Research
Citizen Lab validates Amnesty International investigation showing targeting of staff member and Saudi activist with NSO Group’s technology.
Doctoral candidate Jennie Phillips recently published an article in International Development Planning Review. Based on work she conducted while at the Citizen Lab, “Risk in a digital age: understanding risk in virtual networks through digital response networks (DRNs)” explores risk understanding by investigating the inherent risk and resilience of DRNs.
This report describes our investigation into the global proliferation of Internet filtering systems manufactured by the Canadian company, Netsweeper Inc. After undertaking a mapping of worldwide country installations, we focus in on ten country cases in which we verify that Netsweeper systems are being used to censor the Internet for subscribers of consumer Internet Service Providers, and where human rights and corporate social responsibility questions are acute.
This section details the research questions that informed our study. We also outline in detail the methods that we adopted to identify Netsweeper installations worldwide, and those that we employed to reduce the findings to countries of interest. We also present high-level technical findings and observations.
In this section, we spotlight several countries where we have evidence of public ISPs blocking websites using Netsweeper’s products. Each country has significant human rights, public policy, insecurity, or corruption challenges, and/or a history of using Internet censorship to prevent access to content that is protected under international human rights frameworks.
This section examines the legal, regulatory, corporate social responsibility, and other public policy issues raised by our report’s findings. We focus on the responsibilities of Netsweeper, Inc. and the obligations of the Canadian government under international human rights law.
This report describes our investigation into the apparent use of Sandvine/Procera Networks Deep Packet Inspection (DPI) devices to deliver nation-state malware in Turkey and indirectly into Syria, and to covertly raise money through affiliate ads and cryptocurrency mining in Egypt.
Canadians can learn new things about your personal data by requesting access to it from companies. What can be found out varies by company and there can be some hurdles to overcome before you get access.
In this post, we evaluate the Government’s explanation of some of the more problematic elements of Bill C-59 in its briefing notes. We ultimately conclude that while the government’s briefing material provides insight into some of the ways that the CSE might act following the passage of the CSE Act, the material itself does not resolve our concerns with the CSE Act.
This report describes an inexpensive and technically simple phishing operation. It shows that the continued low adoption rates for digital security features, such as two factor authentication, contribute to the low bar to entry for digital espionage.
