Privacy

Privacy / Recently Commented

Facebook Accused of “Secretly” Lobbying for Cyber Bill

Facebook lobbyists are working behind the scenes for a major cyber bill set for a final Senate vote Tuesday despite growing opposition to the bill among tech companies, according to a digital rights advocacy group fighting against the measure. more

U.S. Bypassing ICANN on Whois Privacy With Closed-Door Meeting in Paris

Despite positive discussions currently underway at the ICANN54 meetings in Dublin regarding protection of privacy services for domain name registrants, another meeting in Paris seems to be contradicting the efforts. more

I’m Shocked, Shocked to Find There’s Cryptanalysis Going On Here (Your plaintext, sir.)

There's been a lot of media attention in the last few days to a wonderful research paper on the weakness of 1024-bit Diffie-Hellman and on how the NSA can (and possibly does) exploit this. People seem shocked about the problem and appalled that the NSA would actually exploit it. Neither reaction is right. In the first place, the limitations of 1024-bit Diffie-Hellman have been known for a long time. RFC 3766, published in 2004, noted that a 1228-bit modulus had less than 80 bits of strength. That's clearly too little. more

Internet Society Releases Internet of Things (IoT) Overview: Understanding the Issues and Challenges

Near the end of the first decade of this century, the world reached an Internet milestone. The number of Internet-connected devices surpassed the number of people alive on planet Earth. At the time, seven billion devices had already been connected to the Internet, and this went completely unnoticed by most people. This moment represented an important sign of the rapid pace in which we are adopting technology and embracing Internet connectivity. more

European Court Invalidates EU-US Data Pact

The personal data of Europeans held in the United States by Internet companies is not safe from US government snooping, the European court of justice ruled today, in a landmark verdict that hits Facebook, Google, Amazon and many others. more

Correcting Federal Databases: A Procedural Guide

Federal databases, such as those being compiled by the Consumer Financial Protection Bureau and the Federal Trade Commission, contain data about many people and businesses. Although some of this data may be protected personal information (PPI), there is also extensive information in federal databases that is publicly disseminated via the internet. If the information is wrong, it has the potential to be a vector of tortious mischief. more

Thinking Ahead on Privacy in the Domain Name System

Earlier this year, I wrote about a recent enhancement to privacy in the Domain Name System (DNS) called qname-minimization. Following the principle of minimum disclosure, this enhancement reduces the information content of a DNS query to the minimum necessary to get either an authoritative response from a name server, or a referral to another name server. more

ICANN Assigns Tor’s .Onion TLD as Special-Use Domain Name

The Internet Engineering Task Force has approved a Draft RFC for "The .onion Special-Use Domain Name" by the Tor Project, the provider of online anonymity and privacy services. more

Toward a Balanced ICANN Accreditation Program for Privacy and Proxy Service Providers

For the past two years a diverse group of stakeholders from the ICANN community, including myself, has been working hard to come to a consensus on a set of recommendations related to development and implementation of an ICANN accreditation program for privacy & proxy service providers. The result of this effort will replace the interim specification defined in the 2013 Registrar Accreditation Agreement (RAA) that is due to expire at the end of 2016. more

.WTF Domain Being Used In Privacy Campaign

ICANN comment periods on policy proposals don't normally garner much attention. In the case of the current comment period on proxy/privacy services, however, things are very different. To date several thousand comments have been filed, while the topic of the policy proposals has received media attention across hundreds of outlets. more

Largest IXP Files Complaint Against Snooping

Decix, the largest internet traffic exchange point (IXP) worldwide, has had it with the snoops. The Frankfurt company on Thursday confirmed a report by the Sueddeutsche Zeitung that it will file a complaint at the German Federal Administrative Court against the obligation to grant broad access to the German Intelligence Service (BND) to the traffic transiting its large switches. more

Cyptech Needs You!

In August of last year I wrote in a blog about the importance of cryptech to wide-scale trust in the Internet. For those who don't know about it, http://cryptech.is is a project aiming to design and deploy an openly developed, trustable Hardware Security Module (HSM) which can act both as a keystore (holding your secrets and keeping them private) and as a signing engine. more

Back from RightsCon Manila: Trading Freedoms for Security?

In Asia -- a region that at various points in its recent history has been a hotbed for civil unrest, secessionist movements and political instability -- the line between national security and public interest can be difficult to draw. A session organised by the Internet Society at the recently held RightsCon Southeast Asia in Manila shed some light on the perceived trade-offs between national security objectives and digital rights, in particular freedom of expression and privacy. more

ICANN 52 Singapore - Important Issues for Brand Owners

ICANN community has a lot on its plate for 2015, and at this first full meeting of the year, we are all jumping into the work with both feet. Here are some of the main issues for brand owners: Sorting out the long-awaited transition from U.S. Government oversight to a truly multi-stakeholder model of governance; ensuring Registrant data (Whois) accuracy, accessibility and privacy (where appropriate); launching reviews of the new gTLD program; and protecting/preserving the robust business and brand voices in the process. more

Mega Hacks and the Employees That Lost

When a business gets hacked and its corporate information is dumped on the Internet for all and sundry to see (albeit illegally), the effects of that breach are obviously devastating for all concerned. In many ways it's like the day after a fierce storm has driven a super-cargo container ship aground and beachcombers from far and wide have descended upon the ruptured carcass of metal to cart away anything they think has value or can be sold by the side of road. more