FAQ
Latest Research
Should We Chat, Too? FAQ
Research FAQ for the full report “Should We Chat, Too? Security Analysis of WeChat’s MMTLS Encryption Protocol”
Chinese Keyboard App Vulnerabilities Explained
We analyzed third-party keyboard apps Tencent QQ, Baidu, and iFlytek, on the Android, iOS, and Windows platforms. Along with Tencent Sogou, they comprise over 95% of the market share for third-party keyboard apps in China. This is an FAQ for the full report titled “The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.”
HKLEAKS Doxxing Explained: Role of Online Harassment Tactics to Repress 2019 Hong Kong Protests
Read the full report “Beautiful Bauhinia: “HKLeaks” – The Use of Covert and Overt Online Harassment Tactics to Repress 2019 Hong Kong Protests.” What is this report about, and what did it find? The report is an in-depth analysis of the doxxing campaign known as “HKLEAKS”, which began in August 2019 and for at least… Read more »
Privacy in the WeChat Ecosystem Explained
This FAQ accompanies the full report on privacy in the WeChat ecosystem. We analyzes privacy issues with popular app WeChat by reviewing the data collected by the app and sent to WeChat servers during the regular operation of its various features. We find that they collect more usage data than is disclosed in the WeChat privacy policy.
FAQ: A comparison of search censorship in China
We discovered over 60,000 unique censorship rules used to partially or totally censor search results across eight China-accessible search platforms analyzed. These findings call into question the ability of non-Chinese technology companies to better resist censorship demands than their Chinese counterparts.
Mobility Data and Canadian Privacy Law Explained
Analysis and recommendations pertaining to the collection of de-identified mobility data and its use in Canadian privacy law. In this explainer, we discuss our findings and recommendations with Amanda Cutinha and Christopher Parsons, the report’s authors.
Privacy and Security Analysis of the IATA Travel Pass Explained
On April 13, the Citizen Lab published an analysis of the IATA Travel Pass. In this post, we discuss the significance of the report’s findings.
Pandemic Privacy Explained
On September 28, the Citizen Lab published an analysis of COVID-19 data collection practices. In this post, we discuss the significance of the findings with report authors.