"The information revealed by a person’s Internet activities paints an intimate and richly detailed portrait of the person’s life—often on a day-by-day or minute-by-minute basis. It is
precisely this deeply personal information that the government is seizing and searching. The Washington Post recently examined a sample of 160,000 Internet communications intercepted and retained by the
NSA. Even after significantly more filtering and minimization than is at issue here, the Post reported: ‘Many other files, described as useless by the analysts but nonetheless retained, have a startlingly
intimate, even voyeuristic quality. They tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed
hopes. The daily lives of more than 10,000 account holders who were not targeted are catalogued and recorded nevertheless.’ The government conducts its domestic surveillance by seizing and searching
Internet communications as they flow through major fiber-optic network junctions on the Internet ‘backbone.’ Almost all ordinary Internet traffic travels at some point over the Internet backbone - high-
capacity, long-distance fiber-optic cables controlled by major Internet providers such as AT&T. The seizures at issue here occur on the junctions between AT&T and other providers on the
"Transitioning from our current energy infrastructure to a smart grid will be essential to meeting future challenges. One key component of the smart grid is advanced metering infrastructure (AMI). AMI allows for the grid to be run more effectively and efficiently by making granular near real-time data about customers’ energy usage available. Coupled with the input and innovation of third-party companies and researchers, the potential benefits of this technology are immense. But given the granularity of AMI data, some academics and consumer advocates are concerned that the technology could place customer privacy at risk. It is therefore essential that regulators appropriately tailor privacy protections to strike the proper balance between the innovative potential of AMI data and consumers’ privacy concerns. When possible, regulators should opt for regimes allowing for the protected sharing of granular AMI data with third parties."
"The rise of smartphones and web services made possible the large-scale collection of personal metadata. Information about individuals’ location, phone call logs, or web-searches, is collected
and used intensively by organizations and big data researchers. Metadata has however yet to realize its full potential. Privacy and legal concerns, as well as the lack of technical solutions for personal
metadata management is preventing metadata from being shared and reconciled under the control of the individual. This lack of access and control is furthermore fueling growing concerns, as it prevents
individuals from understanding and managing the risks associated with the collection and use of their data. Our contribution is two-fold: (1) we describe openPDS, a personal metadata management framework
that allows individuals to collect, store, and give finegrained access to their metadata to third parties. It has been implemented in two field studies; (2) we introduce and analyze SafeAnswers, a new and
practical way of protecting the privacy of metadata at an individual level."
"Social interactions influence our thoughts, opinions and actions. In this paper, social interactions are studied within a group of individuals composed of influential social leaders and
followers. Each person is assumed to maintain a social state, which can be an emotional state or an opinion. Followers update their social states based on the states of local neighbors, while social
leaders maintain a constant desired state. Social interactions are modeled as a general directed graph where each directed edge represents an influence from one person to another. Motivated by the non-
local property of fractional-order systems, the social response of individuals in the network are modeled by fractional-order dynamics whose states depend on influences from local neighbors and past
experiences. A decentralized influence method is then developed to maintain existing social influence between individuals (i.e., without isolating peers in the group) and to influence the social group to
a common desired state (i.e., within a convex hull spanned by social leaders). Mittag-Leffler stability methods are used to prove asymptotic stability of the networked fractional-order
"We present the first large-scale studies of three advanced web tracking mechanisms - canvas fingerprinting, evercookies and use of ‘cookie syncing’ in conjunction with evercookies. Canvas fingerprinting, a recently developed form of browser fingerprinting, has not previously been reported in the wild; our results show that over 5% of the top 100,000 websites employ it. We then present the first automated study of evercookies and respawning and the discovery of a new evercookie vector, IndexedDB. Turning to cookie syncing, we present novel techniques for detection and analysing ID
flows and we quantify the amplification of privacy-intrusive tracking practices due to cookie syncing. Our evaluation of the defensive techniques used by privacy-aware users finds that there exist subtle pitfalls -
such as failing to clear state on multiple browsers at once - in which a single lapse in judgement can shatter privacy defenses. This suggests that even sophisticated users face great diculties in evading tracking techniques."
"We need to be able to audit any and all data controllers and public authorities for compliance with information rights laws. People who steal others’ personal information need to face the
prospect of a prison sentence. And private contractors undertaking public functions should be no less transparent and accountable than their public sector equivalents. […] As well as having the powers
and the resources to do the job that is needed in this ‘Brave New World’ of both digital opportunities and digital threats, the Information Commissioner needs the guarantee of independence that comes from
a more formal relationship with Parliament than is the case at present. We value our involvement in Whitehall policy making, but to be an effective partner the ICO must be recognised as more than just
another nondepartmental public body."
"In May 2014, I reported on my efforts to learn what the feds know about me whenever I enter and exit the country. In particular, I wanted my Passenger Name Records (PNR), data created by
airlines, hotels, and cruise ships whenever travel is booked. But instead of providing what I had requested, the United States Customs and Border Protection (CBP) turned over only basic information about
my travel going back to 1994. So I appealed—and without explanation, the government recently turned over the actual PNRs I had requested the first time."
"49. Effectively addressing the challenges related to the right to privacy in the context of modern communications technology will require an ongoing, concerted multi-stakeholder engagement. This process should include a dialogue involving all interested stakeholders, including Member States, civil society, scientific and technical communities, the business sector, academics and human rights experts. As communication technologies continue to evolve, leadership will be critical to ensuring that these technologies are used to deliver on their potential towards the improved enjoyment of the human rights enshrined in the international legal framework.
50. Bearing the above observations in mind, there is a clear and pressing need for vigilance in ensuring the compliance of any surveillance policy or practice with international human rights law, including the right to privacy, through the development of effective safeguards against abuses. As an immediate measure, States should review their own national laws, policies and practices to ensure full conformity with international human rights law. Where there are shortcomings, States should take steps to address them, including through the adoption of a clear, precise, accessible, comprehensive and non-discriminatory legislative framework. Steps should be taken to ensure that effective and independent oversight regimes and practices are in place, with attention to the right of victims to an effective remedy.”
"As Internet experts look to the future of the Web, they have a number of concerns. This is not to say they are pessimistic: The majority of respondents to this 2014 Future of the Internet
canvassing say they hope that by 2025 there will not be significant changes for the worse and hindrances to the ways in which people get and share content online today. And they said they expect that
technology innovation will continue to afford more new opportunities for people to connect. Still, some express wide levels of concern that this yearning for an open Internet will be challenged by trends
that could sharply disrupt the way the Internet works for many users today as a source of largely unfettered content flows."
"We explore how to manage a portfolio of passwords. We review why mandating exclusively strong passwords with no re-use gives users an impossible task as portfolio size grows. We find that
approaches justified by loss-minimization alone, and those that ignore important attack vectors (e.g., vectors exploiting re-use), are amenable to analysis but unrealistic. In contrast, we propose, model
and analyze portfolio management under a realistic attack suite, with an objective function costing both loss and user effort. Our findings directly challenge accepted wisdom and conventional advice. We
find, for example, that a portfolio strategy ruling out weak passwords or password re-use is sub-optimal. We give an optimal solution for how to group accounts for re-use, and model-based principles for
"In the context of a myriad of mobile apps which collect personally identifiable information (PII) and a prospective market place of personal data, we investigate a user-centric monetary
valuation of mobile PII. During a 6-week long user study in a living lab deployment with 60 participants, we collected their daily valuations of 4 categories of mobile PII (communication, e.g. phonecalls
made/received, applications, e.g. time spent on different apps, location and media, e.g. photos taken) at three levels of complexity (individual data points, aggregated statistics and processed, i.e.
meaningful interpretations of the data). In order to obtain honest valuations, we employ a reverse second price auction mechanism. Our findings show that the most sensitive and valued category of personal
information is location. We report statistically significant associations between actual mobile usage, personal dispositions, and bidding behavior. Finally, we outline key implications for the design of
mobile services and future markets of personal data."
"In this multi-disciplinary paper, we reveal interdependent legal and technical loopholes that intelligence agencies of the U.S. government could use to circumvent constitutional and statutory
safeguards for U.S. persons. We outline known and new circumvention techniques that can leave the Internet traffic of Americans as vulnerable to surveillance, and as unprotected by U.S. law, as the
Internet traffic of foreigners."
"6.31 Technology has developed apace since the 1995 Data Protection Directive and its transposition in the United Kingdom in the Data Protection Act 1998. Information can no longer be truly
anonymous if it is shared. The law on anonymisation needs to be reviewed so as reflect a sliding scale of risk with regard to anonymous data. Thought should be given to whether similar balancing tests
should be applied to anonymised or pseudonymised data as to personal data, and what other considerations should be applied where information is to be used for purposes not directly related to the
individual concerned. Although much of this depends on legislation at the level of the European Union, a full law reform project could explore the scope for a more risk-based approach in dealing with data
that are de-identified but may nevertheless remain within the definition of personal data."
"29. This fast track legislation contains sweeping surveillance powers that will affect every man, woman and child in the UK. The Bill contains the powers for Government to continue to mandate the blanket retention of the communications data of the whole population for 12 months. This is in direct contradiction of a Court judgment which held that blanket indiscriminate retention of communications data breached human rights. The Bill also contains new and unprecedented powers for the UK Government to require overseas companies to comply with interception warrants and communications data acquisition requests and mandate overseas companies to build interception capabilities in to their products and infrastructure. These provisions will expand interception powers currently being challenged in the British courts appearing to enable the Government to issue interception warrants mandating mass surveillance outside of the United Kingdom."
"It is well known Google does not like the ECJ judgment and the suspicion is that Google is removing links and telling journalists that their scoops are no longer accessible to the public.
This provokes them to go ballistic, in print, and make wild claims of censorship; the last Sunday Times editorial on ‘The right-to-be-forgotten law is an ass’ is an example of the ill-informed outcome
which, sadly, Google appears to be encouraging. Such gamesmanship explains why I have decided to devote this (very long) blog to draft a procedure for Google to follow; I think it covers most of the
issues in a way that balances the conflicting interests. There might be nuances at the edges, but I think the approach is mainly correct. Anybody who can improve it, please make a comment."