Rina Steenkamp - Privacy and technology
[January | February | March | April | May | June | July | August | September | October | November | December]
[Connecting the dots - Analysis of the efectiveness of bulk phone records collection | Obama's NSA speech has little impact on skeptical public | What secrets your phone is sharing about you - Businesses use sensors to track customers, build shopper profiles | Transaction costs, privacy and trust - The laudable goals and ultimate failure of notice and choice to respect privacy online | Big data for development - Challenges and opportunities | FTC settles with twelve companies falsely claiming to comply with international Safe Harbor privacy framework | On the security, privacy and usability of online seals - An overview | Do NSA's bulk surveillance programs stop terrorists? | Tiny constables and the cost of surveillance - Making cents out of United States v. Jones | How law enforcement tracks cellular phones | How the NSA almost killed the internet | Twenty privacy bills to watch in 2014 | Use of sensitive health information for targeting of Google ads raises privacy concerns | Relational Big Data | Social media for selection? Validity and adverse impact potential of a Facebook-based assessment | What happens in the hospital doesn't stay in the hospital | Mr. Wemmick's condition - or, privacy as a disposition, complete with skeptical observations regarding various regulatory enthusiasms | Privacy and cloud computing in public schools | The hidden truth behind shadow IT - Six trends impacting your security posture | Privacy in mobile apps - Guidance for app developers | In-car location-based services - Companies are taking steps to protect privacy, but some risks may not be clear to consumers | Information security - Agency responses to breaches of personally identifiabe information need to be more consistent | How to forget passwords (Many faces of passwords)]
[Draft report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens' fundamental rights and on transatlantic cooperation in Justice and Home Affairs | Military targeting based on cellphone location | In the matter of state surveillance | Handling ethical problems in counterterrorism - An inventory of methods to support ethical decisionmaking | Privacy engineering - proactively embedding privacy, by design | Judgment in Case C-466/12 - Nils Svensson and Others v Retriever Sverige AB | Framework for improving critical infrastructure cybersecurity | Unveiling 'Careto' - The Masked APT | Why we need to rethink how we view security | Sizing the EU app economy | Biometric identification and privacy | Consumer concerns about data privacy rising - What can business do? | Police will have 'backdoor' access to health records despite opt-out, says MP | Data protection in the European Union - the role of national data protection authorities | 2013 in review - revelations, tragedy and fighting back | 2013 Year in review | Cisco 2014 Annual security report | Security protocols and evidence - where many payment systems fail | Report on the telephone records program conducted under section 215 of the USA PATRIOT Act and on the operations of the Foreign Intelligence Surveillance Court | Access to data protection remedies in EU member states | Graduated response policy and the behavior of digital pirates - Evidence from the French three-strike (Hadopi) law | The value of online privacy | Big data and privacy - Making ends meet | The evolving legal framework regulating commercial data security standards | BakerHostetler 2013 year-end review of class actions (and what to expect in 2014) | Data classification for cloud readiness]
[Amici Curiae brief [ACLU v. Clapper] | Brief of Amicus Curiae [Riley v. California] | MetaPhone - the sensitivity of telephone metadata | Building privacy into mobile location analytics (MLA) through privacy by design | DeepFace - Closing the gap to human-level performance in face verification | Sometimes in class action settlements plaintiffs gain nothing, but risk everything | How do EU and US privacy regimes compare? | Privacy papers for policy makers 2013 | Are credit monitoring services worth it? | Operation Windigo - The vivisection of a large Linux server-side credential stealing malware campaign | Sophos mobile security threat report | Digital life in 2025 | Drones and targeted killing - defining a European position | [On the use of drones] | Metadata - Piecing together a privacy solution | Constitutional limits on surveillance - Association freedom in the age of data hoarding | I know why you went to the clinic - Risks and realization of HTTPS traffic analysis | Neural signatures of user-centered security - An fMRI study of phishing, and malware warnings | Robotics and the new cyberlaw | Handbook on European data protection law | The legal position and societal effects of security breach notification laws | Comparison of five data-breach bills currently pending in the Senate | The state of privacy 2014 | Meet Jack. Or, what the government could do with all that location data | 2013/2014 Data recovery project for National Association for Information Destruction - Data recovery & security report | Patient identification and matching - Final report | Regulating mass surveillance as privacy pollution - Learning from environmental impact statements]
[Russia's surveillance state | 2014 Data Breach Investigations Report | Heartbleed as metaphor | Heartbleed - Pointer-arithmetic considered harmful | Eternal vigilance is a solvable technical problem - A proposal for streamlined privacy alerts | U.S. views of technology and the future - Science in the next 50 years | FBI plans to have 52 million photos in its NGI face recognition database by next year | Opinion [...] on surveillance of electronic communications for intelligence and national security purposes | Status of location privacy legislation in the States | ABC4Trust - Attribute-based credentials for trust | Opinion [...] on anonymisation techniques | The password allocation problem - Strategies for reusing passwords effectively | Heartbleed - A wake-up call | Opinion [...] on the notion of legitimate interests of the data controller under Article 7 of Directive 95/46/EC | The Court of Justice declares the Data Retention Directive to be invalid | Privacy and competitiveness in the age of big data - The interplay between data protection, competition law and consumer protection in the Digital Economy | Cookies that give you away - Evaluating the surveillance implications of web tracking | Why your data breach is my problem - The risks of relying on "private" information that cannot be kept private | Have we become a "surveillance state"? A five-part test | ACLU comment on the proposed amendment to rule 41 concerning remote searches of electronic storage media | Medical privacy | Aftermarketfailure - Windows XP's end of support | "They know everything we do" - Telecom and internet surveillance in Ethiopia | The scoring of America - How secret consumer scores threaten your privacy and your future | Home location identification of Twitter users | ACLU comments on the White House Big Data Initiative | [Comments for the White House "Big Data review"] | OHCHR consultation in connection with General Assembly Resolution 68/167 "The right to privacy in the digital age" | Invasion of the data snatchers - Big Data and the Internet of Things means the surveillance of everything | The Internet of Things - the old problem squared | Markets voor cybercrime tools and stolen data - Hackers' Bazaar | Opinion [...] on personal data breach notification | Is data privacy an out of date concept? | Secure protocols for accountable warrant execution]
[Judgment in Case C-131/12 | Protecting and promoting the open internet | Privacy International challenges GCHQ's unlawful hacking of computers, mobile phones | Protecting personal data in online services - learning from the mistakes of others | Chip and skim - cloning EMV cards with the pre-play attack | Independent report on e-voting in Estonia | Can we trust anyone with our personal info? | [Complaint against Snapchat, Inc.] | Big data - Seizing opportunities, preserving values | Big data and privacy - A technological perspective | Over one hundred Internet companies call on FCC to protect network neutrality | Privacy Badger | Analyzing forged SSL certificates in the wild | Microsoft Security Intelligence Report - Volume 16 | What a toilet hoax can tell us about the future of surveillance | How urban anonymity disappears when all data is tracked | Policing by numbers - Big Data and the Fourth Amendment | The scored society - Due process for automated predictions | AccelPrint - Imperfections of accelerometers make smartphones trackable | Heartbleed's impact | Tax fraud gang targeted healthcare firms | The FTC and privacy and security duties for the cloud]
[Syllabus, Riley v. California | Trickle down surveillance | Researchers find and decode the spy tools governments use to hijack phones | [Irish High Court refers Schrems Facebook privacy case to ECJ] | Coginitive disconnect - Understanding Facebook Connect login permissions | Addressing the right to privacy at the United Nations | Data doppelgängers and the uncanny valley of personalization | Big data and innovation, setting the record straight - De-identification does work | EMC privacy index | It's all about the Benjamins - An empirical study on incentivizing users to ignore security advice | Tor is for everyone - why you should use Tor | Open wireless movement | A measurement study of Google Play | Factsheet on the "Right to be Forgotten" ruling (C-131/12) | Judgment of the Court (Fourth Chamber) [...] In Case C-360/13 | Law enforcement disclosure report | Consumer's location data - Companies take steps to protect privacy, but practices are inconsistent, and risks may not be clear to consumers | Ars tests Internet surveillance - by spying on an NPR reporter | A crisis of accountability - A global analysis of the impact of the Snowden revelations | Why King George III can encrypt | Alan Westin's privacy homo economicus | Necessary & proportionate - Internationals principles on the application of human rights to communications surveillance - Background and supporting international legal analysis | When enough is enough - location tracking, mosaic theory, and machine learning | The top 5 claims that defenders of the NSA have to stop making to remain credible | Data controllers and data processors - what's the difference? | Business without borders - The importance of cross-border data transfers to global prosperity | Data brokers - A call for transparency and accountability | Privacy advocates warn of 'nightmare' scenario as tech giants consider fitness tracking | Your secret Stingray's no secret anymore - the vanishing government monopoly over cell phone surveillance and its impact on national security and consumer privacy | Judgement of the Court of 8 April 2014 in joined Cases C-293/12 and C-594/12 | U.S. mines personal health data to find the vulnerable in emergencies | Ask Ars - Can I see what information the feds have on my travel? | The Internet with a human face | Privacy under attack - the NSA files revealed new threats to democracy | Freedom and control - Engineering a new paradigm for the digital world | What's the gist? Privacy-preserving aggregation of user profiles | How to protect the most privacy with the least effort - change search engines | Twenty-fifth annual report of the Data Protection Commissioner 2013 | Privacy versus government surveillance - where network effects meet public choice | Care Data - the cons | 20 years of "online government" 101. Part 1 - progress towards a single online presence]
[The web never forgets - Persistent tracking mechanisms in the wild | openPDS - Protecting the privacy of metadata through SafeAnswers | Containment control for a social network with state-dependent connectivity | Information Commissioner's annual report and financial statements 2013/14 | The right to privacy in the digital age | [...] briefing on the fast-track Data Retention and Investigatory Powers Bill | Digital life in 2025 - Net threats | Loopholes for circumventing the Constitution - warrantless bulk surveillance on Americans by collecting network traffic abroad | Data sharing between public bodies - a scoping report | A 'right to be forgotten' procedure for Google; it appears to have difficulty in developing one | Money walks - a human-centric study on the economics of personal mobile data | The emperor's new password manager - Security analysis of web-based password managers | Password portfolios and the finite-effort user - sustainably managing large numbers of accounts | In NSA-intercepted data, those not targeted far outnumber the foreigners who are | No silver bullet - De-identification still doesn't work | Report on the surveillance program operated pursuant to Section 702 of the Foreign Intelligence Surveillance Act | Rights that are being forgotten - Google, the ECJ, and free expression | ICANN's procedures and policies in the light of human rights, fundamental freedoms and democratic values | Does your state protect your privacy in the digital age? | The Dao of privacy | United Nations e-government suvey 2014 - E-government for the future we want | Experimental evidence of massive-scale emotional contagion through social networks | Fighting bulk search warrants in Court | No warrant, no problem - How the Government can get your digital data | What everyone gets wrong in the debate over net neutrality | We don't need net neutrality; we need competition | A risk-based approach to privacy - improving effectiveness in practice | Dragonfly - Cyberespionage attacks against energy suppliers | Privacy & data security update (2014)]
[Request for investigation of 30 companies' violation of the U.S.-EU Safe Harbor program | Rethinking personal data - A new lens for strengthening trust | The future of work - A journey to 2022 | The most wanted man in the world | What's the matter with PGP? | The National Programme for IT in the NHS - A case history | Is Big Data spreading inequality? | Platform neutrality - Building an open and sustainable digital environment | Elastic pathing - your speed is enough to track you | Surviving on a diet of poisoned fruit - Reducing the national security risks of America's cyber dependencies | A large-scale analysis of the security of embedded firmwares | The social laboratory - Singapore is testing whether mass surveillance and big data can not only protect national security, but actually engineer a more harmonious society | [Google's answers to the] Questionnaire addressed to Search Engines by the Article 29 Working Party regarding the implementation of the CJEU judgement on the "right to be forgotten" | EU Data Protection law - a 'right to be forgotten'? | What's the deal? An FTC study on mobile shopping apps | Insurance 2020 - The digital prize - Taking customer connection to a new level | Surveillance costs - the NSA's impact on the economy, internet freedom & cybersecurity | With liberty to monitor all - How large-scale US surveillance is harming journalism, law and American democracy | Jewel v. NSA - Plaintiffs Jewel, Knutzen and Walton's motion for partial summary judgment | [Open letter to the U.S. Federal Trade Commission and the Irish Data Protection Commissioner] | Big data and data protection | Review of the impact of ICO civil monetary penalties | Smart meters, smarter regulation - Balancing privacy and innovation in the electric grid]
[Social media and the 'spiral of silence' | Reverse-engineering censorship in China - Randomized experimentation and participant observation | What's old is new again - retaining Fourth Amendment protections in warranted digital searches | The international free and open source software law book | Security analysis of a full-body scanner | Security of automated access management using Secure Shell (SSH)]
[Myth-busting - The Court of Justice of the EU and the "right to be forgotten" | Data protection and journalism - a guide for the media | What do we worry about when we worry about price discrimination? The law and ethics of using personal information for pricing | The internet of things and wearable technology - addressing privacy and security concerns without derailing innovation | An international legal framework for surveillance | Global network interference detection over the RIPE Atlas network]
[TRUSTe settles FTC charges it deceived consumers through its privacy seal program | Making smart decisions about surveillance - A guide for communities | Catching bandits and only bandits - Privacy-preserving intersection warrants for lawful surveillance | The connected car and privacy - Navigating new data issues | Consumer privacy protection principles - Privacy principles for vehicle technologies and services | The dark alleys of Madison Avenue - Understanding malicious advertisements | Public perceptions of privacy and security in the post-Snowden era | Handcrafted fraud and extortion - Manual account hijacking in the wild | Modifying an off-the-shelf wireless router for PDF ballot tampering | Microsoft Security Intelligence Report - Volume 17 - January through June, 2014 | Case study 1 report - WebRTC | Intelligence legalism and the National Security Agency's civil liberties gap | Data privacy regulation comes of age in Asia | The natural history of Gmail data mining | The best secure messaging tools | Surveillance self-defense - Tips, tools and how-tos for safer online communications | Online privacy, online publicity - Young Canadians in a wired world, phase III | Who cares for identity information in Government 2.0? An empirical study | What do users want from their future means of Identity Management? | Removing roadblocks to intelligent vehicles and driverless cars | Riding with the stars - passenger privacy in the NYC taxicab dataset | Dutch e-voting opportunities, Risk assessment framework based on attacker resources | An administrator's guide to internet password research | Q&A - Electronic Identification and Trust Services (eIDAS) Regulation | In the picture - A data protection code of practice for surveillance cameras and personal information | Online harassment | The trouble with European data protection law | Printer watermark obfuscation]
[Assessing cyber security export risks | Clubbing seals - Exploring the ecosystem of third-party security seals | FTC alleges debt brokers illegally exposed personal information of tens of thousands of consumers on the internet | Privacy and security developments 2014 Issue 1 | Opinion [on] device fingerprinting | Technical analysis of client identification mechanisms | PrivacyGrade - Grading the privacy of smartphone apps | Hacking the Street? Fin4 likely playing the market | CIGI-Ipsos Global survey on internet security and trust | Privacy detective - Detecting private information and collective privacy behavior in a large social network]