Privacy

Blogs

How Much Did the U.S. Wireless Carriers “Earn” From “Location Information Aggregators”?

The FCC lawfully fined U.S. facilities-based wireless carriers nearly $200 million for selling highly intrusive location data about subscribers without their "opt-in" consent. In Section 222 of the Communications Act, Congress comprehensively specified how the carriers bore an affirmative duty of care not to disclose clearly defined Customer Proprietary Information ("CPNI"). The Act explicitly required the FCC, and no other agency, to protect telecommunications consumers. more

The Rise of WiFi Sensing and Its Implications for Home Security and Surveillance

It's incredibly hard to keep things private in the new digital age. There are far too many stories circulating about people who talked to a friend on the phone or texted about something and almost instantly got hit with ads for the subject of the conversation. And that happens without malware - no telling what information you're giving out if your devices have been infected with malicious software that is spying on you. more

Digital Sovereignty and Internet Standards

There have been a number of occasions when the Internet Engineering Task Force (IETF) has made a principled decision upholding users' expectations of privacy in their use of IETF-standardised technologies. (Either that, or they were applying their own somewhat liberal collective bias and to the technologies they were working on!) The first major such incident that I can recall is the IETF's response to the US CALEA measures. more

The New Privacy Law in California

The State of California often leads the country in addressing regulatory issues. This makes sense since the State has a population of nearly 40 million and an economy that would be the fifth largest in the world if California were a separate country. A new law was enacted on the last day of the California Legislature that was signed by Governor Gavin Newson this month. more

Human Rights and the Digital Domain Primer - Part 4

The digital domain encompasses the different spaces and spheres we use to relate and interact with the people and things that surround us using digital technologies. The Universal Declaration of Human Rights, UDHR, as the globally accepted standard, should serve us as the guiding light when it comes to striking the delicate balance between our rights and responsibilities on and off-line. more

Human Rights and the Digital Domain Primer - Part 3

The digital domain encompasses the different spaces and spheres we use to relate and interact with the people and things that surround us using digital technologies. The Universal Declaration of Human Rights, UDHR, as the globally accepted standard, should serve us as the guiding light when it comes to striking the delicate balance between our rights and responsibilities on and off-line. more

Human Rights and the Digital Domain Primer - Part 2

The digital domain encompasses the different spaces and spheres we use to relate and interact with the people and things that surround us using digital technologies. The Universal Declaration of Human Rights, UDHR, as the globally accepted standard, should serve us as the guiding light when it comes to striking the delicate balance between our rights and responsibilities on and offline. more

Human Rights and the Digital Domain Primer - Part 1

The digital domain encompasses the different spaces and spheres we use to relate and interact with the people and things that surround us using digital technologies. The digital domain is not limited to the technologies itself, but it has an important ethical dimension that encompasses the values, principles and instruments that inform and govern it. Created by humans for humans, our beliefs, cultural backgrounds, and biases are reflected in the codes we write and the algorithms we create. more

An Extortionists Fire Sale of TikTok to a US Company Would Be Un-American and Futile

In the latest twist of the US-China spat, President Trump has his sights on TikTok, the short-form video-sharing platform and ByteDance subsidiary. On July 31, President Trump threatened to ban TikTok because it was a threat to US national security. On August 6, he made good on his threat when he signed an Executive Order to that effect. President Trump tightened the screws with an August 14 Executive Order requiring ByteDance to divest its assets in the US and destroy any TikTok data on its US users within 90 days. more

NIS2, ICANN and “Thick” WHOIS: A Mandate to Move Forward

The recent adoption at the end of December of the new EU Directive for a high level of cybersecurity across the Union -- commonly referred to as "NIS2" - paved the way for important updates to the domain name system (DNS). Most significantly, Article 28 of NIS2 and its related recitals resolved any ambiguities about the public interest served by a robust and objectively accurate WHOIS system that permits legitimate access by third parties to data... more

Going Dark: How the Increasingly Dark Network Is Creating Some Pretty Ugly Choices for Site Security Administrators

I'd like to reflect on a presentation by Dr. Paul Vixie at the October 2022 meeting of the North American Network Operators Group (NANOG) on the topic of the shift to pervasive encryption of application transactions on the Internet today. There is a view out there that any useful public communications medium needs to safeguard the privacy and integrity of the communications that it carries.  more

The Modern Encryption Debate: What’s at Stake?

The debate around encryption has become a hot topic in a world where communications are increasingly becoming digital. The modern encryption debate is a complex and nuanced issue, with many players from different backgrounds trying to influence the conversation. The question of balancing the need for national security with the right to privacy has been a matter of public debate for years. Only recently has the issue been framed in terms of encryption, but the discussion is certainly not new. more

Solving the .US Registrant Data Directory Services (RDDS) Conundrum

Recently ten Democratic Members of Congress wrote a letter to Alan Davidson, head of the NTIA, requesting that the "NTIA immediately cease the public disclosure of personal information about users of .US" country code top-level domain (ccTLD). This communication highlights a significant concern regarding domain registration data: the need to protect the privacy rights of Registrants. However, an equally significant concern regarding registration data was raised... more

Cyberhygiene Requires Critical Thinking

At his farewell speech in August outgoing, Telstra CEO Andy Penn mentioned that the cyber threat has never been as serious as the present. He mentioned the deteriorating geopolitical situation and the big shift in how criminals operate in the cyber domain. One thing is for sure is that in order to enjoy all the positives resulting from the digital economy, we need to be far more vigilant about the barrage of information that we are receiving and/or have access to. more

WHOIS Disclosure Questions

In 2020, the ICANN Generic Name Supporting Organization (GNSO) Council approved a plan to revamp the WHOIS system as per the recommendations given by the ICANN Expedited Policy Development Process (EPDP). This plan directed ICANN to develop a centralized System for Standardized Access/Disclosure (SSAD) for WHOIS records. After much debate regarding the suitability and cost of such a system, ICANN brought together a group... more

News Briefs

Researchers Expose Privacy Risks in Apple and Starlink’s Geo-Location Data, Uncovering Military and Civilian Tracking

U.S. Congress Nears Breakthrough Agreement on National Online Data Protection Framework

CENTR Warns Against EU FiDA Proposal’s Impact on Consumer Access and Business Continuity

Mozilla Launches Monitor Plus, A Comprehensive Privacy Service

NSA Admits Purchasing Americans’ Internet Browsing Data Without Warrants

UK Online Safety Act Becomes Law Amid Controversy

Online Safety Bill: UK’s Digital Overhaul

Balancing Digital Integrity: CENTR Critiques EU’s Insolvency Proposal

EU Lawmakers Call for Further Talks to Strengthen Proposed US Data Transfer Pact

Supreme Court Declines to Hear Wikimedia Foundation’s Challenge to NSA Surveillance

European Union Wants to Fix the GDPR

U.N. Cybercrime Convention Enters Critical Stage

CENTR Publishes Comment on the European Commission’s DNS Abuse Study

A New Privacy-Focused DNS Protocol Released Called Oblivious

U.S. Military Is Buying Location Data of People Around the World Through Ordinary Apps

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Zoom Faces Class-Action Lawsuit, Accused of Overstating Its Privacy Standards

Israel’s Entire Voter Registry Exposed, the Massive Data Leak Involves 6.5 Million Voters

Coronavirus Exposes China’s Deep Surveillance State

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

Most Viewed

Most Commented

Conflict of Opinion

DPI is Not a Four-Letter Word!

Hunting Unicorns: Myths and Realities of the Net Neutrality Debate

Whither DNS?

The Anti-Phishing Consumer Protection Act of 2008

Industry Updates

Participants – Random Selection