-risks-digitalisation
[iii] WePROTECT Global Alliance and Economist Impact (2021) Estimates of childhood exposure to online sexual harms and their risk factors - WeProtect Global Alliance
[iv] Sukaina Al-Nasrawi, Combating Cyber Violence Against Women and Girls: An Overview of the Legislative and Policy Reforms in the Arab Region, (2021), Available at: https://www.emerald.com/insight/content/doi/10.1108/978-1-83982-848-520211037/full/html
[v] Dr Erika Fraser and Laura Martineau-Searle, Nature and Prevalence of Cyber Violence against Women and Girls, (2018), Available at: https://assets.publishing.service.gov.uk/media/5c597613ed915d045f3778a2/VAWG_Helpdesk_Report_211_CyberVAWG.pdf and Adriane van der Wilk, Protecting Women and Girls from Violence in the Digital Age: The relevance of the Istanbul Convention and the Budapest Convention on Cybercrime in addressing online and technology-facilitated violence against women, (2021), Available at: https://rm.coe.int/the-relevance-of-the-ic-and-the-budapest-convention-on-cybercrime-in-a/1680a5eba3
[vi] Zeynep Tufekci, WikiLeaks Put Women in Turkey in Danger, for No Reason (UPDATE), (2016), Available at: https://www.huffpost.com/entry/wikileaks-erdogan-emails_b_11158792
[viii] UN Broadband Commission, Cyber Violence Against Women and Girls: A World-Wide Wake-Up Call, (2015), Available at: https://en.unesco.org/sites/default/files/genderreport2015final.pdf
[x] Adriane van der Wilk, Protecting Women and Girls from Violence in the Digital Age: The relevance of the Istanbul Convention and the Budapest Convention on Cybercrime in addressing online and technology-facilitated violence against women, (2021), Available at: https://rm.coe.int/the-relevance-of-the-ic-and-the-budapest-convention-on-cybercrime-in-a/1680a5eba3
[xi] Building communities of women digital entrepreneurs | UNCTAD and Meta Apps: Meta sees strong trend in women entrepreneurs using its apps in India - The Economic Times (indiatimes.com) and Bridging digital gender gap empowers women micro-entrepreneurs | Inquirer News