Today’s datafied societies are characterised by processes of dataficationthat render “into data many aspects of the world that have never been quantified before” (Cukier and Mayer-Schoenberger, 2013: 29). Critical data studies have been deconstructing datafication and point to the problems and challenges posed by datafied societies, such as risks to privacy (e.g. Kitchin & Lauriault, 2014; Iliadis & Russo, 2016). Concepts like dataveillance (van Dijck, 2014) and surveillance capitalism (Zuboff, 2019) are two of many concepts that can be used to define datafication’s central challenges.

Research on civic tech (e.g. Gordon and Lopez, 2019; Saldivar et al. 2018; May and Ross 2018) and data activism (Gutierrez, 2018; Milan and van der Velden, 2016; Milan and Gutierrez, 2015) demonstrates the ways in which different actors reflect on and face the challenges of datafication and how they aim at empowering citizens to take informed decisions about their data. Data literacy (e.g. Mandinach and Gummar, 2013) becomes a crucial competence citizens require to face the challenges of datafied societies.

Competences in relation to media have been discussed in different fields of academia under the umbrella term of “media literacy” for a long time (e.g. Aufderheide, 1993; Kubey, 1997). Data literacy is a more recent term used to capture the abilities and necessities required to address datafication and dealing with the pitfalls of sharing and protecting one’s data. Discussing different concepts of literacy, I characterise data literacy in this chapter through four different criteria: (1) citizens possess knowledge of datafication, the ambivalences and challenges they are forced to confront, (2) people have access to their personal data, and (3) they have the skills which are required to engage with data’s specific materiality.

I developed my understanding of data literacy through an empirical study of CryptoParties.Footnote 1 CryptoParties are events where people meet to pass on their knowledge about or learn about critical data practices which allow secure online communication, e.g. encrypting online communication, internet browsers, or hard drives. While some people offer support in realising these processes, others attend with their devices to learn how to encrypt their data. CryptoParties are organised by different people in different locations; they are a global phenomenon.

In a qualitative study, I analysed the events of CryptoParties according to the following questions: What does a CryptoParty look like? Who is organising and attending these events? What do people do at CryptoParties? What are the aims of the organisers, people offering help and those seeking support? As case studies, two CryptoParties in Germany were analysed: one event was organised at a well-known hackerspace in Berlin, Germany, and the second at the University of Bremen, Germany, organised by students in cooperation with the German non-governmental organisation DigitalCourage. During these events, observations were carried out as were interviews with organisers, people offering help, and people seeking support. The results of this study are interpreted through the lens of data literacy, discussing CryptoParties as an example of how civil society initiatives support citizens in developing data literacy.Footnote 2 A critical perspective has been applied that acknowledges the constraints and ambivalences between the practices that take place at these events and the ambitions of the actors.

In its discussion of CryptoParties, this chapter contributes to the fields of critical data studies and data literacy, in exploring the ways in which civil society initiatives outside institutionalised settings reflect critically on datafication and privacy risks and how they support the development of data literacy—which is considered an essential competence for citizens in a datafied society.

The chapter is structured as follows: first, I briefly sketch an interdisciplinary research field dealing with literacy in relation to media and data. I will then describe CryptoParties and my methodology. On the basis of this theoretical debate and my methodological reflections, I will present the findings of my study. Finally, I will show how this study contributes to critical data studies in general and studies on data literacy in particular.

From Media Literacy to Data Literacy

Questions of literacy in relation to media have been discussed for a long time across different disciplines (e.g. Aufderheide, 1993; Potter, 1998; Kubey, 1997). The definition of media literacy mainly focused on people’s skills, defining media literacy as “the ability to access, analyse, evaluate and create messages across a variety of contexts” (Livingstone, 2004: 3). A media literate person was perceived as someone who “can decode, evaluate, analyse and produce both print and electronic media” (Aufderheide, 1993: 1).

While media literacy has been of significant importance in the era of mediatisation (Hjarvard, 2008; Hepp, 2013; Lundby, 2014), which was characterised by media’s increasing ubiquity and saturation into our everyday lives (Krotz, 2007), processes of digitisation made research to reconfigure the understanding of media literacy (Tyner, 1998; Gurak, 2001; Kellner, 2002). This process has led Livingstone (2004: 8) to argue that “as people engage with a diversity of ICTs, we must consider the possibility of literacies in the plural, defined through their relations with different media rather than defined independently of them”.

While computers and then the internet gained an importance in all societies around the world, terms like “computer literacy” (e.g. Horton, 1983; critically Goodson and Mangan, 1996), “internet literacy” (e.g. Livingstone 2008), “cyber literacy” (Gurak, 2001), or “digital literacy” (Gilster, 1997; Lankshear and Knobel, 2008; Bawden, 2008) have been conceptualised. In an age of datafication, characterised by processes that render “into data many aspects of the world that have never been quantified before” (Cukier and Mayer-Schoenberger, 2013: 29; see above), the concept of “data literacy” altered the discourse on media. Mandinach and Gummar (2013, 30) define data literacy “as the ability to understand and use data effectively to inform decisions”. While this definition again focuses on people’s skills, Livingstone argues that alongside a skills-based approach which comprises access, analysis, evaluation, and content creation, we also need to acknowledge the “textuality and technology that mediates communication” (Livingstone, 2004: 8) when conceptualizing media literacy. A similar assumption also has to be acknowledged in the concept of data literacy as we need to consider data and digital media’s materiality and the ways in which users interact with this materiality. In bringing together these concepts, I characterise the concept of data literacy through four criteria: (1) citizens possess knowledge of datafication, the ambivalences and challenges they are forced to confront, (2) people have access to their personal data, and (3) they have the skills which are required to engage with data’s specific materiality. Similar to Livingstone’s comments on media literacy (see above), it is also important to stress that there is not one singular data literacy, but data literacies (Fotopoulou, 2020, 1).

Discussing the event format of CryptoParties, this chapter contributes to the research field of data literacy, showing how civil society initiatives (try to) empower citizens to take informed decisions about their data in online communication. It also adds to the broader research field of critical data studies in pointing out the challenges posed by a datafied society from the perspective of civil society actors, demonstrating how they address perceived challenges and their attempts to shape datafication by focussing on the citizens’ competences and promoting critical data practices and the development of data literacy.

Case Studies and Methods

Before discussing CryptoParties from a data literacy perspective, the study presented in this chapter will be described in more detail. The case studies used are described as well as the methods used to analyse these cases (see also Kannengießer, 2019). As mentioned in the introduction, CryptoParties are events in which people meet to pass on their knowledge or to learn about critical data practics that allow secure online data practices such as encrypting online communication, the use of the internet, or hard drives. While some people offer help in realising these practices, others attend with their devices to learn how to encrypt their data. CryptoParties are organised by different people in different locations. Asher Wolf stakes a claim as being the “founder” of the CryptoParty phenomenon after organising an event in Melbourne in 2012 (Wolf, 2012). CryptoParties are a global phenomenon—being organised on all continents, in different cultures and national contexts (for the wide range of locations, see Many CryptoParty organisers register on the online platform to advertise their events. The administrators of the platform support the organisation of CryptoParties with the aim of building a CryptoParty movement.

For the qualitative study presented in this chapter, two CryptoParties have been analysed as case studies to gain a “rich picture” (Thomas, 2016: 23). Although these cases do not afford a comparison of CryptoParties according to national or cultural differences, they allow for an in-depth analysis that differ in their settings and the backgrounds of the organisers: one of the CryptoParties took place in the hackerspace c-base in the centre of Berlin, Germany.Footnote 3 The second one took place at the University of Bremen, Germany, and was organised by students in collaboration with the local non-governmental organisation DigitalCourageFootnote 4 based in Bielefeld, a city in the Northwest of Germany. DigitalCourage lobbies for secure online communication and organises data literacy projects. In what follows, I will provide some background information about the events, which are necessary for a full understanding of my results.

The hacker organisation c-base, that hosted the CryptoParty I visited in Berlin, was founded in 1995 as a non-profit organisation focusing on education in hardware, software, and network technology (c-base, n.d.). Members of c-base invited the organisers of the CryptoParty to set up these events in their hackerspace. Before the Corona pandemic, the CryptoParty took place one evening a month at c-base’s location and was hosted by two people (male and female in their early 30s and 40s) who were not members of c-base but still affiliated to the local hacker scene. Members of c-base tell a story about their hackerspace: the hackerspace is designed using elements of a space-shuttle to represent a narrative in which this space-shuttle crashed and went back in time. Coming from the future, the hackers pretend to work on technological solutions in the present that will make the current society “fit” for the future—which they pretend to already have knowledge of since they have come back from the future—(c-base, n.d.). Being designed as a space-shuttle, the interior of the location is silver and black, the light is bluish, puppets representing “aliens” are exhibited in glass cabinets, miniature space-shuttles are hanging from the wall, and computer monitors are fixed under the ceiling. In the basement, there are workshops where members of the organisation can develop their “technological solutions for the future” (c-base, n.d.), meaning that everybody works on whatever technological project they are interested in.

The CryptoParty took place on the ground floor of the building, which also includes a bar. For the CryptoParty event, there were two bigger tables and some smaller ones arranged in the room, and a screen for the presentation which was the introduction into the CryptoParty and that was given by one of the organizers. Some people entering the room were welcomed by the organisers, while others just found a chair and waited until the event started. The party then began with the short presentation already mentioned in which one of the organisers pointing to the problems of data generation and surveillance, and the CryptoParty’s efforts to act on datafication (see below).

After this presentation, the organisers of the event formed groups—asking “experts” on different critical data practices (e.g. email encryption, Linux, or on discussing and explaining how the internet works) to sit on separate tables, and people wanting to learn one of these practices to sit down at the tables that interested them the most. During the event, some people moved from table to table to switch between the different practices. There was no real end to each session but people left whenever their problems were solved. The CryptoParty finished at 01:00, when the organisers started cleaning the room.

The CryptoParty in Bremen was the first one organised by this group and did not advertise the event on Nevertheless, people organising the event referred to the online platform and the general movement during the event. This CryptoParty was organised by students in collaboration with the non-governmental organisation DigitalCourage and took place in a student-run café called “Souterrain” at the University of Bremen one evening in January 2019. This was the first event they had organised although some of them had already participated at other CryptoParties in the role of advisers.

The event started at 6 p.m. and finished at 21:00. Similar to the event in Berlin, the organisers gave an introduction to explain the concept of CryptoParties and the critical data practices that would be taught during that evening. After that introduction, the seventeen participants formed groups (consisting of “teachers” and “students”) to deal with these different encryption practices. The interior of the “Souterrain” consists of old sofas and some tables and there is a bar where drinks are served which are paid for by donation. On the walls, there are many posters advertising left-wing political events. After a while, some participants switched among the groups and at 9.30 p.m. the CryptoParty closed with one of the organisers thanking everybody for attending. Many people stayed to chat.

To analyse these events, I used a focused ethnographic approach (Knoblauch, 2001), which allows the researcher to examine a particular part of culture—for this study this is the CryptoParties. As participatory observations are central to ethnographic studies (Ayaß, 2016: 337), I conducted participatory observations at the two CryptoParties mentioned above in November 2018 and January 2019, taking part as a participant seeking help but at the same time making transparent that I was participating for the purpose of academic research and that I would conduct several interviews.

During these two events, I conducted eight qualitative semi-structured interviews (Hopf, 2004) with organisers, people offering help, and those wanting to learn different encryption practices. The latter were laypersons that I define as those not being professionals in the fields of digital media technologies and datafication. The interview partners differed not only in their roles at these evenets but also in age and gender as well as educational background. But, as the observations and interviews revealed, most of the organisers and participants were male. While at the event in Berlin, people from different age groups participated, it was mainly people in their twenties and thirties participating in the event in Bremen—which was most likely because the event took place at the student café at the university. As the organisers, as well as people helping and seeking help at the CryptoParties I visited were very sensitive about privacy and anonymity, some interviews could only be recorded in a separate room and were transcribed afterwards, while others I needed to be protocolled during the interview as I was not granted permission to record them.

As the organisers of the CryptoParty in Berlin have registered on the online platform, and the organisers in Bremen referred to this platform several times and perceive themselves as part of this movement, I also conducted a virtual ethnography (Hine, 2000) of the online platform, focusing particularly on the promotional content for the events at c-base.

All research data (protocols for the observation, interview transcripts and protocols, and the protocols of the virtual ethnography) were analysed using a Grounded Theory approach (Corbin and Strauss, 2008) by developing a list of categories across all data to compare the two different initiatives. Through this open coding process, different categories were developed out of the data, grasping the actors who are involved in the CryptoParties, the roles they take, and their aims, as well as the practices that are conducted at these events. Below, I present the results of the study according to these different categories, acknowledging that the categories are interconnected, as the roles and aims of the actors shape the practices that they conduct. Presenting the results according to these categories, CryptoParties are discussed through the theoretical lens of data literacy and finally contextualised to apply to the broader field of critical data studies.

Supporting Data Literacy at CryptoParties

Discussing the CryptoParty events through the theoretical lens of data literacy—a concept that stresses the importance of people having knowledge about datafication, the ability of people to access their data, to have skills to deal with data and to engage with the materiality of data (see above)—data literacy appears to be fundamentally central to CryptoParties.

One of the main goals of CryptoParties is to share knowledge: people participate to help others encrypt their data; others are often keen to learn how to manage these processes themselves.Footnote 5 The organisers of CryptoParties distinguish between different roles, “teachers” and “students”, which the participants of these events adopt (c-base, 2018b). “Teachers” are also referred to as “CryptoParty angels” as one of the organisers of the event in Berlin explains—adapting the term from the ChaosComputerClub.Footnote 6

Participants take on different roles: while some people offer support in “encrypted communication, preventing being tracked while browsing the web, and general security advice regarding computers and smartphones” (c-base, 2018a), others bring their devices to learn about different encryption practices. Many volunteers help in dealing with concrete encryption practices, others explain the background of these actions.

The organisers and helpers at both events examined in the ethnographic study stressed while being interviewed that it is the exchange of knowledge that is their principal aim through the provision of a space to do so. They refer to knowledge as information about datafication and online risks to privacy, as well as knowledge about different encryption practices that they want participants to develop in pursuing different encryption practices themselves. I define these encryption practices as critical data practices in which users of digital media technologies critically reflect on datafication and try to protect their data in online communication processes by encrpyting.

To share knowledge about datafication and privacy risks, the organisers give short presentations at the beginning of each CryptoParty: the organiser in Berlin started by problematising a Facebook advertisement in which the company states that the user’s data is safe by presenting pictures of users asking questions about data security. Showing a picture of one of these advertisements, the organiser compared the advertisement with a picture of a milk bottle on which a cow is presented standing on a green lawn with some flowers in front of it. Her argument was that the Facebook advertisement is as much a lie as the milk advertisement pretending that the cow giving the bottled milk had a good life. She continued problematising different aspects of datafication—criticising companies that collect data of their users, selling those data and not being transparent about those processes. After her ten-minute presentation she asked who would like to serve as “teachers” during the event and which encryption practices could be dealt with. Some of the people volunteered to encrypt emails, use Linux, encrypt hard drives, and explain the workings of the internet. The introduction at the CryptoParty in Bremen was much shorter: two of the organisers were explaining the concept of the format and the different encryption practices which could be learned at the event. At both parties, people formed groups after the introduction—each group working on one of the encryption practices—either encrypting emails or hard drives, safe browsing, Linux (in Berlin) and safe mobile phone use (in Bremen). During the events, people sit at tables in small groups working on these different issues.

In addition to learning concrete encryption practices, broad information on datafication was shared within groups: one woman offered to “explain the internet”, as she states, at the Berlin event. She brought approximately twenty cards on which different icons were presented symbolising, for example, computers, routers, companies, and firewalls. People participating in this group were asked to put these cards on the table in order of the extent to which they felt they were connected to them, thereby explaining the processes of online communication. While combining these cards, people described the reasons for the order that they chose and the woman facilitating this group asked questions to provoke explanations, while also answering questions from participants. She made very sure to underline the fact that she was very new in this field, having only participated in one CryptoParty. Her first experience at a similar event motivated her to volunteer for future CryptoParties to share the knowledge she gained. In stressing that she is new to this, the woman invites the participants to share their knowledge and thereby enriches her knowledge as a “teacher”. The discussion shows that there are experts as well as non-experts in this field and that people learn from one another by sharing their knowledge.

This moderator’s actions correspond with the claim of the organisers, who state, “A successful CryptoParty is a CryptoParty where each person learned and taught at least one new thing” (c-base, 2018b). This claim is fulfilled when the group discusses the way the infrastructure of the internet is designed. Yet, in regard to actual encrypting practices, this claim must be viewed critically, as the observations at both the events and during the interviews showed that firm hierarchies persist between “teachers” and “students” (see below).

Still, the organisers invite “newcomers, beginners and the curious” (c-base, 2018b), in particular, and stress that “[a]bsolutely no prior knowledge is required and all questions are beautiful!” (c-base, 2018b). This is also something that the organisers of the event in Bremen underline. They try to destroy any assumptions that CryptoParties are only for technophiles or experts on datafication. This is what the organisers of the CryptoParties repeat during the event—inviting anyone to pose questions. They acknowledge that there are people who hesitate to engage with their digital media technologies, who are not data literate or possess only little knowledge about datafication and different encryption practices:

The main objective is to tear down the mental walls which prohibit people from even thinking about these topics or picking them up as they occur throughout their lives. […] Sadly, many people don’t consider themselves able to process them and don’t even start. That’s what we want to change. Take away the fear of cryptic and technical things (two properties inherent to cryptographic tools) so they can continue educating themselves and others” (c-base, 2018b)

CryptoParties aim to support non-experts in becoming data literate. They try to do so though the sharing of knowledge about the problems of datafication and critical data practices which allow encryption. They aiming at equipping the “students” participating in the CryptoParties with the appropriate knowledge required to access and protect their data on their digital media devices (smartphones, tablets, and laptops—depending on what the people bring to the CryptoParties). It is in this way that participants engage with the materiality of their digital media technologies and their data. These four characteristics: knowledge, access, skills, and materiality are the central components of data literacy as defined above, showing that non-experts are supported to develop data literacy at events such as CryptoParties.

Trying to support non-experts develop their data literacy, CryptoParties claim to be open and inclusive. CryptoParties are organised by people from different backgrounds in different locations. They are organised by hacker organisations, adult education centres, people working in libraries (as described in Belveze, 2017), students, and others. People organising CryptoParties claim to host open and inclusive events: “CryptoParty is a free and open format” (c-base, 2018a). Organisers claim that everybody is welcome to the events: “We, the organisers and participants of CryptoParties, pledge our dedication to making our events open and welcoming to everyone who shares our guiding principles: Being excellent to each other, and doing things. […] We would like people to be able to teach and learn from each other regardless of background or level of expertise” (c-base, 2018b).

Moreover, CryptoParties aim at allowing inclusion, meaning that disabled people should also be able to participate in the events (c-base, 2018b). To realise an open and inclusive setting, CryptoParty organisers have developed a “code of conduct” (c-base, 2018b) which provides the guidelines for openness and inclusiveness. The “code of conduct” could be found on the tables at the Berlin event. To guarantee an open and inclusive event, it is argued that “[p]eople who act in discriminatory or otherwise excluding ways […] and who are not able or willing to change their behaviour, may be excluded to preserve a welcoming atmosphere for everybody else” (c-base, 2018b).

The observations revealed, however, that levels of inclusion are variable depending on the setting of the CryptoParty and the background of its organisers. It is the openness and inclusiveness, which is at the same time one of the major aims of the CryptoParties while at the same time being once their major challenges. As one of the organisers of the Berlin event stresses, it is diversity, which is one of the major problems for CryptoParties. She explained that it is very difficult to bring in more of a diverse group, particularly those who do not have much technical experience. She found that the core audience for the events were predominantly university educated men.

During my participatory observation at the event in Berlin, I perceived that nearly all of the participants had specific questions regarding encryption, which suggests they were attending with some degree of previous technical knowledge. This does not only mean that people participating are already sensitive about questions of online privacy and surveillance but also that they are technophiles in that they were already quite engaged with their technologies before the event.

Moreover, regarding hierarchy, only men (with one exception) took on the role of “teacher” at both events; only one woman took on the role of “teacher” at both events, and only few women participated as “students”. The one exception in Berlin was the woman who was not teaching concrete encryption practices but instead organised a discussion using cards to explain the infrastructure of the internet (see above). Interestingly, although in the position of the “teacher” or “expert”, she several times stressed that she was “new to this”, that she was not an expert, something none of the male “teachers” stated.

The gender gap was perpetuated by the setting of the CryptoParty in Berlin at the c-base hackerspace (see Kannengießer, 2020 for a discussion on gender at CryptoParties). While the party itself took place on the ground floor, participants could take part in a “tour for aliens” visiting the basement of the hackerspace. This tour revealed an insight into the hackerspace. Hackers taking part at this event repeatedly constructed the binary between insiders—the members of the hacker organisation and outsiders—people visiting the hackerspace and the CryptoParty. It is this binary which perpetuates the hierarchy of hackers and non-hackers, “teachers” and “students” and “male” and “female” during the CryptoParty as nearly all of the members of the hacker organisation (with one exception) who were there that evening were male.

The organisers are aware of these produced hierarchies: “While we acknowledge the implicit and practical hierarchies and power-relations within the CryptoParty community, extra effort may be put into resolving them” (c-base, 2018b). Nevertheless, these hierarchies have not been deconstructed. It is the location chosen, the hackerspace, which attracts people from a special, technophile scene and implies inhibitions for others. The setting of the CryptoParty regulates the target group—those CryptoParties taking place in libraries or adult education centres attract other people than those taking place in hackerspaces. In this way the potential to learn data literacy is regulated by the events.

At the Bremen event, it was mostly students who participated, mainly because of the location—the university. Only two “teachers” were not students but part of the local DigitalCourage organisation.

The target groups are not only a direct consequence of the venue choice but are also a consequence of the ways in which organisers promote the CryptoParties. One of the organisers of the Berlin event explains that they advertise using posters or flyers although the best public relations for her is still word-of-mouth, which means for the Berlin event that most participants were associated with the hackerspace. Looking at the public relations the organisers of the CryptoParty in Berlin conduct, one of the constraints to the aims and practices of the CryptoParties can be found. As one of the organisers of the Berlin event explains, they also use Twitter for advertising the event, admitting in the interview that “Twitter is also evil”, but that they still use it to reach out to more people.

Nevertheless, there are some people involved in CryptoParties who switch roles from “teachers” to “students” thereby disrupting the hierarchies. Several people organising CryptoParties or acting as “teachers” had been previous participants and their positive experiences within the first CryptoParties they attended encouraged them to get more involved as organisers and helpers. Organisers and “teachers” offer “train the trainers” seminars between CryptoParty events. During these training sessions people are taught how to explain basic knowledge on the internet and rudimentary approaches to software and hardware encryption.

CryptoParties are spaces where support is provided to participants so that they may develop their data literacy. The aim is not to encrypt for other people but to teach people to encrypt their data themselves: “Even when there are weird problems with a computer, take your time to dictate and explain even complicated procedures and commands. The student will learn more, and if consequent problems arise from these actions maybe even weeks after the CryptoParty, the person who owns the computer might remember what was done, and what might be a source of a problem” (c-base, 2018b). To make people engage with their media technologies, the organisers of both events stress that participants’ keyboards are “lava” and therefore nobody is allowed to touch somebody else’s device: “Other people’s keyboards are lava. Don’t touch anyone’s keyboard, but your own” (c-base, 2018b).

Because of these goals and the observed practices during the events, CryptoParties can be described as events in which organisers and helpers aim at empowering people to become data literate; non-experts should become empowered in their use of digital media technologies and their knowledge of datafication. In this context, empowerment can be defined as “knowing more about technology and making more informed choices around technology as a result” (Rosner & Ames, 2014: 326). This definition of empowerment plays to the definition of data literacy cited above, understanding data literacy “as the ability to understand and use data effectively to inform decisions” (Mandinach & Gummar, 2013: 30).

The aim of empowerment is part of the organisers’ self-understanding as one of the Berlin organisers puts it: “I give people the possibility to get back a piece of their privacy during this one evening”. She thinks that she changes the lives of a small number of people at every CryptoParty that she organises: this is her motivation for organising these events. Throughout the interview and while observing her during the event, it became clear that this feeling of being able to change something in people’s lives, of knowing more than others and passing on that knowledge is what drives her. This self-efficacy is one of the key motivations for people organising these events or serving as “teachers”, as other interviews reveal.

The feeling of empowerment through sharing and gaining knowledge is also stressed on the CryptoParty network’s online platform: “People come together and learn from one another how to protect their privacy online in times of pervasive commercial tracking and state surveillance. […] After a few hours everybody has learned something and leaves with new ideas and a sense of empowerment” (c-base, 2018a).

This empowerment aims at what is defined above as data literacy—the possibility of gaining knowledge about datafication, people’s ability to access their data, to gain the skills (here different encryption skills), to deal with data, and to engage with data’s materiality as they engage with the materiality of the media technologies they bring to these events. Non-experts gain (critical) knowledge about datafication, for example, about privacy risks, at the events and learn how to encrypt their digital media technologies and online communication. This knowledge should enable them to take informed decisions (encrypting or even not encrypting) and become data literate people who “can decode, evaluate, analyse and produce […] media” (Aufderheide, 1993: 1)—in this case digital media.

Still, the process of becoming data literate is gradual, it depends not only on the knowledge people possess on datafication and privacy risks but also on the knowledge about encryption practices and the abilities to engage with digital media technologies and encrypt those. Moreover, across the encryption practices that take place at the CryptoParties, it becomes apparent that there is not onedata literacy, but manydata literacies (Fotopoulou, 2020, 1), and that different people focus on different competencies.


Today’s datafied societies are characterised by the phenomena of dataveillance (van Dijck, 2014) and surveillance capitalism (Zuboff, 2019), exploiting users of online media in respect to their data while implying complex privacy risks. Data literacy characterised in this chapter became, therefore, a crucial competence for citizens wanting to make informed decisions about (sharing or protecting) their data.

In this chapter, CryptoParties have been discussed as examples of how civil society initiatives reflect on the challenges of datafication and (try to) support non-experts in developing their data literacy, that is, gaining knowledge about privacy risks and aspects of surveillance through presentations and informal discussions, having access to their data and engaging with the materiality of data and digital media technologies while learning the skills required for different critical data practices, mainly encryption practices, so that they might be able to protect their data.

Although the actors aim at “data justice” (Dencik et al., 2019) through supporting people in developing their data literacy, the results of the study also showed that the events are not necessarily free of power relations and hierarchies (e.g. in regard to gender). Nevertheless, CryptoParties are efforts to support people who want to improve their data literacy in informal settings. The slogan “Party like it’s December 31, 1983” ( stresses this informal setting and the fun aspect of the learning process (although not all CryptoParties necessarily happen in a party atmosphere). The date in the slogan refers to Orwell’s (1992 [1949]) “Nineteen Eighty-Four” implying the desire for a society free of surveillance. It is in this way that data literacy performs the premise of a novel utopia.

This chapter aims to make a contribution to the field of data literacy in showing how data literacy is developed and supported in informal learning environments. It became apparent that being knowledgeable of and gaining knowledge on datafication and its challenges is as crucial as possessing and learning the skills needed to face these challenges. The skills are different critical data practices, mainly encryption practices, in this context.

Analysing civil society initiatives such as CryptoParties provides revealing insights into how different actors critically reflect on the challenges of datafication and how they try to shape it. Through a reconstruction of the participants’ perspective, we not only learn about the challenges of datafication, we can also (critically) reflect on solutions that are developed in pursuit of a more “data just” society. Critical data studies has a responsibility to addressing both: the risks and challenges posed by dataficationand the ambitions and practices developed to deal with them.