What we learned from hosting our CryptoParty

In early March 2016, a lone voice on the Open Rights Group North East mailing list suggested the idea of hosting a CryptoParty — to help people who were interested in learning about some of the privacy and security tools that exist to allow users to reclaim their digital rights and freedom.

The idea started to gain momentum almost immediately, and on 22 May 2016 we hosted what we’re pretty certain was the first CryptoParty to be held in a British public library — and almost certainly the first to be directly supported by one!

In this post, we will introduce the concept of a CryptoParty, and highlight some of the things we learned when hosting our first. Hopefully our experience can inspire other potential hosts to push forward with the idea and organise parties and events in their own area.

What is a CryptoParty?

If you’re one of the many people who has read any privacy-related news articles or stories recently — such as those relating to GCHQ’s mass internet surveillance or Theresa May’s proposed Investigatory Powers Bill — you might find yourself feeling a need to take steps to try and protect your digital life. This can be a pretty involved task, and you may end up finding yourself trying to navigate a sea of confusing and conflicting information with little clue about how it all fits together.

A common sentiment we heard from newer users at our party was “I tried looking, but didn’t know where to start so I eventually had to give up”.

One of the aims of a CryptoParty is to try and ease some of this confusion by introducing the basics of practical real-world tools to users, and explaining what steps they can take to start protecting their privacy and security straight away.

CryptoParties are a global movement, with a main community ‘base’ hosted at the CryptoParty wiki. The site offers some general ideas and recommendations to potential hosts on the formats that a party might take, but part of the philosophy of the CryptoParty movement is to create a public and open format — allowing for DIY-style parties that fit whatever format the hosts think will work best for them.

Often, a CryptoParty will take the form of a public workshop-type event, where experienced users of technology join together with newer users and help them to gain the skills and confidence required to start protecting their digital lives with some of the many tools and techniques available. This style was what we opted for when planning our event.


We would definitely recommend potential hosts check out local Makerspaces and Hackerspaces, as these are likely to have some like-minded individuals and may have spare rooms that could be used to host an event:

Another option to check out is local museums and libraries in the area who might be interested in free events that benefit the community.

In our case, Newcastle Library came to the rescue, allowing us to use one of their rooms for our event free of charge, and even offering to advertise it through their channels. As mentioned above, we’re pretty sure this makes them the first British library to officially host and support a CryptoParty!

In many ways, libraries are the perfect venue for an event like a CryptoParty. The Library Freedom Project and Radical Librarians Collective exist as a clear reminder of librarians’ commitment to “protect each library user’s right to privacy and confidentiality”. Indeed, it wasn’t long before our CryptoParty caught the attention of other librarians around the country. Many thanks to all those who commented and helped spread the word about our event to a wider audience.

We even managed to attract the attention of Chi Onwurah — local MP and Shadow Minister for the Digital Economy!

Like the example above, most of our outreach and advertising relied on word about our party spreading online through social networks between people who were already interested in privacy and security. This ended up working quite well, though now that we know we are able to host a successful event, we will widen our approach for future parties.

Some ideas we came up with for groups to advertise future events to:

  • University students
  • Charities (especially community-focused charities who handle sensitive personal data)
  • Librarians
  • Local journalists
  • Legal professionals (it would be great to see an increase in solicitors offering provably-secure communication methods to clients)


On the day, we found that this system worked rather well. Attendees seemed to appreciate the freedom to roam around the tables in whatever order they wanted. We did notice that some of our hosts found that the table format led to difficulty talking to more than one or two people at once, meaning that queues sometimes formed for some of the tables hosting the most popular topics.

For any potential party hosts, we definitely recommend giving our table-layout a try — but it might be a good idea to also introduce a small presentation at the beginning of the event that covers some of the core concepts of each tool, before the group breaks off into smaller groups to work on the hands-on demonstrations.

One idea put forward by a CryptoParty attendee was to distribute a “privacy checklist” to people when they arrived at the event. The checklist would have a list of the topics covered at the event, allowing people to tick-off which tables they had already been to, and make it easier for them to navigate the event and ensure they saw all of the things we had to offer.


Although it is a useful tool, the handbook is sadly quite outdated. The last official update was in August 2013, and it covers many tools and pieces of software which have been replaced by better solutions, or are no longer considered safe. Fortunately, since the handbook is collaboratively written by the CryptoParty community, we are able to help out the project by contributing changes. Some of our members are are currently working on rewriting a number of sections of the handbook to bring it up-to-date and help future party hosts.

For our actual event, we realised that, even if it had been up-to-date, the information in the handbook was very dense and comprehensive, and mainly targeted at CryptoParty hosts rather than attendees. To solve this, we decided to get creative and work on some ‘handouts’ that users could take away with them to jog their memories after the event, or give to friends when passing on their newly-acquired skills.

Our handouts are all licensed under Creative Commons BY-SA 4.0 for anyone to use freely

The handouts were a great success at our event, and we would recommend any party organiser definitely consider putting together similar handouts for their event that users can take home or distribute to friends and family.

As with all of our assets and content, we distribute the source materials and final files for these handouts on our GitHub page, and will keep them updated if we produce more or refresh them for future parties. Please feel free to use or modify these for your own CryptoParty or other event. If you do something cool with these, please let us know!


We also wanted to create an environment where people could ask questions and socialise with other members of the group. Somewhere that attendees could ask follow-up questions to things they had learned. There’s no reason the learning should stop just because the CryptoParty is over!

Many similar projects could probably just opt to create a Facebook page and call it a day, but we found (and this probably won’t surprise you to learn) that among our attendees there was a significantly high number of people without any form of Facebook account. We also aren’t interested in advocating that people create one, as Facebook’s ‘Real Name Policy’ prevents any kind of anonymous or pseudonymous participation in a community.

Currently, our solution to this is to direct people to the Open Rights Group mailing list, but this isn’t exactly perfect. Mailing lists aren’t particularly intuitive for newer users in the way that newer social networks might be. In fact, some may be surprised to learn that they actually predate the world-wide-web by a number of decades!

We are currently looking into and trialing a number of different self-hosted alternatives that might serve to replace the mailing list. Right now, Crabgrass and Anahita are looking like promising free-and-open alternatives that should be much friendlier to newer users. For anyone else trying to solve a similar problem, the “Awesome Selfhosted” GitHub project is a highly recommended resource.

The Future

As organisers, we are looking to improve upon the things we learned from the experience and host our next CryptoParty in a few months time. Please stay tuned on the mailing list for updates, or follow @ORGNorthEast on Twitter. If you have any suggestions for our future parties, please feel free to post to the list, tweet at us, or comment on this article.

Legal consultant. Interested in privacy, data protection & information security. Formerly Legal Officer @OpenRightsGroup.

Legal consultant. Interested in privacy, data protection & information security. Formerly Legal Officer @OpenRightsGroup.