App Privacy and Controls

Back to Research

Research into privacy, security, and information controls of popular applications.

Featured in App Privacy and Controls

Latest Research

Privacy and Security Analysis of the IATA Travel Pass Android App

The IATA Travel Pass (ITP), a global, opt-in app to receive, store, and share digital COVID-19 test certificates for flights, has a critical flaw in its registration process which allows an attacker to impersonate another user, needing only to know the user’s passport details but not possess the passport itself.

Clean Up in the Digital Aisle: Privacy Concerns with Sobeys Inc. “Caper Carts” System

“Smart” in-store shopping carts, developed by Caper and used by Sobeys, issue electronic receipts via SMS message and share a URL that uses an easily predictable format. These receipts contain a number of personal data points, including the customer’s partial credit/debit/Air Miles card numbers, a full list of purchases, and the date, time, and location of the customer’s purchase.

Apple Engraving Censorship Explained

On August 18, the Citizen Lab published an analysis of Apple product engraving services and observed censorship. In this post, we discuss the significance of the findings with report authors. What has your study of Apple engraving services revealed? We analyzed Apple’s filtering of product engravings in six regions, discovering 1,105 keyword filtering rules used… Read more »

關於 TikTok 與抖音的常見問題

2021 年 3 月 22 日,公民實驗室發佈了一篇研究報告,比較 TikTok 與抖音的安全、隱私及言論審查。我們將於本文中與研究員 Pellaeon Lin 討論他的研究發現。