• How a Norwegian Government Report Shows the Limits of CFIUS Data Reviews

    Amid growing attention to data and national security threats from China, a recent Norwegian government report sheds light on the limits of a U.S. government process for tackling them: the Committee on Foreign Investment in the United States (CFIUS). Kamran Kara-Pabani and Justin Sherman write that “CFIUS is still a useful and important mechanism for addressing the national security risks associated with direct foreign access to sensitive U.S. citizen data,” but that “policymakers must recognize that CFIUS must be complemented with other measures outside of the body’s scope.”

  • Supreme Court Asked to Review DHS’s Warrantless Searches of International Travelers’ Phones, Laptops

    The Electronic Frontier Foundation (EFF), the American Civil Liberties Union, and the ACLU of Massachusetts on Friday filed a petition for a writ of certiorari, asking the Supreme Court to hear a challenge to the Department of Homeland Security’s policy and practice of warrantless and suspicionless searches of travelers’ electronic devices at U.S. airports and other ports of entry.

  • New Tool Reveals Security and Privacy Issues with Contact Tracing Apps

    Researchers have developed a tool to identify security and privacy risks associated with Covid-19 contact tracing apps. COVIDGuardian, the first automated security and privacy assessment tool, tests contact tracing apps for potential threats such as malware, embedded trackers and private information leakage.

  • Deployment of Emotion-Recognition Technologies in China Threatens Human Rights

    Emotion recognition is a biometric technology which purports to be able to analyze a person’s inner emotional state. These biometric applications are used by law enforcement authorities to identify suspicious individuals, and by schools to monitor how well a student is paying attention in class. China is deploying the technology to allow the authorities to better monitor forbidden anti-regime thoughts among citizens who are subject to police interrogation or investigation.

  • More Privacy When Using WhatsApp, Signal and Other Apps

    Cryptography experts have developed a privacy-protecting security software for mobile messaging services. The software addresses to problem created when service providers access the users’ contact lists.

  • Baltimore Aerial Investigations Associated with Small Improvements in Solving Crimes

    A preliminary report about an effort to use aerial surveillance to aid police investigations in Baltimore finds that the effort was associated with small increases in the rate at which police solved serious crimes, but an overall evaluation of the program will require a wider review of citywide police efforts, according to a new report.

  • Shining a Light on the Hidden Shadows of the Internet

    The dark web is perceived as the underbelly of the internet world, but it’s not all as negative as it may seem, says a computer security expert. The dark web is becoming increasingly popular with internet users who simply want to safeguard their privacy online.

  • Coercive Collection of DNA Is Unethical, Damaging to the Future of Medical Research

    The compulsory collection of DNA being undertaken in some parts of the world is not just unethical, but risks affecting people’s willingness to donate biological samples and thus contribute to the advancement of medical knowledge and the development of new treatments, say experts.

  • Face Surveillance and the Capitol Attack

    After last week’s violent attack on the Capitol, law enforcement is working overtime to identify the perpetrators. This is critical to accountability for the attempted insurrection. Law enforcement has many, many tools at their disposal to do this, especially given the very public nature of most of the organizing. But the Electronic Frontier Foundations (EFF) says it objects to one method reportedly being used to determine who was involved: law enforcement using facial recognition technologies to compare photos of unidentified individuals from the Capitol attack to databases of photos of known individuals. “There are just too many risks and problems in this approach, both technically and legally, to justify its use,” the EFF says.

  • Online Users Manipulated into Sharing Private Information Online

    Online users are more likely to reveal private information based on how website forms are structured to elicit data, BGU researchers have determined.

  • EFF Urges Federal Appeals Court to Rehear Case Involving Unconstitutional Baltimore Aerial Surveillance Program

    In May, the Baltimore Police Department launched its Aerial Investigation Research (AIR) Pilot Program. For six months, three surveillance aircrafts operated by a private company called Persistent Surveillance Systems flew over Baltimore—covering about 90 percent of the city—for 12 hours every day. The planes produced images that even at a resolution of “one pixel per person” allowed the police to track individual’s movements over multi-day periods, especially when combined with the police’s networks of more than 800 ground-based surveillance cameras and automated license plate readers.

  • Your Smart Watch May Be Sharing Your Data

    You may not realize it, but your internet-connected household devices such as the Ring doorbell, Peloton exercise bike and Nest thermostat are all exchanging data with other devices and systems over the network. These physical objects, all part of the Internet of Things (IoT), come with sensors and software, and they often use cloud computing. Most people would consider the information contained in these household items as highly private.

  • Finally: A Usable, Secure Password Policy Backed by Science

    After nearly a decade of studies, the passwords research group in Carnegie Mellon’s CyLab Security and Privacy Institute has developed a policy for creating passwords that maintains balance between security and usability—one backed by hard science.

  • People Want Data Privacy but Don’t Always Know What They’re Getting

    Debates around privacy might seem simple: Something is private or it’s not. However, the technology that provides digital privacy is anything but simple. Our data privacy research shows that people’s hesitancy to share their data stems in part from not knowing who would have access to it and how organizations that collect data keep it private. We’ve also found that when people are aware of data privacy technologies, they might not get what they expect.

  • Global Internet Freedom Declines in Shadow of Pandemic

    Governments around the world have used the COVID-19 pandemic as cover to expand online surveillance and data collection, censor critical speech, and build new technological systems of social control, according to an annual assessment of internet freedom, released Wednesday by Freedom House.