Accessibility links

Breaking News

Tangled Web

Wednesday 19 June 2024

This is a guest post by Katy Pearce, an assistant professor in the University of Washington's Department of Communication.

Governments and policy pundits frequently cite technology-penetration rates -- Internet, mobile phone, or social media -- as meaningful proxies for deeper concepts. Despite this, in fact, penetrations rates are futile.

Why should anyone care? Because inferences into what social-media- or mobile-phone- or Internet-penetration rates represent are dangerous.

When pundits or government officials mention penetration rates, it is often in support of a bigger social or political goal: "84 percent of women in Country X have a mobile phone"..."[Thus] women's empowerment through technology is possible." Or: "With 80 percent of the country using the Internet, we can say that we've achieved our economic and technological goals" or “most African-American households have Internet access, so the digital divide is over” or 1 million Facebook users means that there is freedom of expression. Given the challenges in measuring technology penetration, it is astonishing that speakers continue to make such statements.

Why is technology penetration so difficult to measure?

1. The contributing factors to technology adoption are well-known, but become embedded within discussions of penetration rates.

Technologies tend to diffuse in similar patterns, with similar factors determining early versus later adopters. In nearly all societies, the wealthier, the better educated, the more urban, and the younger adopt new technology earlier than the poorer, the less educated, the more rural, and the older do. Thus, it is unsurprising that in societies with more wealthy people or better distributed education systems, there are higher technology-penetration rates. Similarly, societies with higher proportions of younger people will have higher technology-penetration rates.

At a macro level, telecommunications systems, competition, price, and national wealth can also influence penetration rates.

Thus when comparing countries or other entities based on percentage of individuals that have adopted a technology, analyses that do not control for these differences are misrepresenting the actual technology landscape.

2. Counts are notoriously inaccurate.

Counting technology users is difficult. In lieu of a properly sampled nationally representative survey (which is not perfect either -- social desirability and response biases abound), penetration rates generally come from the International Telecommunication Union (ITU), a United Nations agency that is responsible for information and communication technologies.

Where does the ITU get this data? From "administrative data sources" -- which are "mainly telecommunication operators, and are collected by governments at the national level (ministries or regulatory authorities)." Without a doubt, some governments have reason to inflate penetration rates and there are few checks on this by the ITU. In an interview with RFE/RL's Azerbaijani Service, a representative of the Azerbaijani Telecommunications Ministry cited the ITU data as an authoritative source of Internet penetration in the country, without acknowledging that it was his own ministry that supplied that data.

Another issue with measuring penetration rates is the nature of the technologies. Mobile-phone subscriptions, for example, are notoriously inaccurate. Most count SIM card subscriptions, without acknowledging that it is incredibly common in many countries for individuals to possess multiple SIM cards -- for business purposes or to economize on voice versus data rates. Therefore when one hears that 75 percent of the world has a mobile phone, it is more accurate to say that there are 75 SIM cards (some active, some inactive) per 100 people in the world. The number of people with an active phone in their hand is much less.

With social-media platforms it is very difficult to determine the true location of a user. With choices about listing location and proxy servers that can allow a user to appear to be located in a different country than s/he is actually in, accuracy is questionable. Further, these penetration rates include all of those social-media accounts that were opened and never used again. Additionally, sites that produce social-media penetration rates (like are interesting to get a sense of over-time growth, but because these sites are for profit entities selling analytics to marketers without transparent (in the name of good science) methodologies for determining penetration rates, these too are unreliable.

3. "Ever used" is a fairly meaningless category.

Another issue with penetration rates is that they are all-inclusive. An Internet user includes not only the young woman with a smartphone, a tablet computer, and a laptop who is online for all of her waking hours, but also the older man who went to an Internet cafe once four years ago and never went back or the person who Skypes with a distant relative every few months. All of these individuals are experiencing a different Internet and benefitting from their technology use differently as well.

A more useful measure would be of Internet frequency, because daily users are different from monthly users. Even so, measuring perpetually connected people's Internet use is futile. Consider this: how many hours are you online each day? Does checking your e-mail while waiting at the dentist’s office count as five minutes of use? If your smartphone is constantly connected to the Internet are you online 24 hours a day?

4. Speed matters.

While for many Americans and Europeans, nonbroadband Internet is a distant memory, for many in the world dial-up Internet, mobile-based connectivity, or metered limitations are daily realities. Multimedia sites and videos are something that a resource-constrained user has to consider before opening. While more sites have low-bandwidth mobile versions, the Internet becomes more bandwidth-intensive all the time, which can leave resource-constrained users behind, essentially creating different Internets.

5. Activities matter.

People assume a lot about what others do with technology. The average North American may spend their day checking Facebook, reading news stories, texting, and e-mailing. This may not be the case for everyone. An Internet user concerned about resources, for example, may be more cautious in her use. A recent academic study, “'Facebook is a Luxury': An Exploratory Study of Social Media Use in Rural Kenya,” explains that there is a cost associated with every phase of signing up for and maintaining a Facebook account -- beyond the Internet cafe (and travel costs to get to the cafe) or mobile Internet fees (and fees associated with charging the phone’s battery), users felt compelled to scan their best photographs for profile pictures, then pay to upload them, and continue using the site. Certainly these users are experiencing a different Facebook than my American undergraduate students do.

It's important to acknowledge that people do different things with their technology and that these different activities are not only determined by access to resources, cultural norms, and personal characteristics, but also have different outcomes. News reading is enriching for some things, while a first-person-shooter game may not be. Watching videos of cats falling off tables has a different impact than taking an online course does. So when penetration rates are cited, it is entirely possibly that many of those users are watching pornography, playing Farmville, or reading celebrity blogs.

So what is to be done about this problem? There are a few options. One may be to stop caring about penetration rates. This is not a race. Given the numerous contributing factors to these rates, the actual percentage is essentially meaningless. Given the way that these are manipulated, deemphasizing penetration rates may be best. Another solution would be an attempt at better measurement. Surveys would be best. Nonetheless there are many things that can go wrong within a survey. Governmental control, poor capacity in some places, and difficulties in cross-cultural comparison would also need to be dealt with.

Perhaps the easiest solution is an educational campaign to train journalists, governments, and pundits to be more critical consumers of statistics. While a revitalization of the global high-school statistics curriculum is a lofty goal, promoting basic statistical literacy and specifically the issues surrounding these penetration rates, the ability for manipulation could be reduced.

-- Katy Pearce
Asher Wolf
Asher Wolf
In August, the Australian Parliament passed a new cybercrime bill that increased the powers of law enforcement to require Internet service providers to monitor and store their users’ data.

The country’s privacy advocates were up in arms. One of them was Asher Wolf (a pseudonym), a 32-year-old who had built up a following on Twitter for tweeting news about WikiLeaks and the Occupy movement and who cared deeply about online privacy. A friend of hers, @m1k3y, tweeted that in light of the new legislation, maybe now was the time to have an “install-the-crypto-apps party,” referring to the programs for computers that help protect a user’s privacy. Wolf half-jokingly agreed: “Let’s get together in the backyard with some chips,” she said, “let’s have a CryptoParty."

Less than four months later, there have been more than 30 CryptoParties held worldwide, many in the West, but also in Manila, Cairo, and on November 27, Tunisia. The concept of CryptoParty is simple: people get together to learn how to use tools to better protect their privacy.

CryptoParty doesn’t have a unified position on which tools it recommends, but Wolf says there is a focus on teaching three core technologies: Tor, which enables users to remain anonymous online; PGP (pretty good privacy), a program often used for encrypting e-mails; and Off-the-Record (OTR), a protocol that encrypts instant-messaging conversations.

"We want to make it bloody hard for governments and businesses around the world to invade the privacy of citizens. We want to teach people responsibility for keeping their information private and we want to give them the tools to do that," Wolf says.

A decentralized, leaderless movement, no one CryptoParty is the same. Wolf says that they tend to attract a diverse crowd. At the ones she’s attended there have been mothers, university students, and journalists who don’t want to expose their sources.

Cryptography, the practice of communicating securely, has always been in the hands of elites. Once it was the sole domain of governments and the military who believed that, in the wrong hands, keys, codes, and ciphers could be as lethal as weapons-grade plutonium. The growth of the cypherpunk movement in the 1990s changed all that. These activists argued that cryptography should not just be the preserve of governments but should be used by civilians to protect their privacy against the "surveillance state." Cryptography, they argued, wasn’t just for militaries and governments -- it was for everyone.

Except for a while, it wasn’t. It remained in the hands of a few devoted activists with sophisticated tech skills, many of them deeply antigovernment and with strong libertarian streaks. The cypherpunks developed the programs and the protocols, but for the average computer user many of the tools were intimidating and hard to use.

A single mom with a toddler, three years ago Wolf didn’t even own a laptop (she used a smartphone) and was using Facebook instead of the more privacy-conscious Twitter. After studying communications media and criminology at university, she worked for an NGO and does not have a computing background. “I call myself a citizen technologist,” she says, “which means I stuff around with things I don’t really understand completely yet.” After her 3-year-old goes to bed she teaches herself how to use the tools to better protect her privacy online.

Usability Vs. Security

For Wolf, CryptoParty has always been about bringing the conversation down to the level of the average user. “You have all these people turning up who are experts in the fields of cryptography and have expert skills in things like Tor and OTR and PGP and they’ve actually never tried to teach anyone to use them before," she says. "Suddenly they stand in front of a group of journalists and university students and activists and they begin talking about command lines and everyone looks at them like, ‘What the hell is this?’”

This summer, a piece of software called Cryptocat became the focus of much attention on listservs and in the tech press. (Read about it here, here, and here.) Cryptocat is an instant messaging platform that is installed in a user’s browser. Part of its initial appeal was that the user didn’t have to bother installing additional software and it was very simple to use. But critics of the software said that it was flawed and vulnerable to certain attacks.

The discussion about Cryptocat touched on a broader debate within the crypto community about the tradeoffs between, on the one hand, usability and design, and on the other, security. A simple-to-use tool that offers lousy security or a highly secure tool that can only be understood by someone with a computer-science degree are both of little use to activists. (The holy grail is the tool that offers near-perfect security and click-and-go usability.)

Against that background, for Wolf, CryptoParty isn’t just about teaching people how to better protect their privacy, it's also about creating a feedback loop between developers and users. What’s needed sometimes, she says, is to tell developers, “your app is great, but the accessibility and user features are sh*t or really difficult for the average user to understand.”

When Wolf first started promoting the idea of CryptoParty on Twitter, she says she felt resistance from some in the crypto community. She felt that people were saying to her, “Come kneel before us and lick our feet.” But instead of getting riled, she called their bluff. “If you think that our way of dealing with cryptography is flawed or teaching cryptography is flawed, then please show us how to do it better. We invite you to come along and we’ll shout you a beer,” she says. “It sorted the critics from the people who were just whiners. And very quickly you found the people who had a real commitment to cryptography.”

In its short lifespan, CryptoParty has mushroomed and more and more cities are planning CryptoParties. It has received messages of support from Electronic Frontier Foundation activists and many others in the crypto community. As veteran hacker Oxblood Ruffin said in an e-mail, “CryptoParty is Anonymous for grown ups.”

The movement faces some challenges. A 392-page CryptoParty Handbook, created by CryptoPartiers in Berlin, took some heat for its technical errors and for recommending what some experts thought were less-than-secure tools. And some within the digital-activism community believe that the CryptoParty model is more applicable for Western democracies than repressive states. (Holding CryptoParties openly would be a giant red flag to the authorities and put attendees under more government surveillance.)

One way around this, Wolf says, is to hold CryptoParties online or in closed sessions. “We certainly wouldn’t be promoting people holding CryptoParties in certain countries.” She gives the example of a CryptoParty in Egypt which was closed and not advertised.

In fact, rather than an organization, Wolf sees CryptoParty more like a meme. “We’re spreading a meme and that meme is privacy, the right to privacy.” CryptoParty is both cause and effect: it is helping move the needle in terms of greater privacy-awareness, but it is also a product of our more privacy-conscious culture. “Memes are things that we always knew, we just didn’t have a way to express it.”

Originally, Wolf says, the idea behind CryptoParty was selfish. It was about her wanting to learn how to protect herself better online. “I wasn’t thinking about Tunisia when we did this,” she says.

“I’m just doing it because when I look at pictures of LOLcats to relax at 2 a.m., I really don’t like the idea of thinking, well, everything I look at and every conversation I have with my friends in Europe, that every part of me that’s special or private gets handed to somebody in some banal bureaucracy somewhere,” she says. “I want something more for my life, for my child’s life. And this is my way of pushing back.”

Load more