Mazurek Part of Award-Winning Team Studying the Digital Safety of Sex Workers
An estimated 42 million sex workers drive more than $180 billion in business annually worldwide. They often rely on the internet to do their job, but keeping their private and professional identities separate online is a critical safety challenge.
Sex workers—and other vulnerable groups such as trans people and intimate partner abuse survivors—face higher rates of stalking, harassment, and assault. Yet little research has been conducted on how to improve digital security tools with these users in mind.
A multi-institutional team of digital security analysts recently published a paper examining how sex workers, who tend to have especially salient security and privacy risks, conceptualize and manage their digital safety.
Their study—“‘It’s stressful having all these phones’: Investigating Sex Workers’ Safety Goals, Risks, and Practices Online”—recently won a Distinguished Paper Award at the 2021 USENIX Security Symposium. The paper was co-authored by Michelle Mazurek, an associate professor of computer science and director of the Maryland Cybersecurity Center.
“Reaching this population required hard work, creativity and a deep commitment to establishing trust,” says Mazurek, who also has an appointment in the University of Maryland Institute for Advanced Computer Studies. “Many sex workers, quite understandably, are leery of researchers or interview requests. Our team worked hard to assuage their concerns and respect their privacy.”
Mazurek collaborated on the project with researchers from Clemson University and the University of Michigan, as well as former MC2 researcher Elissa Redmiles, who graduated from the University of Maryland with her Ph.D. in computer science in 2019.
Redmiles specializes in building scalable, online platforms to run highly controlled behavioral economics experiments to properly simulate the risk and cost tradeoffs that users make in security situations. Yet little can proxy for true risk, she explains, particularly for the blur between online and offline risks that face vulnerable populations like sex workers.
As the basis for the award-winning paper, Redmiles designed and conducted the study as a visiting researcher at the University of Zurich in Switzerland, and at the Max Planck Institute for Software Systems in Saarbrücken, Germany—where she now works as a research group leader.
Through surveys and interviews with 29 sex workers from both countries—where sex work is legal—her team examined participants’ safety goals, including how they perceive risks to their safety from clients, platforms and legal entities.
Their results show that sex workers are aware of privacy and security risks and are employing multiple ways to protect themselves. However, they often rely on manual strategies such as using multiple devices, since current tools don’t address their safety needs.
“I went to Zurich with the explicit goal to understand how online security and privacy practices of sex workers are shaped by risk, and how online and offline experiences of threat can blend together to create a singular experience of safety,” says Redmiles, who received funding for this work from Facebook and the National Science Foundation.
The researchers say their findings demonstrate the importance of studying high-risk populations and underscore the need for a more holistic design of security tools. They recommend allowing users to have fully pseudonymous profiles—that is, even unlinked from emails and phone numbers used elsewhere—to reduce the digital boundary violations that often lead to stalking and harassment.
“Elissa [Redmiles] and her team did a fantastic job with the qualitative analysis, not just summarizing, but pulling out deep themes and critical observations that really got to the heart of the issues at hand,” says Mazurek. “This makes the findings significantly more actionable and impactful for future researchers, or others trying to build privacy and security tools that fit in with sex workers' needs and priorities.”
—Story by Maria Herd, UMIACS communications group
This article was published by the Maryland Cybersecurity Center.