#1 Consiga que sus amigos o comunidad se interesen

Si ha escuchado a sus amigos quejarse por su falta de privacidad, pregúnteles si están interesados en acudir a un taller sobre defensa personal del correo electrónico. Si sus amigos no se quejan sobre su privacidad entonces quizás necesiten un poco de convencimiento. Quizás incluso haya oido el clásico argumento contra el cifrado "si no tienes nada que ocultar, no tienes nada que temer".

Aquí hay algunos temas de conversación que puedes utilizar para explicar porque merece la pena aprender sobre GnuPG Here are some talking points you can use to help explain why it's worth it to learn GnuPG. Mezcle y combine aquello que cree que tendrá sentido en su comunidad:

La fuerza de las cifras

Cada persona que resiste a la vigilancia masiva hace más sencillo que otros también resistan. Gente normalizando el uso de un cifrado robusto provoca múltiples efectos de gran alcance: significa que aquellos que más necesitan privacidad, como potenciales confidentes y activistas, tienen mayor probabilidad a aprender sobre el cifrado. Cuanta más gente utilice el cifrado para más cosas esto también hace difícil para los sistemas de vigilancia el poder señalar a quellos que no pueden permitirse el lujo de ser encontrados, y muestra su solidaridad con esa gente.

Gente que respetas puede ya estar usando el cifrado

Muchos periodistas, confidentes, activistas e investigadores utilizan GnuPG, por lo que sus amigos sin saberlo, podrían haber oído hablar de unas cuantas personas que ya lo utilizan. Puede realizar una búsqueda de "BEGIN PUBLIC KEY BLOCK" + una_palabra_clave para ayudarle a realizar una lista con gente u organizaciones que utilizan GnuPG a quienes su comunidad probablemente reconocerán.

Respeta la privacidad de tus amigos

No hay una manera objetiva de judgar qué es lo que constituye una correspondencia de caracter privado. Por ello es mejor no suponer que sólo porque encuentras que un correo electrónico que mandaste a un amigo es intrascendental, tu amigo (o un agente de vigilancia, ¡por eso importa!) siente de la misma manera. Muestra respeto a tus amigos cifrando tu correspondencia con ellos.

La privacidad tecnológica es normal en el mundo físico

En el campo de lo físico, tenemos persianas, sobres, y puertas cerradas para garantizarnos formas de proteger nuestra privacidad. ¿Por qué deberíam haber en el campo digital alguna diferencia?

No deberíamos confiar a nuestros proveedores de correo electrónico nuestra privacidad

Algunos proveedores de correo electrónico son muy dignos de confianza, pero pueden tener incentivos para no proteger nuestra privacidad y seguridas. Para ser ciudadanos digitales conscientes, necesitamos construir nuestra propia seguridad desde la base.

#2 Plan The Workshop

Once you've got at least one interested friend, pick a date and start planning out the workshop. Tell participants to bring their computer and ID (for signing each other's keys). If you'd like to make it easy for the participants to use Diceware for choosing passwords, get a pack of dice beforehand. Make sure the location you select has an easily accessible Internet connection, and make backup plans in case the connection stops working on the day of the workshop. Libraries, coffee shops, and community centers make great locations. Try to get all the participants to set up an Enigmail-compatible email client before the event. Direct them to their email provider's IT department or help page if they run into errors.

Estimate that the workshop will take at least forty minutes plus ten minutes for each participant. Plan extra time for questions and technical glitches.

The success of the workshop requires understanding and catering to the unique backgrounds and needs of each group of participants. Workshops should stay small, so that each participant receives more individualized instruction. If more than a handful of people want to participate, keep the facilitator to participant ratio high by recruiting more facilitators, or by facilitating multiple workshops. Small workshops among friends work great!

#3 Follow the guide as a group

Work through the Email Self-Defense guide a step at a time as a group. Talk about the steps in detail, but make sure not to overload the participants with minutia. Pitch the bulk of your instructions to the least tech-savvy participants. Make sure all the participants complete each step before the group moves on to the next one. Consider facilitating secondary workshops afterwards for people that had trouble grasping the concepts, or those that grasped them quickly and want to learn more.

In Section 2 of the guide, make sure the participants upload their keys to the same keyserver so that they can immediately download each other's keys later (sometimes there is a delay in synchronization between keyservers). During Section 3, give the participants the option to send test messages to each other instead of or as well as Edward. Similarly, in Section 4, encourage the participants to sign each other's keys. At the end, make sure to remind people to safely back up their revocation certificates.

#4 Explain the pitfalls

Remind participants that encryption works only when it's explicitly used; they won't be able to send an encrypted email to someone who hasn't already set up encryption. Also remind participants to double-check the encryption icon before hitting send, and that subjects and timestamps are never encrypted.

Explain the dangers of running a proprietary system and advocate for free software, because without it, we can't meaningfully resist invasions of our digital privacy and autonomy.

#5 Share additional resources

GnuPG's advanced options are far too complex to teach in a single workshop. If participants want to know more, point out the advanced subsections in the guide and consider organizing another workshop. You can also share GnuPG's and Enigmail's official documentation and mailing lists. Many GNU/Linux distribution's Web sites also contain a page explaining some of GnuPG's advanced features.

#6 Follow up

Make sure everyone has shared email addresses and public key fingerprints before they leave. Encourage the participants to continue to gain GnuPG experience by emailing each other. Send them each an encrypted email one week after the event, reminding them to try adding their public key ID to places where they publicly list their email address.

If you have any suggestions for improving this workshop guide, please let us know at campaigns@fsf.org.