• CybersecurityDrones pose significant cyber, privacy challenges

    Growing drone use in populated areas poses significant risks that, without additional safeguards, could result in attacks by malicious entities and exploited for use in cyberattacks, terrorism, crime and invasion of privacy.

  • PrivacyPutting data privacy in the hands of users

    By Rob Matheson

    In today’s world of cloud computing, users of mobile apps and web services store personal data on remote data center servers. Services often aggregate multiple users’ data across servers to gain insights on, say, consumer shopping patterns to help recommend new items to specific users, or may share data with advertisers. Traditionally, however, users haven’t had the power to restrict how their data are processed and shared. New platform acts as a gatekeeper to ensure web services adhere to a user’s custom data restrictions.

  • CybersecurityIs your VPN secure?

    By Mohammad Taha Khan and Narseo Vallina-Rodriguez

    About a quarter of internet users use a virtual private network, a software setup that creates a secure, encrypted data connection between their own computer and another one elsewhere on the internet. Many people use them to protect their privacy when using Wi-Fi hotspots, or to connect securely to workplace networks while traveling. Other users are concerned about surveillance from governments and internet providers. However, most people – including VPN customers – don’t have the skills to double-check that they’re getting what they paid for. A group of researchers I was part of do have those skills, and our examination of the services provided by 200 VPN companies found that many of them mislead customers about key aspects of their user protections.

  • Data securityNew computing architectures to deliver verifiable data assurances

    Whether a piece of information is private, proprietary, or sensitive to national security, systems owners and users have little guarantees about where their information resides or of its movements between systems. As is the case with consumers, the national defense and security communities similarly have only few options when it comes to ensuring that sensitive information is appropriately isolated, particularly when it’s loaded to an internet-connected system. A new program seeks to create new software and hardware architectures that provide physically provable assurances around data security and privacy.

  • PrivacyCloaking location on mobile devices to protect privacy

    We agree to give up some degree of privacy anytime we search Google to find a nearby restaurant or use other location-based apps on our mobile devices. The occasional search may be fine, but researchers says repeatedly pinpointing our location reveals information about our identity, which may be sold or shared with others. The researchers say there is a way to limit what companies can glean from location information.

  • PrivacyOn Facebook and Twitter, even if you don’t have an account, your privacy is at risk

    Individual choice has long been considered a bedrock principle of online privacy. If you don’t want to be on Facebook, you can leave or not sign up in the first place. Then your behavior will be your own private business, right? A new study shows that privacy on social media is like second-hand smoke. It’s controlled by the people around you.

  • CybersecurityData breaches are inevitable – here’s how to protect yourself anyway

    By W. David Salisbury and Rusty Baldwin

    It’s tempting to give up on data security altogether, with all the billions of pieces of personal data – Social Security numbers, credit cards, home addresses, phone numbers, passwords and much more – breached and stolen in recent years. But that’s not realistic – nor is the idea of going offline entirely. In any case, huge data-collection corporations vacuum up data about almost every American without their knowledge. As cybersecurity researchers, we offer good news to brighten this bleak picture. There are some simple ways to protect your personal data that can still be effective, though they involve changing how you think about your own information security.

  • PrivacyAmazon, Facebook and Google don’t need to spy on your conversations to know what you’re talking about

    By Jason Nurse

    If you’ve ever wondered if your phone is spying on you, you’re not alone. One of the most hotly debated topics in technology today is the amount of data that firms surreptitiously gather about us online. You may well have shared the increasingly common experience of feeling creeped out by ads for something you recently discussed in a real life conversation or an online interaction. Tech companies don’t need to listen to your phone calls or read you emails. Simply put, tech firms routinely gather so much data about you in other ways, they already have an excellent idea what your interests, desires and habits might be.

  • CybersecurityAI advancement opens health data privacy to attack

    Advances in artificial intelligence have created new threats to the privacy of health data, a new study shows. The study suggests current laws and regulations are nowhere near sufficient to keep an individual’s health status private in the face of AI development.

  • SurveillanceTSA’s roadmap for airport surveillance moves in a dangerous direction

    By India McKinney

    The Transportation Security Administration has set out an alarming vision of pervasive biometric surveillance at airports, which cuts against the right to privacy, the “right to travel,” and the right to anonymous association with others.

  • Cyber data privacyDHS S&T awards $1.14 million for improving cyber data privacy

    DHS S&T has awarded a total of $1,149,900 across two organizations to develop new research and development (R&D) capabilities to enhance the management of privacy threats and vulnerabilities.

  • PrivacySubtle visual cues in online forums nudge users to reveal more than they would like

    Pictures may be worth a thousand words, but icons may be even more powerful in nudging people to disclose more information online, according to an interdisciplinary team of Penn State researchers. In a study, researchers found that people using an online sexual health forum featuring computer graphics, called icons, that implied a sense of crowd size and connectivity, revealed more sensitive information than visitors to a site without those visual cues.

  • EncryptionNew Australian law would compel tech firms to hand over encrypted data

    Australia’s parliament earlier today (Thursday) passed a controversial measure which will force tech firms to give police access to the encrypted communications of suspected terrorists and criminals. The law, fiercely opposed by big tech firms, has engendered heated debate over national security and privacy at a time law enforcement agencies are struggling with how to access encrypted information to monitor illegal activities. The passage of the law may have global implications for encrypted communications. Critics say the law may unleash unintended consequences.

  • SurveillanceChicago should reject a proposal for private-sector face surveillance

    By Shahid Buttar

    A proposed amendment to the Chicago municipal code would allow businesses to use face surveillance systems that could invade biometric and location privacy, and violate a pioneering state privacy law adopted by Illinois a decade ago. EFF joined a letter with several allied privacy organizations explaining the EFF’s concerns, which include issues with both the proposed law and the invasive technology it would irresponsibly expand.

  • SurveillanceU.K. surveillance regime violated human rights

    By David Ruiz

    On September 13, after a five-year legal battle, the European Court of Human Rights said that the U.K. government’s surveillance regime—which includes the country’s mass surveillance programs, methods, laws, and judges—violated the human rights to privacy and to freedom of expression. The court’s opinion is the culmination of lawsuits filed by multiple privacy rights organizations, journalists, and activists who argued that the U.K.’s surveillance programs violated the privacy of millions.