Cybersafety - the evolution of online behaviours
“…the internet has become a “key breeding ground” for extremism and hate speech – emboldened by the increasing ease of dissemination, anonymity and, thanks to outdated legislation, a lack of meaningful consequences.”
All-Party Parliamentary Group on Hate Crime
In evolutionary terms, we’re still learning the etiquette of behaviour online, and although there are opportunities for great collaboration and good, there are also behaviours being exhibited at an individual and societal level giving great cause for concern.
The human race has had thousands of years to work out how we best communicate with each other and draw our social norms. Despite this, we still make mistakes, still misunderstand or are misconstrued or don’t explain ourselves.
At the United Against Workplace Bullying conference in 2020, Dr Ian Coyne from Loughborough University spoke about the premise that in the digital world, we’ve only been learning for a number of decades. We’re basically still in the naïve stage and haven’t yet grown up and learnt how to communicate effectively online, and so mistakes are going to be made while we learn.
“We're at the stage where everyone has grown up with, or become used to, doing everything digitally now. One of the things that we discovered is that sort of more often than not the digital world was encouraging, and has encouraged, people to really miscommunicate, to say things that they don't ordinarily believe; to bully people in a way that in the real world we just wouldn't dream of doing. And it raises the question as to why and what we can do about this growing culture.”
Ian also spoke about the loss of personal identity and the taking on of a group identity as de-individuation; you become a part of the online group you’re interacting in. If that group is one that promotes being abusive, aggressive and outspoken then you're going to take on that cultural, that norm of that particular group, and it then becomes normal behaviour which isn't challenged.
We've also seen movements online like #MeToo, #TimesUp, #Black Lives Matter, that have changed that power stance completely, and have been massively empowering and it's very much changed the dynamic from someone being bullied who until recently might have thought “What can I do? How can I take on a big company? How can I take on the big boss?” to recognising that they can speak up collectively and influence change.
Ultimately, it is incredibly easy now to say something that can be misconstrued; say something that now forms part of the digital footprint. It exists; it's with you forever; it can impact on you in the future. The BBC have just recently agreed that high profile people that work with them will have to monitor their personal twitter accounts, and so we have an example there of where your personal and your professional are merging together, and anything inappropriate on your personal account can impact upon your career. More recently, England bowler Ollie Robinson was suspended from international cricket pending the outcome of an investigation into historic racist and sexist tweets.
Social media can be a fantastic tool, and it can empower somebody who is struggling, but it can also be used in a very detrimental way.
The rise and rise of cyberbullying
Cyberbullying is the most rapidly growing type of bullying, and not just for children. It also infiltrates our workplaces, particularly as the boundaries between home and work life become increasingly blurred. and is increasingly also becoming a societal trend.
Deep faking. Phishing. Spear phishing. Catfishing. Cancel culture. Online hatred. Trolls. Cyberbullying Cyberstalking. Cybercrime. The list goes on…
So what is it that makes someone feel able to attack others online in ways that they probably wouldn’t in real life? How is this influencing behaviour in our workplaces?
Well, there are a number of factors at play here. Firstly, what exactly is cyberbullying? According to ACAS, it’s “any form of bullying, harassment, or victimisation online”. It can show up on any form of technology from text messages and emails to gaming and social media.
To understand cyberbullying, the first step is the need to educate ourselves about the different forms that bullying and harassment can take, and the impact that can have on both individuals and organisations. It can, and does take the form of (to name but a few):
Sharing inappropriate content including images
Public humiliation e.g. rumours and gossip on social media
Excessive emails at all hours
Copying people who don’t need the information into emails
Leaving you out of online communications in order to isolate you and place you at a disadvantage
Threats of physical violence
Posing as the target online and publishing defamatory posts
What makes cyberbullying different?
Whilst it could be argued that cyberbullying is the same as traditional bullying but just using technology to do so, i.e. the technology is new but the behaviours and the approach are no different, a number of speakers at our Conference in November raised considerations about the online personality.
Pete Trainor, CEO of Vala Health is the author of a book that looks at new and emerging themes in behaviours, biological changes and the way that humans interact with digital communication and frictionless interfaces. He refers to a phenomenon he calls “the secret online me” whereby people have an almost anonymised version of themselves, and whilst in some cases this resulted in positive online engagement, in others, people were doing harm, and this often followed them into the workplace as well.
“Our behaviour, because we're remote, we're anonymous, the cues are reduced, it becomes de-individuated, so we essentially lose a little bit of presence and become more anonymous the more remote our communication is, and as a result of that our behaviour potentially comes disinhibited. For example, we will send off that email, we will fly off a rude message in a way which we wouldn't do face to face. So that remoteness removes us some steps away from it. It also removes us steps away from understanding the impact on the person at the other end.”
In addition to this we have to consider viral reach; the speed, and the amount of people that can see the information, see the abusive behaviour, is increased compared to traditional bullying. Power differentials may be slightly different and our traditional views of power in a bullying situation might not be the same online.
Neil Frost, COO of Bob’s Business, cybersecurity culture and training experts, explained that when we consider the phenomenon of digital over the last 15 years there has been a tendency to talk about data and communications. In reality, the whole field of digital is exponentially growing; the variety of data; the velocity of comments and people's behaviours; the veracity, the trustworthiness of everything that's being posted; what we're reading and its origins; what is being said about us, commented upon and shared, and we’ve arrived at a point in time where information about both our personal and professional lives is available digitally, and it's going to come back into the workplace.
He also spoke about the example of expert power; people who are knowledgeable about using systems and computers can hide their identity and create that anonymity because they're technically competent. So, the power in that sense comes through technical power.
Another area to consider is repetition. In bullying one of the key defining features is repetition, where the behaviour is prolonged over time. Some will argue that in cyberbullying you can have a one-off event. One person can write a post or share an image/photo and then withdraw from the situation, or not carry on. Does that count as repetition? Dr Ian Coyne argues that it does, because if that image is then posted elsewhere, it's repeated. It might be a different way, but it's still repetition.
So why do people get drawn into these behaviours so easily? We can consider this in terms of rational choice, weighing up the costs with the benefit of engaging in these behaviours. If we consider anonymity, the action of remotely posting something, often there are little formal or informal sanctions, and there's some argument there about people making rationalisations for the behaviour – ‘there wasn't any harm done, they weren’t really a victim’.
However, research shows that the links with health and wellbeing of individuals; anxiety, strain, low optimism, burnout, job dissatisfaction, are similar to what we find in traditional bullying. One question to consider is will there be more of an impact on people because they can't escape it? Are they powerless to escape it in that way that you may be able to escape a physical environment?
There is an argument to say that the impact might actually be worse particularly because of the unique features. These can include:
Indirect as online not face to face
Perpetrators can remain anonymous
Can be in separate physical locations
Remain accessible and visible for long periods of time
Can be experienced anywhere and at anytime from any device
Potential to be viewed by much larger audience
More bystander roles – online; with perpetrator when sent; with target when received
Can occur without the target being aware
Adapted from: Cyberbullying at Work: Understanding the Influence of Technology
Sam Farley, Iain Coyne and Premilla D’Cruz
Published in Volume 3 of Handbooks of Workplace Bullying, Emotional Abuse and Harassment: Concepts, Approaches and Methods
Cyberbullying, Cyberstalking and Cybercrime
When we consider how cyberbullying can impact on our employees, organisations and ourselves, we need to consider how, if ignored, it can move to cyberstalking or even cybercrime.
We then need to check our own behaviours at both individual and organisational levels. With increasingly blurred boundaries between working and home lives, how can we keep ourselves and our employees safe online?
As cyberbullying becomes a growing concern, then linking your prevention approaches to your cybersecurity practice makes perfect sense.
Lucy Howard, Digital Communications Officer with the charity Bullies Out, spoke at our conference about the need to protect ourselves from information leakage even more so with the shift to remote working, and this will become increasingly important as many organisations adopt a hybrid working model moving forward. Here’s a reminder of some of the advice that she shared:
Where possible try and have two devices, one for personal and one for business use as this can help minimise information leakage between your personal and professional inbox.
Keep any malware up to date.
Consider that when you do send an image, any settings you have become irrelevant; the person, or group of people you send it to could have different settings which allows images to upload to their camera roll, even across multiple devices in one household.
Think about what you post on social media and who you are connected to. More and more we connect with colleagues, supervisors and managers through personal social media. We worry about the impact of refusing a friend request or fear missing out on group conversations. How does that blurring of our worlds impact on our career and development?
When does banter online overstep the mark and become bullying?
Cyberbullying, cyberstalking or cybercrime?
We’ve considered what cyberbullying is its impact, but what makes it different to cyberstalking or cybercrime?
It can be argued that cyberstalking is a form of cyberbullying but generally it becomes much more intense and can cause great fear. In most cases the person stalking will know their target and have personal information, and sometimes actual passwords and access to online accounts. As with bullying, cyberstalking involves repetition but differs in that the perpetrator acts in a way to let their target know they are being watched online. For example, sending constant text messages, sharing personal information without permission with the intent to cause fear.
According to Wikipedia, Cyberstalking may also include “false accusations, defamation, slander and libel as well as actual monitoring, threats, vandalism, solicitation for sex, or gathering information that may be used to threaten or harass.” Cyberstalking author Alexis Moore separates cyberstalking from identity theft, which is financially motivated. Her definition is
“Cyberstalking is a technologically-based "attack" on one person who has been targeted specifically for that attack for reasons of anger, revenge or control. Cyberstalking can take many forms, including:
1. harassment, embarrassment and humiliation of the victim
2. emptying bank accounts or other economic control such as ruining the victim's credit score
3. harassing family, friends and employers to isolate the victim
4. scare tactics to instil fear and more”
It’s immediately obvious that these overlap with workplace bullying behaviours, which is why the Protection from Harassment Act 1997, originally developed to deal with stalking, is now referred to in some bullying cases.
Cybercrime, according to Action Fraud, is any criminal act dealing with computers and networks more commonly known as ‘hacking’ usually with intent to defraud an individual or business. In 2019 the financial cost of cybercrime or fraud to the UK was between £130bn - £190bn a year. 65% of reports were from businesses and 35% from individuals.
However, this omits any reference to hate crime, which is motivated by hostility or demonstrates hostility towards the victim's disability, race, religion, sexual orientation or transgender identity. This is covered by criminal legislation including the Criminal Justice Act 2003 and Crime & Disorder Act 1998.
Cyberbullying, cyberstalking and cybercrime are therefore closely linked, and that’s why cybersecurity is a key element of tackling cyberbullying at work, keeping both the organisation and employees safe.
Cybersecurity training alongside raising awareness about bullying and cyberbullying behaviours helps to create a healthy cyberculture. It includes advice such as:
Personal versus professional behaviours and refection on your career/the business
Keeping work and home separate
Keeping a professional filter for work - being blurred as people use personal devices for work
Recognising bullying and cyberbullying behaviours
Bantering versus bullying
Including behaviours in your social media policy – link to bullying, harassment, hate crime
Email etiquette – how easy it is to misinterpret someone, copy unnecessary people in, exclude people etc
WhatsApp, social media – even if you haven’t read it, you can be liable if you don’t report it.
Appropriate use when there is an expectation to use apps on personal devices
Not allowing clients/customers to see personal information
When sharing photos, remember that settings are based on the receiving device
Appropriate monitoring vs ‘big brother’ surveillance and micromanagement
In this world where so much work takes place online, and the boundaries between work and home are increasingly blurred and look like they will remain that way far beyond the pandemic, how safe is your information; your identity; your reputation? Consider the following questions:
? How much personal information is being shared online?
? How safe is the data held by your business?
? What information can be accessed - about your employees, customers, suppliers?
? How is social media being used and monitored?
So, considering all the above how cyber safe are you? How cybersafe is your business? As cyberbullying becomes a growing concern, then linking your prevention approaches to your cybersecurity practice makes perfect sense. It’s just one of the many interventions that we recommend to create a safer workplace for everyone.
Conduct Change was founded in 2019 with the purpose of changing behaviour in workplaces to create more courageous and compassionate approaches to prevent workplace bullying. The founder, Nicki Eyre, has been through her own workplace bullying experience during her career and recognises the scale of the problem at both an organisational and individual level.
Our Bullying Awareness e-learning course has been produced in collaboration with Bob's Business, and is offered alongside their extensive range of cybersecurity courses.
Cybersecurity is a key element in tackling cyberbullying. Why Bob's business? Simple - they have a clear philosophy with people at the centre. Their approach, like ours, is to influence behavioural and cultural change.
We recognise that workplace bullying is a sensitive topic for many businesses. If you are concerned that you may have a bullying issue in your workplace, or just want help in opening up the conversations, we are here to advise. We offer a free and confidential discussion to understand the issues and explain what options are available for you.
t 07921 264920