In 2018 the Australian parliament passed the “TOLA” Act, expanding the government's powers to bypass digital data protections, and bringing with it the potential for significant harm to the economy and to trust in digital services and the Internet.

The post How Do Surveillance Laws Impact the Economy? appeared first on Internet Society.

Simply put, MITM is an attack in which a third party gains access to the communications between two other parties, without either of those parties realising it. The third party might read the contents of the communication, or in some cases also manipulate it. So, for example, if Gerald sends Leila a message, intending it […]

The post What Is a Man in the Middle (MITM) Attack? appeared first on Internet Society.

The consumer Internet of Things market is growing exponentially – one prediction suggests that people will be using 25 billion connected devices by 2021. These new products promise innovation and convenience, but they can also erode privacy boundaries and expose consumers to risk without their knowledge or consent. Is that a good bargain? The policy […]

The post IoT Privacy for Policymakers: Solutions Need Informed Discussion appeared first on Internet Society.

It’s been a little over a year since the European Union’s General Data Protection Regulation (GDPR) was implemented, but almost immediately, people noticed its impact. First, there was the flurry of emails seeking users’ consent to the collection and use of their data. Since then, there’s also been an increase in the number of sites […]

The post Transparency, Fairness, and Respect: The Policy Brief on Responsible Data Handling appeared first on Internet Society.

As adoption of Internet of Things devices increases, so does the number of insecure IoT devices on the network. These devices represent an ever-increasing pool of computing and communications capacity open to misuse. They can be hijacked to spread malware, recruited to form botnets to attack other Internet users, and even used to attack critical […]

The post Internet of Things Devices as a DDoS Vector appeared first on Internet Society.

Barely a week passes without something in the news that reminds us of the critical role encryption plays in securing our data. It is a technology that protects so much of what we rely on, as individuals protecting our privacy, as companies securing our business assets and transactions, and as governments responsible for critical national […]

The post CEOs and Encryption: The Questions You Need to Ask Your Experts appeared first on Internet Society.

Last year, I was invited to contribute a paper to a special edition of the Health and Technology Journal published by Springer/Nature. The special issue addressed privacy and security, with a particular focus on healthcare and medical data. I’m happy to announce that now, for four weeks only, the publishers have made the whole issue […]

The post Limited Time Only: Read our Springer/Nature Paper on Healthcare, Security, and Privacy appeared first on Internet Society.

I’m writing from Addis Ababa, where the African Union’s Specialist Technical Committee on ICT is having its biannual conference. I won’t report on that, as it’s still happening, but I can report that some of the hallway conversations have been both interesting and reassuring. The topic of privacy came up over coffee, of course – […]

The post Letter from Ethiopia: Can We Use Technology to Help Privacy Evolve? appeared first on Internet Society.

Researchers recently discovered a dangerous vulnerability – called ROCA – in cryptographic smartcards, security tokens, and other secure hardware chips manufactured by Infineon Technologies. These articles on Ars Technica and The Register give a good background. Is this a serious problem? Yes. It’s serious in practice and in principle. Infineon used a flawed key generation […]

The post ROCA: Encryption vulnerability and what to do about it appeared first on Internet Society.

In 2015, I was lucky enough to give an invited keynote at the 20th anniversary of the Ethicomp conference. I found that many of the issues up for discussion were ones in which the Internet Society also has a keen interest: for example — responsible innovation, the ethics of autonomous systems, and what do in […]

The post New Paper on Online Privacy in the Wake of Pervasive Surveillance Revelations appeared first on Internet Society.

I was recently invited to contribute a paper on personal data in the healthcare context to a journal on the Privacy and Security of Medical Information published by Springer-Nature. The paper, “Trust and ethical data handling in the healthcare context” examines the issues associated with healthcare data in terms of ethics, privacy, and trust, and […]

The post A New Hippocratic Oath: “First, do no harm… to me or my healthcare data” appeared first on Internet Society.

I’m grateful to Christian de Larrinaga, from the Internet Society’s UK Chapter, for pointing me to a recent publication by the World Bank: “Principles on identification for sustainable development: toward the digital age“. The premise of the report is this: full participation in today’s societies and achievement of one’s desired potential are increasingly likely to […]

The post Digital Identity: Evolving, or just cloning itself? appeared first on Internet Society.

Over on the Consult Hyperion blog, Dave Birch has written a characteristically lucid and engaging piece about hyperbole around the idea of the mutable blockchain. One of the use cases Dave cites (not his, I hasten to add) is the use of mutable blockchains to implement the so-called “right to be forgotten” (RTBF) – or […]

The post Is Your Reputation Safe on the Blockchain? appeared first on Internet Society.

The UK’s Information Commissioner, Elizabeth Denham, has been in post just under four months, but already the differences between her approach and those of her two most recent predecessors (Richard Thomas and Christopher Graham) are starting to become clear. This may be due partly to the fact that she comes to the role with six […]

The post WhatsApp with the UK's new Information Commissioner? appeared first on Internet Society.

The big privacy and policy story of the day in the UK is the publication of the Intelligence and Security Committee’s report on the draft Investigatory Powers Bill – which is currently being pushed  through an abbreviated parliamentary process. The Bill’s authors get a rough ride from the committee. This is from the ISC Chairman’s […]

The post Is the UK Investigatory Powers Bill Fatally Flawed? appeared first on Internet Society.

Data Privacy Day 2016 is almost upon us (Thursday 28th Jan), and I’ll be hosting a panel on ethical data-handling at CPDP2016 to mark the occasion. But more about that later. Meanwhile, over on the Internet Policy mailing list[1] a discussion is raising some very interesting topics whose relevance will continue to grow in the […]

The post Hey! Someone fragmented my Internet, and didn't even tell me. appeared first on Internet Society.

A couple of days ago, Christine Runnegar outlined all the Internet Security conferences, events, and activities happening this month related to Internet security. Today, I’d like to share some perspective on the work happening within the identity and privacy communities. In the last 18 days, I’ve been lucky enough to take part in conferences which […]

The post Getting to “Better” – Reflecting on Ongoing Privacy and Identity Work appeared first on Internet Society.

I recently attended the Digital Enlightenment Forum 2015 in Kilkenny; not your average tech conference, and not the average discussion topics, either – but topics of growing relevance. For me, the value was in having a conference that offers the time – even if only for a day – to step back and look at […]

The post Can A Machine Care About Privacy? appeared first on Internet Society.

Last September I was invited to speak at the Universal Postal Union’s Post-Expo in Stockholm, Sweden. For an IT geek, the Expo had everything: carbon-neutral delivery vans, state-of-the-art posties’ bicycles, RFID-trackable mail crates, robot arm “parcel picker-uppers”, and – best of all – actual working automated sorting machines, where you could watch letters and parcels […]

The post Postal Services: The Future of Digital Trust? – Interview on Privacy, Data Ethics, and More appeared first on Internet Society.

News of the recent, large-scale data breach at US health insurer Anthem adds yet another big name to the list of companies that have suffered targeted attacks, compromising the personal details of millions of people. The company itself has reacted quickly with an admission, an apology, and a website with more information for those affected. But […]

The post The data-driven world doesn’t run on data: it runs on trust. appeared first on Internet Society.