Rina Steenkamp - Privacy and technology
[TRUSTe settles FTC charges it deceived consumers through its privacy seal program | Making smart decisions about surveillance - A guide for communities | Catching bandits and only bandits - Privacy-preserving intersection warrants for lawful surveillance | The connected car and privacy - Navigating new data issues | Consumer privacy protection principles - Privacy principles for vehicle technologies and services | The dark alleys of Madison Avenue - Understanding malicious advertisements | Public perceptions of privacy and security in the post-Snowden era | Handcrafted fraud and extortion - Manual account hijacking in the wild | Modifying an off-the-shelf wireless router for PDF ballot tampering | Microsoft Security Intelligence Report - Volume 17 - January through June, 2014 | Case study 1 report - WebRTC | Intelligence legalism and the National Security Agency's civil liberties gap | Data privacy regulation comes of age in Asia | The natural history of Gmail data mining | The best secure messaging tools | Surveillance self-defense - Tips, tools and how-tos for safer online communications | Online privacy, online publicity - Young Canadians in a wired world, phase III | Who cares for identity information in Government 2.0? An empirical study | What do users want from their future means of Identity Management? | Removing roadblocks to intelligent vehicles and driverless cars | Riding with the stars - passenger privacy in the NYC taxicab dataset | Dutch e-voting opportunities, Risk assessment framework based on attacker resources | An administrator's guide to internet password research | Q&A - Electronic Identification and Trust Services (eIDAS) Regulation | In the picture - A data protection code of practice for surveillance cameras and personal information | Online harassment | The trouble with European data protection law | Printer watermark obfuscation]
A publication by the FTC.
From the press release:
"TRUSTe provides seals to businesses that meet specific requirements for consumer privacy programs that it administers. TRUSTe seals assure consumers that businesses' privacy practices are in compliance with specific privacy standards like the Children's Online Privacy Protection Act (COPPA) and the U.S.-EU Safe Harbor Framework. 'TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge,' said FTC Chairwoman Edith Ramirez. 'Self-regulation plays an important role in helping to protect consumers. But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action.'"
Read more:
See also:
A guide by Linda Lye, Mitra Ebadolahi and Nicole Ozer (ACLU of California).
From the introduction to the guide:
"This first-of-its-kind guide provides step-by-step assistance to help communities ask and answer the right questions about surveillance. It includes case studies highlighting smart approaches and missteps to avoid. Because each community and each type of surveillance may present a different set of issues, there is no one-size-fits-all solution. Instead, this guide gives communities a flexible framework that policymakers, community members and law enforcement should use to properly evaluate a wide array of surveillance technologies and develop policies that provide transparency, oversight, and accountability. It also includes a Surveillance & Community Safety Ordinance that communities should adopt to ensure that the right process is followed every time."
Read more:
See also:
A paper by Aaron Segal, Bryan Ford and Joan Feigenbaum.
Abstract:
"Motivated in part by the Snowden revelations, we address the question of whether intelligence and lawenforcement agencies can gather actionable, relevant information about unknown electronic targets without conducting dragnet surveillance. We formulate principles that we believe effective, lawful surveillance protocols should adhere to in an era of big data and global communication networks. We then focus on intersection of cell-tower dumps, a specific surveillance operation that the FBI has used effectively. As a case study, we present a system that computes such intersections in a privacypreserving, accountable fashion. Preliminary experiments indicate that such a system could be efficient and usable, suggesting that privacy and accountability need not be barriers to effective intelligence gathering."
Read more:
A paper by the Future of Privacy Forum.
Abstract:
"New technologies in vehicles promise drivers real advances in safety and convenience, but will only be welcomed by consumers if they can be sure their personal data will be handled in a trustworthy manner. Privacy principles adopted by leading auto makers set a responsible course for new uses of biometric, behavioral and location data and should help avoid any privacy bumps in the road. This brief paper seeks to provide an overview of the technologies currently available in cars and identifies the types of data collected and the purposes for which it is used. We then turn to identify the new types of data collection that are now or soon to be available and identify common uses of that data. Our goal is to help inform media, policymakers, advocates and others about the vehicle data environment and help identify privacy issues that are relevant."
Read more:
A publication by Alliance of Automobile Manufacturers, Inc. / Association of Global Automakers, Inc..
From 'I. Introduction':
"The automotive industry is developing innovative technologies and services that promise to deliver substantial benefits and enhance the driving experience. [...] Many of these technologies and services are based upon information obtained from a variety of vehicle systems and involve the collection of information about a vehicle's location or a driver's use of a vehicle. Consumer trust is essential to the success of vehicle technologies and services. The Alliance, Global Automakers, and their members understand that consumers want to know how these vehicle technologies and services can deliver benefits to them while respecting their privacy."
Read more:
See also:
A paper by Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel and Giovanni Vigna.
From the Abstract:
"Online advertising drives the economy of the World Wide Web. Modern websites of any size and popularity include advertisements to monetize visits from their users. To this end, they assign an area of their web page to an advertising company (so called ad exchange) that will use it to display promotional content. By doing this, the website owner implicitly trusts that the advertising company will o er legitimate content and it will not put the site's visitors at risk of falling victims of malware campaigns and other scams. In this paper, we perform the first large-scale study of the safety of the advertisements that are encountered by the users on the Web. In particular, we analyze to what extent users are exposed to malicious content through advertisements, and investigate what are the sources of this malicious content."
Read more:
A report by Mary Madden, Lee Rainie, Kathryn Zickuhr, Maeve Duggan and Aaron Smith (Pew Research Center).
From 'Summary of findings':
"Privacy evokes a constellation of concepts for Americans - some of them tied to traditional notions of civil liberties and some of them driven by concerns about the surveillance of digital communications and the coming era of 'big data.' While Americans' associations with the topic of privacy are varied, the majority of adults in a new survey by the Pew Research Center feel that their privacy is being challenged along such core dimensions as the security of their personal information and their ability to retain confidentiality."
Read more:
See also:
A paper by Elie Bursztein, Borbala Benko, Daniel Margolis, Tadek Pietraszek, Andy Archer, Allan Aquino, Andreas Pitsillidis and Stefan Savage.
Abstract:
"Online accounts are inherently valuable resources - both for the data they contain and the reputation they accrue over time. Unsurprisingly, this value drives criminals to steal, or hijack, such accounts. In this paper we focus on manual account hijacking - account hijacking performed manually by humans instead of botnets. We describe the details of the hijacking workflow: the attack vectors, the exploitation phase, and post-hijacking remediation. Finally we share, as a large online company, which defense strategies we found effective to curb manual hijacking."
Read more:
See also:
A paper by Daniel M. Zimmerman and Joseph R. Kiniry.
Abstract:
"In order to highlight the dangers associated with Internet voting carried out over electronic mail with PDF forms, we show that an off-the-shelf home Internet router can be easily modified to silently alter election ballots. The modification is nearly undetectable and can be carried out in a way that leaves no evidence to be found in a post-election investigation."
Read more:
A report by Microsoft.
From 'Securing account credentials':
"Account credentials that are stolen in bulk directly from organizations’ websites contribute a significant amount to the trade in stolen credentials. As part of its customer account protection operations during the period from November 2013 to June 2014, Microsoft tracked about 1700 distinct website credential thefts—comprising a little more than 2.3 million credentials—that were posted in public places on the Internet. This number represents only a small fraction of the credentials that are traded in forums and specialized websites on less publicly accessible spaces on the Internet that cater to the illicit trade in stolen credentials. [...] Only a small fraction of website credential thefts received coverage in the press."
Read more:
A report by Bert Bos, Elwyn Davies, Lieven Desmet, Stephen Farrell, Martin Johns and Rigo Wenning (STREWS).
From the Executive Summary:
"WebRTC or Web Real Time Communications allows the establishment of real time audio and video communications between users' browsers. The creation of the communication link is mediated by a web server with WebRTC capabilities. The link itself can be peer-to-peer between the browsers. WebRTC does not depend on a standardised signalling infrastructure, but rather leverages the web JavaScript environment and standardised browser APIs. This allows for implementations that range from a simple audio communication between two people up to a videoconference with multiple participants, out of the box as part of a normal browser. WebRTC thus has at least three actors involved: a web server and two browsers. The mediation of the usable communication channels is negotiated between these based on a complex set of specifications that are detailed in the WebRTC overview below. Not only is there a complex combination of specifications, but the work is also distributed between the IETF doing the protocol stack and W3C creating the browser APIs. Still WebRTC remains a part of the Web, thus all the vulnerabilities described in the Web Security Guide [an earlier publication by STREWS] still apply. But the complexity and the fact that the communication is real time also bring new aspects and vulnerabilities. This case study dives deeper into the vulnerabilities to which user and server assets are exposed by their use of WebRTC. This is not limited to the three actors mentioned, but these may also behave in unexpected ways."
Read more:
A paper by Margo Schlanger.
From the Abstract:
"The NSA and the administration in which it sits have thought of civil liberties and privacy only in compliance terms. That is, they have asked only 'Can we (legally) do X?' and not 'Should we do X?' This preference for the can question over the should question is part and parcel, I argue, of a phenomenon I label 'intelligence legalism,' whose three crucial and simultaneous features are imposition of substantive rules given the status of law rather than policy; some limited court enforcement of those rules; and empowerment of lawyers. Intelligence legalism has been a useful corrective to the lawlessness that characterized surveillance prior to intelligence reform, in the late 1970s. But I argue that it gives systematically insufficient weight to individual liberty, and that its relentless focus on rights, and compliance, and law has obscured the absence of what should be an additional focus on interests, or balancing, or policy."
Read more:
A publication by Hogan Lovells.
From the introduction to the paper:
"There has been an explosion of new data privacy regulation across the Asia Pacific region in recent years. [...] While it is fair to say that enforcement rates in the data privacy space have historically been low in the region, it is clear that this picture has changed and is changing still."
Read more:
An article by Jeff Gould (Medium).
From the article:
"Tech and media industry insiders often struggle to believe that there are still people who don't understand how Google makes money. But the surprising reality is that vast numbers of well-informed people outside this insider elite have no clue that Google is the world's largest advertising company. They do not imagine that after only 15 years in business Google makes more money from ads than all the world's newspapers combined. They still see it as just a handy search engine that offers free email on the side and puts nice maps on their phones."
Read more:
A project by Pro Publica.
From the introduction:
"This is a ranking of encrypted messaging programs based on criteria aimed to assess whether they are well designed to make the content of the messages unreadable to anybody other than the sender and recipient."
Read more:
See also:
A project by EFF.
From the project's front page:
"Modern technology has given the powerful new abilities to eavesdrop and collect data on innocent people. Surveillance Self-Defense is EFF's guide to defending yourself and your friends from surveillance by using secure technology and developing careful practices."
Read more:
A report by MediaSmarts.
From the Introduction:
"In 2013, MediaSmarts conducted a national survey - 'Young Canadians in a wired world' - of 5,436 Canadian students, grades 4 through 11, in every province and territory, in order to gain a better understanding of young people's experiences and perceptions of networked media. 'Online privacy, online publicity' is the second of a series of reports drawing on that rich data. In this report, we explore the Janus-faced nature of online privacy by examining the strategies that young people use to control how they are represented online and the ways in which they seek to assert some sort of control over their personal information."
Read more:
See also:
An article by Bert-Jaap Koops and Bibi van den Berg.
Abstract:
"This chapter presents the results of an empirical study on the effects of identity information on government-citizen interaction in government 2.0 applications. It triangulates findings from a survey among government 2.0 users and quantitative and qualitative analyses of Dutch government 2.0 Websites. This reveals the identity information Web 2.0 users want to have of other participants and are willing to provide about themselves, the importance of role information of civil servants, and the relationship of identity information with the interaction level on government 2.0 applications. The results show that, contrary to what the literature suggests, there is no significant correlation between identity information and interaction levels on government 2.0 discussion forums. The findings suggest that government 2.0 initiatives should be designed with a flexible and liberal approach to identity information."
Read more:
A report by Liesbeth van Zoonen (IMPRINTS).
From 'Discussion':
"[...] our data do not suggest that people feel an urgent need for new means of IM. In general, people hardly report problems around their current means of identifying and authenticating themselves and - probably as a result - they also express little desire for actual new ID technologies or functions, with the exception of IM for health purposes. When probed, however, it is clear that people are concerned about the way future developments will be governed, with particular desires for institutional legitimacy of data management (referring to the procedures for data collection, segregations and access), for personal control and for choice. In addition, there is concern that such legitimacy might come to depend on one's financial resources."
Read more:
A paper by Adam Thierer and Ryan Hagemann (Mercatus Center, George Mason University).
Abstract:
"This paper addresses some of the early policy concerns about 'connected cars' and driverless vehicles and promotes 'bottom-up' solutions to ensure that innovation continues to flourish in this space. The authors argue that the generally unabated advancement of intelligent-vehicle technology will produce significant economic and social benefits. Various technical and policy barriers to more widespread adoption remain, however, and misguided regulation could delay or curtail the adoption of this important technology. This paper outlines ways of overcoming those hurdles. The authors also argue that policymakers should keep in mind that individuals have gradually adapted to similar disruptions in the past and, therefore, patience and humility are needed when considering policy for intelligent-vehicle systems."
Read more:
An article by Anthony Tockar (Neustar Research).
From the article:
"There has been a lot of online comment recently about a dataset released by the New York City Taxi and Limousine Commission. It contains details about every taxi ride (yellow cabs) in New York in 2013, including the pickup and drop off times, locations, fare and tip amounts, as well as anonymized (hashed) versions of the taxi's license and medallion numbers. It was obtained via a FOIL (Freedom of Information Law) request earlier this year and has been making waves in the hacker community ever since. The release of this data in this unalloyed format raises several privacy concerns. The most well-documented of these deals with the hash function used to 'anonymize' the license and medallion numbers. A bit of lateral thinking from one civic hacker and the data was completely de-anonymized. This data can now be used to calculate, for example, any driver's annual income. More disquieting, though, in my opinion, is the privacy risk to passengers. With only a small amount of auxiliary knowledge, using this dataset an attacker could identify where an individual went, how much they paid, weekly habits, etc. I will demonstrate how easy this is to do in the following section. [...]"
Read more:
Thesis by Ruud Verbij.
From the Abstract:
"The state-of-art on e-voting research and publications does not fulfill the needs in feeding the current e-voting debates in the Netherlands. Whereas most of the scientific literature is focused on highly theoretical environments in which e-voting schemes operate, the majority of the more practical research does not provide for quantified and practical results in a realistic setting. This research, however, fills this gap by establishing a quantified framework for reviewing and objectively comparing e-voting schemes in practice. The proposed framework in this research first establishes an exhaustive list of all possible attacks on the e-voting scheme, beyond initial traditional research into the protocol, the cryptography and the implementation. Subsequently, the framework addresses each of these identified attacks in terms of effort for the attacker: how much time and money does an attacker need to pull off the attack? Thereafter the attacks are categorized according to the Dutch requirements for voting schemes, after which they can be compared to either a baseline proposed by politics or to other schemes. The final step of the framework helps in mitigating the attack vectors and assessing the impact of differences in implementation details of these schemes. As the framework is circular, all steps can be repeated to allow for a thorough analysis and mitigation of potential risks."
Read more:
A paper by Dinei Florencio, Cormac Herley and Paul C. van Oorschot.
From the Abstract:
"The research literature on passwords is rich but little of it directly aids those charged with securing web-facing services or setting policies. With a view to improving this situation we examine questions of implementation choices, policy and administration using a combination of literature survey and first-principles reasoning to identify what works, what does not work, and what remains unknown. Some of our results are surprising."
Read more:
See also:
A publication by the European Commission.
From the text of the eIDAS Regulation:
"This Regulation seeks to enhance trust in electronic transactions in the internal market by providing a common foundation for secure electronic interaction between citizens, businesses and public authorities, thereby increasing the effectiveness of public and private online services, electronic business and electronic commerce in the [European] Union."
Read more:
A publication by the Information Commissioner's Office (ICO).
From '1. Introduction':
"We have moved away from CCTV simply being a camera on top of a pole in our local town centre where the images were recorded on to video tapes, to much more sophisticated operations using digital and increasingly portable technology. The use of Automatic Number Plate Recognition (ANPR) is now commonplace and body worn cameras are being routinely used by organisations, such as the police. Surveillance cameras are no longer a passive technology that only records and retains images, but is now a proactive one that can be used to identify people of interest and keep detailed records of people's activities, such as with ANPR cameras. The use of surveillance cameras in this way has aroused public concern due to the technology no longer being used solely to keep people and their property safe, but increasingly being used to collect evidence to inform other decisions, such as the eligibility of a child to attend a school in a particular area."
Read more:
See also:
A report by Pew Research.
From 'Summary of findings':
"In broad trends, the data show that men are more likely to experience name-calling and embarrassment, while young women are particularly vulnerable to sexual harassment and stalking. Social media is the most common scene of both types of harassment, although men highlight online gaming and comments sections as other spaces they typically encounter harassment. Those who exclusively experience less severe forms of harassment report fewer emotional or personal impacts, while those with more severe harassment experiences often report more serious emotional tolls. [...] Young women, those 18-24, experience certain severe types of harassment at disproportionately high levels: 26% of these young women have been stalked online, and 25% were the target of online sexual harassment. In addition, they do not escape the heightened rates of physical threats and sustained harassment common to their male peers and young people in general."
Read more:
See also:
A paper by Bert-Jaap Koops.
Abstract:
"The trouble with Harry, in Alfred Hitchcock's 1955 movie, is that he's dead, and everyone seems to have a different idea of what needs to be done with his body. The trouble with European data protection law is the same. In several crucial respects, data protection law is currently a dead letter. The current legal reform will fail to revive it, since its three main objectives are based on fallacies. The first fallacy is the delusion that data protection law can give individuals control over their data, which it cannot. The second is the misconception that the reform simplifies the law, while in fact it makes compliance even more complex. The third is the assumption that data protection law should be comprehensive, which stretches data protection to the point of breaking and makes it meaningless law in the books. Unless data protection reform starts looking in other directions - going back to basics, playing other regulatory tunes on different instruments in other legal areas, and revitalising the spirit of data protection by stimulating best practices - data protection will remain dead. Or, worse perhaps, a zombie."
Read more:
A paper by Maya Embar, Louis McHugh and William Wesselman.
From the Abstract:
"Most color laser printers manufactured and sold today add "invisible" information to make it easier to determine when a particular document was printed and exactly which printer was used. Some manufacturers have acknowledged the existence of the tracking information in their documentation while others have not. None of them have explained exactly how it works or the scope of the information that is conveyed. There are no laws or regulations that require printer companies to track printer users this way, and none that prevent them from ceasing this practice or providing customers a means to opt out of being tracked. The tracking information is coded by patterns of yellow dots that the printers add to every page they print. The details of the patterns vary by manufacturer and printer model. In this document, our team will discuss several obfuscation methods and demonstrate a successful one."
Read more: