Privacy

Blogs

Why Is the Client-Side Scanning a Concern for Encryption?

As today is the Global Encryption Day, I decided to make my first post here on this topic. About two months ago, Apple caused a controversy by announcing the adoption of a measure to combat the spread of Child Sexual Abuse Materials (CSAM). The controversy was so huge that, a month after its announcement, Apple decided to postpone its plans for the new features to have more time to gather information from the various stakeholders and implement improvements before releasing the measures originally announced. more

Where Did “Data Shadow” Come From?

Anyone who works in privacy is familiar with the term "data shadow": the digital record created by our transactions, our travels, our online activities. But where did the phrase come from? Who used it first? A number of authors have attributed it to Alan Westin, whose seminal book Privacy and Freedom (largely a report on the work of the Committee on Science and Law of the Association of the Bar of the City of New York) set the stage for most modern discussions of privacy.  more

Privacy, Legal vs. Natural Persons, and the Never-Ending ICANN EPDP

It has been just over 3 years since the General Data Protection Regulation (GDPR) came into effect, and the work within ICANN (type "EPDP 2a" into your acronym decoder ring) to develop a permanent Registration Data policy is progressing at a snail's pace. At issue is a proposed mandatory requirement for Contracted Parties (really just Registrars), to differentiate between "legal persons" (a fancy way of saying corporations and similar organizations) and "natural persons" (the kind that eat and breathe and schedule Zoom calls). more

Making the Platform Relationship Win-Win

CSC recently participated in an open discussion at the World Trademark Review's APAC WTR Connect, where we moderated a discussion with brand owners, Western Digital and PVH, and platform owner, Alibaba, on the topic: "Making the Platform Relationship Win-Win." How do brands define what a platform is? For the brand owners, a platform could be any distribution service of their products -- be it a traditional eCommerce marketplace like Alibaba or Amazon.com -- or other digital service enablers... more

Notes from the DNS Privacy Workshop at NDSS 2021

For many years the consuming topic in DNS circles was that of the names themselves. If you wind the clock back twenty years or so, you will find much discussion about the nature of the Internet's namespace. Why were there both generic top-level labels and two-letter country codes? If we were going to persist with these extra-territorial generic country codes in the namespace, then how many should there be? Who could or should manage them? And so on. more

Emergence, Rise and Fall of Surveillance Capitalism, Part 2: Rise and Fall

One of the consequences of the Jan 6th events is a renewed attention towards Surveillance Capitalism as a key doctrine undermining democracy.2 This part 2 of the 2 part series of discusses the rise and fall of Surveillance Capitalism under the premise that the better we understand the danger at the door, the better we are able to confront it. more

3 Most Scary Attacks that Leaked Personally Identifiable Information (PII) of Millions of Users

Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being "data is the new gold" in this digital world, and the more sensitive some data is, the more value it has. There is no more sensitive data than personally identifiable information because it contains enough information to identify you digitally. Examples of personally identifiable information include name, email, contact number, address, social security number, tax file number, banking or financial information, and more such data that helps identify you. more

The Netizen’s Guide to Reboot the Root (Part II)

The first part of this series explained how Amendment 35 to the NTIA-Verisign cooperative agreement is highly offensive to the public interest. But the reasons for saving the Internet are more fundamental to Western interests than a bad deal made under highly questionable circumstances. One of the world's foremost experts on conducting censorship at scale, the Chinese Communist Party's experience with the Great Firewall... more

Emergence, Rise and Fall of Surveillance Capitalism, Part 1: Emergence

One of the consequences of the Jan 6th events is a renewed attention towards Surveillance Capitalism as a key doctrine undermining democracy. This 2-part series of articles discusses the emergence, rise, and fall of Surveillance Capitalism under the premise that the better we understand the danger at the door, the better we are able to confront it. more

Internet Governance and the Universal Declaration of Human Rights, Part 7: Articles 20-21

Internet Governance, like all governance, needs to be founded on guiding principles from which all policymaking is derived. There are no more fundamental principles to guide policymaking than the Universal Declaration of Human Rights (UDHR). This article, Part 7 of a series, looks at Articles 20 and 21 and explores how principles in the UDHR and lessons learned over the last half-century help define the rights and duties of one's engagement in the digital spaces of the Internet ecosystem. more

Internet Governance Outlook 2021: Digital Cacaphony in a Splintering Cyberspace

In 2020, the pandemic accelerated digitalization around the globe. Homeoffice, Online Shopping, Zoom Conferences became part of the daily life for billions of people. But if somebody would have expected that the Covid-19-Desaster is a wake-up call for the world to be more united, work hand in hand, and pool resources reducing risks of a borderless threat, this "somebody" was wrong. 2020 was dominated by "My country first." more

Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds

Ahmed Mansoor is an internationally recognized human rights defender based in the Middle East and recipient of the Martin Ennals Award (sometimes referred to as a "Nobel Prize for human rights"), On August 10 and 11, 2016, Mansoor received an SMS text messages on his iPhone promising "new secrets" about detainees tortured if he clicked on an included link. Instead of clicking, Mansoor sent the messages to the Canadian Citizen Lab researchers. more

DNS Oblivion

Technical development often comes in short, intense bursts, where a relatively stable technology becomes the subject of intense revision and evolution. The DNS is a classic example here. For many years this name resolution protocol just quietly toiled away. The protocol wasn't all that secure, and it wasn't totally reliable, but it worked well enough for the purposes we put it to. more

Internet Governance and the Universal Declaration of Human Rights, Part 6: Articles 18-19

Internet Governance, like all governance, needs guiding principles from which policy making, and acceptable behavior, are derived. Identifying the fundamental principles to guide Internet ecosystem policy making around digital citizenship, and around the integrity of digital practices and behavior, can and should start with the Universal Declaration of Human Rights, (UDHR). more

Another ICANN Meeting Concluded With No Action on DNS Abuse or Privacy/Proxy Policy

The ICANN 69 meeting has come to a close, with no progress on DNS abuse or implementation of the Privacy/Proxy Services Accreditation policy (PPSAI). While ICANN is uniquely positioned to do so, it refuses to do anything proactive about DNS abuse, with its executives overtly attempting to limit its role to data collection. Moreover, its refusal to implement community-driven initiatives such as the PPSAI points to a growing trend where ICANN is backing away from its public interest responsibilities, to the detriment of the Internet and its users. more

News Briefs

A New Privacy-Focused DNS Protocol Released Called Oblivious

U.S. Military Is Buying Location Data of People Around the World Through Ordinary Apps

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Zoom Faces Class-Action Lawsuit, Accused of Overstating Its Privacy Standards

Israel’s Entire Voter Registry Exposed, the Massive Data Leak Involves 6.5 Million Voters

Coronavirus Exposes China’s Deep Surveillance State

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

China’s App Allows “Superuser” Access to Entire Data of Over 100 Million Android-Based Phones

The U.S. House Judiciary Committee Is Investigating Google’s Plans to Implement DNS Over HTTPS

51 CEOs Call on US Congress for Urgent Nationwide Data Privacy Law Overriding State-Level Laws

Google Showing Signs of Increased Concerns Over Rising Data Privacy Scrutiny

New Zealand’s Domain Name Commission Wins Appeal in Lawsuit Against US DomainTools

EU Court of Justice Ruling Could Result in Cutting Off Data Flows to US

Majority of Popular Mobile-Only VPNs Are Run by Chinese Nationals or Located in China

Microsoft Sees Serious Appetite for Revised Privacy Laws in US, Says It’s Time to Match EU’s GDPR

NGOs, Academics Warn Against EU’s Deep Packet Inspection Problem, at Least 186 ISPs Breaking Rules

US Federal Trade Commission Says It Lacks Resources to Go After Privacy Violations Effectively

No GDPR Action Against Any Big Tech Firms Since Law Imposed Last Year, Doubts Escalate Over Enforcer

Canada Says Facebook Has Refused to Address Serious Privacy Deficiencies Concerning Its Local Laws

Government Officials, Academia, and Advocacy Groups Say Time for US to Get Its Own GDPR

Most Viewed

Most Commented

Conflict of Opinion

DPI is Not a Four-Letter Word!

Hunting Unicorns: Myths and Realities of the Net Neutrality Debate

Whither DNS?

The Anti-Phishing Consumer Protection Act of 2008

Industry Updates

Participants – Random Selection