High Risk Security

Title

Without time… without place? Navigating the high/low risk binary in information security research

Abstract

Information security research tends to divide people into high-risk and low-risk categories based on their perceived vulnerability to harm from digital practices. High-risk individuals, including activists and journalists, are thought to face immediate dangers such as targeted surveillance or physical harm. In contrast, low-risk individuals are assumed to engage in routine digital activities without significant threats to their security. This article critiques this binary classification within information security scholarship by exploring the conceptual and empirical instabilities inherent in this framework. Drawing on ideas from the interpretative social sciences, the article offers a disciplinary critique in three ways, 1) by bringing attention to relational aspects of risk; 2) by examining the normative underpinnings of this binary; 3) by discussing ideas of the everyday. I consider which aspects of risk this binary renders invisible and explore alternative ways of thinking about information security.