Every month Matt Mitchell, a tech-security researcher in his early 40s and a former data journalist at the New York Times, walks through his neighborhood in the upper reaches of Manhattan, stopping at barber shops and bodegas, hair salons and churches to hand out dozens of fliers. “CryptoHarlem!!!” the fliers read. “Free digital surveillance clinic. Learn which free apps can keep your phone secure & private.”

As concerns about digital security grow, workshops such as Mitchell’s have become popular. "They are open to newbies and nontechies,” Mitchell says about his events. “It’s mostly regular folks who come—for one reason or another, they’re curious about information security.”

Librarians as Privacy Coaches

Workshops such as Mitchell’s are often called “crypto parties” in reference to cryptography, a field of math and computer science that underlies digital security.

The idea was launched in 2012 as a grassroots movement, and since then hundreds of crypto parties have been held worldwide, including events in at least 26 states. The clinics teach everything from how to lock down a smartphone to methods for limiting online tracking by marketers. Attendees are urged to bring their laptops and phones. “No chips, dip, awesome music, or drinks,” Mitchell says. “Just food for the mind.”

These workshops are free, and you can find a list of upcoming events online. People who can't find a crypto party in their community may be able to learn about digital security at their public library.

“Libraries do a lot of digital training, and part of learning how to use a computer is making decisions about your online privacy,” says Mike Robinson, chairman of the Intellectual Freedom Committee’s privacy group at the American Library Association. “We don’t tend to call them crypto parties,” he says, “but in essence it’s what they are.”

If your library doesn’t yet offer this sort of training, Alison Macrina, a former technology librarian in Watertown, Mass., who co-wrote a self-published guide to online privacy called “We Are All Suspects,” suggests that you ask at the reference desk. “Libraries are incredibly quantitative and data-driven. If people call or ask, librarians can better show the board of directors or administrators that there’s a big interest in it and a need for this.”

Demand tends to rise when a data breach or another perceived threat to privacy is in the news, say organizers including Macrina.

“I got started teaching privacy because I began hearing from so many patrons who were interested right after the [Edward] Snowden revelations” about surveillance programs run by the National Security Agency, she says. “There was another massive spike right after the 2016 election and a flood of requests after the FCC broadband privacy repeal.”

Today, Macrina tours the country as head of the Library Freedom Project, holding digital-privacy workshops for library staff and patrons alike. Most of those who attend are women in their mid-30s to their 60s, she says. “They may not have a sexy threat model like a whistleblower, but many of them find tracking and targeted advertising invasive and creepy,” she says. “In the West, in rural libraries, I tend to get more libertarian-minded people, and a little bit of off-the-grid types.”

There are also good resources online for learning about digital privacy. The Library Freedom Project provides links to online privacy tools. And Consumer Reports has compiled a detailed list of privacy tips—you can consider all of them, or just a few.

At Crypto Harlem

The CryptoHarlem event I attended this spring drew more than 40 people to a ground-floor meeting room of the Harlem Business Alliance on Malcolm X Boulevard in New York City. The participants ranged in age from their 20s to their 60s.

Most were first-timers, and many dropped in for just part of the evening. "People can stop by with their questions, leave when they have to,” Mitchell says. “We’re trying to move the needle on this one person at a time.”

This particular evening was themed “Black Hackers in History”—an umbrella that could include Mitchell himself. Growing up in the South Bronx, he built a computer and coded simple games, and he started hacking for fun. “I wasn’t evil about it,” he explains. Like many hackers, he’d probe for flimsy security on a website, then leave behind a note saying, in effect, "Please fix this."

Mitchell and the group spent part of the evening discussing the merits of secure messaging apps such as Wire and Signal, which protect communications as they travel across the internet.

“They’re all trying to solve different things,” Mitchell said. “Some have message-search capabilities, others offer an unlimited number of people in a group chat, and some are better at voice and video calls.”

Most of the attendees were privacy neophytes, and Mitchell was mindful to keep swinging the discussion back to the basics. He showed them a sort of privacy makeover called the 8-Day Data Detox created by Tactical Tech, a nonprofit digital-rights group. 

“Everybody likes to act like they’re born with all this tech information, you know?” he told the attendees. “Any questions you have, just ask—this is your crypto party.”

The meeting ran well past its scheduled 3 hours. Afterward, Mitchell and around a dozen stragglers headed next door to Harlem Shake, on 124th Street, for burgers, fries, and one-on-one advice. “A lot of people have personal security issues they’d rather discuss in private,” he said.

A former Army vet who drove more than an hour to come to the crypto party wanted to know about private web browsers for his mobile phone that don’t track his every move online. “Check out Orbot,” Mitchell advised him. “Or try Orfox.” He also answered questions about internet service providers and the privacy protections in various operating systems.

It was approaching midnight by the time Mitchell stepped out onto Malcolm X Boulevard. He checked his phone one last time, zipped up his sweatshirt, and headed home.