Bloomberg Business Week reports on joint Citizen Lab and University of New Mexico research on surveillance in the TOM-Skype instant messaging client (Chinese version of Skype).

Blue Coat Devices capable of filtering, censorship, and surveillance are being used around the world. 61 of these Blue Coat appliances are on public or government networks in countries with a history of concerns over human rights, surveillance, and censorship. Our findings support the need for national and international scrutiny of Blue Coat implementations in the countries we have identified, and a closer look at the global proliferation of “dual-use” information and communication technologies.

Citizen Lab Technical Advisor Morgan Marquis-Boire gave a plenary talk at the State Surveillance And Human Rights Camp in Rio de Janeiro, Brazil on December 13.

The Citizen Lab, Russian secret services watchdog Agentura.Ru, and Privacy International have launched a collaborative project to examine ‘Russia’s Surveillance State.’ As part of this project, Andrei Soldatov and Irina Borogan of Agentura.Ru published a piece in Wired magazine on November 1, 2012, titled The Kremlin’s New Internet Surveillance Plan Goes Live Today.

In a joint investigation with Access Now, we found that seven Russian and Belarusian-speaking independent journalists and opposition activists based in Europe were targeted and/or infected with NSO Group’s Pegasus mercenary spyware.

We analyzed third-party keyboard apps Tencent QQ, Baidu, and iFlytek, on the Android, iOS, and Windows platforms. Along with Tencent Sogou, they comprise over 95% of the market share for third-party keyboard apps in China. This is an FAQ for the full report titled “The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.”

In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nine apps identified contained vulnerabilities that could be exploited to completely reveal the contents of users’ keystrokes in transit. We estimate that up to one billion users could be vulnerable to having all of their keystrokes intercepted, constituting a tremendous risk to user security.

Emile Dirks, Research Associate at the Citizen Lab, prepared a written submission for the Congressional-Executive Commission on China (CECC) about the state of human rights in the country. The CECC was established by Congress in October 2000, with the legislative mandate to monitor human rights and the development of the rule of law in China,… Read more »

The recommendations call for an elaboration of the definition of biometric data, guidelines on what constitutes as sensitive biometric data types, and the usage of biometric data processing.