Citizen Lab Research

Targeted Threats

Investigations into the prevalence and impact of digital espionage operations against civil society groups.

Latest Research

FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild

While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.

من اللؤلؤة إلى بيغاسوس: الحكومة البحرينية تخترق نشطاء عبر استغلال ثغرة “Zero-Click” من “NSO Group”

لقد حددنا تسعة نشطاء بحرينيين تم اختراق أجهزتهم الآيفون باستخدام برنامج تجسس “Pegasus” من NSO Group في الفترة ما بين يونيو 2020 و فبراير 2021. بعض النشطاء قد تم اختراقهم باستغلال ثغرتين zero-click في iMessage, كنا قد سمينا الثغرتين التي تم اكتشافها في 2020 ب KISMET، أما الثغرة المستخدمة في 2021 فنسميها FORCEDENTRY

From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits

We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society).

Read More from Targeted Threats

Free Expression Online

Studies of Internet filtering, network interference, and other technologies and practices that impact freedom of expression online. 

Latest Research

No Access: LGBTIQ Website Censorship in Six Countries

The Citizen Lab, OutRight Action International, and the Open Observatory of Network Interference (OONI) collaborated to conduct research on LGBTIQ website censorship and its impact on LGBTIQ communities. The results indicate the technical and legal obstacles many users have in accessing LGBTIQ news, health, and human rights websites.

Tidak Ada Akses: Penyensoran Situs LGBTIQ di Enam Negara

Tujuan dari penelitian kami adalah sebagai berikut. Mendokumentasikan situs web LGBTIQ mana yang diblokir di enam negara; Menyelidiki bagaimana penyensoran situs LGBTIQ berdampak pada komunitas LGBTIQ lokal dan gerakan mereka untuk mengamankan keadilan dan kesetaraan; dan
Menentukan bagaimana Penyedia Jasa Internet (ISP) lokal menerapkan pemblokiran situs web.

Read More from Free Expression Online

Transparency and Accountability

Examinations of transparency and accountability mechanisms relevant to the relationship between corporations and state agencies regarding personal data and other surveillance activities.

Latest Research

Canada’s Proposed Privacy Law Reforms Are Not Enough: A Path to Improving Organizational Transparency and Accountability

Given our experiences, we have specific recommendations for how any federal commercial privacy legislation must be amended to better protect individuals from the predations and power of private organizations. In making our recommendations we have chosen to focus almost exclusively on the Openness and Transparency, Access to and Amendment of Personal Information, and Whistleblower sections of Bill C-11.

Submission to the Ministry of Government and Consumer Services Consultation: Strengthening Privacy Protections in Ontario

It is encouraging to see the provincial government undertake efforts to improve the state of privacy law in Ontario, given the increasingly ubiquitous data commodification and surveillance of our behaviours, bodies, online and offline activities, and lives. To that end, the Citizen Lab submitted a brief which included 21 recommendations for legal and policy reform in Ontario, with a view to strengthening the privacy and data protection rights of individuals in the province.

Read More from Transparency and Accountability

App Privacy and Controls

Research into privacy, security, and information controls of popular applications.

Latest Research

Apple Engraving Censorship Explained

On August 18, the Citizen Lab published an analysis of Apple product engraving services and observed censorship. In this post, we discuss the significance of the findings with report authors. What has your study of Apple engraving services revealed? We analyzed Apple’s filtering of product engravings in six regions, discovering 1,105 keyword filtering rules used… Read more »

Engrave Danger: An Analysis of Apple Engraving Censorship across Six Regions

Within mainland China, we found that Apple censors political content including broad references to Chinese leadership and China’s political system, names of dissidents and independent news organizations, and general terms relating to religions, democracy, and human rights. And across all six regions, we found that Apple’s content moderation practices pertaining to derogatory, racist, or sexual content are inconsistently applied and that Apple’s public-facing documents failed to explain how it derives their keyword lists.

關於 TikTok 與抖音的常見問題

2021 年 3 月 22 日,公民實驗室發佈了一篇研究報告,比較 TikTok 與抖音的安全、隱私及言論審查。我們將於本文中與研究員 Pellaeon Lin 討論他的研究發現。

Read More from App Privacy and Controls

Global Research Network

Outputs related to the global community of practice that the Citizen Lab helps to cultivate through our Cyber Stewards Network, various fellowships, and events.

Latest Research

Asociación por los Derechos Civiles to hold public session at Inter-American Commission on Human Rights

Cyber Steward Network partner Asociación por los Derechos Civiles (ADC) will lead a public hearing at the 167 extraordinary period of session of the Inter-American Commission on Human Rights (IACHR). Taking place on February 28 at 11:30 am EST, the hearing is titled “Digital Intelligence, Cybersecurity, and Freedom of Expression in America”. The topics to be addressed in… Read more »

Sula Batsu Honoured with 2017 EQUALS in Tech Award

Cyber Stewards Network organization Sula Batsu Cooperativa has been honoured with a 2017 EQUALS in Tech Award. Presented at the Internet Governance Forum at the United Nations in December, Kemly Camacho– Sula Batsu Coordinator– accepted the award on behalf of the group. They were recognized in the Leadership category for their work to create women-led… Read more »

Read More from Global Research Network

Tools & Resources

While the Citizen Lab is primarily focused on high-level academic research, we also produce accessible tools and educational resources to help everyone better navigate their online lives. Below are some of the latest projects that are aimed at making everyone safer online.

Access My Info

Access My Info is a project designed to understand what can be learned about company data practices by filing data access requests (DARs), seeking access to the requester’s personal information held by a company.
Read More from Tools & Resources