Citizen Lab Research

Targeted Threats

Investigations into the prevalence and impact of digital espionage operations against civil society groups.

Latest Research

New Pegasus Spyware Abuses Identified in Mexico

Mexican digital rights organization R3D, with technical support from the Citizen Lab, has determined that Mexican journalists and a human rights defender were infected with Pegasus between 2019 and 2021. The infections occurred years after the first revelations of Pegasus abuses in Mexico, and after Mexico’s current President assured the public that the government no longer used the spyware, and that there would be no further abuses.

Read More from Targeted Threats

Free Expression Online

Studies of Internet filtering, network interference, and other technologies and practices that impact freedom of expression online. 

Latest Research

微軟必應自動建議在北美審查與中國政治相關的關鍵詞

本報告研究微軟必應自動建議功能(autosuggestion)針對人名的審查。我們發現,除了審查與色情相關的人名,第二大被微軟必應審查的人名類別是與中國領導人,異議人士相關以及其他在中國被認為是政治敏感的人名。

微软必应自动建议在北美审查与中国政治相关的关键词

本报告研究微软必应自动建议功能(autosuggestion)针对人名的审查。我们发现,除了审查与色情相关的人名,第二大被微软必应审查的人名类别是与中国领导人,异议人士相关以及其他在中国被认为是政治敏感的人名。

Read More from Free Expression Online

Transparency and Accountability

Examinations of transparency and accountability mechanisms relevant to the relationship between corporations and state agencies regarding personal data and other surveillance activities.

Latest Research

You Move, They Follow: Uncovering Iran’s Mobile Legal Intercept System

Citizen Lab examined a set of documents leaked to news outlet The Intercept that describe plans to develop and launch an Iranian mobile network, including subscriber management operations and services, and integration with a legal intercept solution. If implemented fully as envisioned, it would enable state authorities to directly monitor, intercept, redirect, degrade or deny all Iranians’ mobile communications, including those who are presently challenging the regime.

Mass Iris Scan Collection in Qinghai: 2019–2022

Police led mass iris scan collection in Qinghai, a region with a population that is 49.4% non-Han, including Tibetans and Hui Muslims. Iris scan collection is part of long-standing police intelligence gathering programs. Through this data collection, Qinghai’s police are effectively treating entire communities as populated by potential threats to social stability.

Mobility Data and Canadian Privacy Law Explained

Analysis and recommendations pertaining to the collection of de-identified mobility data and its use in Canadian privacy law. In this explainer, we discuss our findings and recommendations with Amanda Cutinha and Christopher Parsons, the report’s authors.

Read More from Transparency and Accountability

App Privacy and Controls

Research into privacy, security, and information controls of popular applications.

Latest Research

Privacy and Security Analysis of the IATA Travel Pass Android App

The IATA Travel Pass (ITP), a global, opt-in app to receive, store, and share digital COVID-19 test certificates for flights, has a critical flaw in its registration process which allows an attacker to impersonate another user, needing only to know the user’s passport details but not possess the passport itself.

Clean Up in the Digital Aisle: Privacy Concerns with Sobeys Inc. “Caper Carts” System

“Smart” in-store shopping carts, developed by Caper and used by Sobeys, issue electronic receipts via SMS message and share a URL that uses an easily predictable format. These receipts contain a number of personal data points, including the customer’s partial credit/debit/Air Miles card numbers, a full list of purchases, and the date, time, and location of the customer’s purchase.

Read More from App Privacy and Controls

Global Research Network

Outputs related to the global community of practice that the Citizen Lab helps to cultivate through our Cyber Stewards Network, various fellowships, and events.

Latest Research

Asociación por los Derechos Civiles to hold public session at Inter-American Commission on Human Rights

Cyber Steward Network partner Asociación por los Derechos Civiles (ADC) will lead a public hearing at the 167 extraordinary period of session of the Inter-American Commission on Human Rights (IACHR). Taking place on February 28 at 11:30 am EST, the hearing is titled “Digital Intelligence, Cybersecurity, and Freedom of Expression in America”. The topics to be addressed in… Read more »

Sula Batsu Honoured with 2017 EQUALS in Tech Award

Cyber Stewards Network organization Sula Batsu Cooperativa has been honoured with a 2017 EQUALS in Tech Award. Presented at the Internet Governance Forum at the United Nations in December, Kemly Camacho– Sula Batsu Coordinator– accepted the award on behalf of the group. They were recognized in the Leadership category for their work to create women-led… Read more »

Read More from Global Research Network

Tools & Resources

While the Citizen Lab is primarily focused on high-level academic research, we also produce accessible tools and educational resources to help everyone better navigate their online lives. Below are some of the latest projects that are aimed at making everyone safer online.

Access My Info

Access My Info is a project designed to understand what can be learned about company data practices by filing data access requests (DARs), seeking access to the requester’s personal information held by a company.
Read More from Tools & Resources