Keir Giles, a prominent expert on Russia, was targeted with a new form of social-engineering attack that leverages App-Specific Passwords. Google links the operation to UNC6293, a Russian state-backed group.
Our preliminary analysis of Bill C-2 situates the legislation within the context of existing research by the Citizen Lab about two potential data-sharing treaties that are most relevant to the new proposed powers being introduced in Bill C-2: the Second Additional Protocol to the Budapest Convention (2AP) and the CLOUD Act. Both of which carry significant constitutional and human rights risks.
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists who consented to the technical analysis of their cases. In this report, we discuss key findings from our forensic analyses of their devices.
Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and websites aimed at preserving and supporting marginalized and repressed cultures to target those same communities.
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research and development at the intersection of information and communication technologies, human rights, and global security. Learn more.
In a new article published in the Georgetown Journal of International Affairs, the Citizen Lab’s Noura Aljizawi, Siena Anstis, and Gözde Böcü investigate the practice of transnational repression in its physical and digital forms. They examine its impacts on dissidents abroad, focusing especially on women and queer individuals, and argue that host states bear the… Read more »
What’s stopping diaspora members from speaking up against the government in their home country? In an interview with the Stockholm Center for Freedom (SCF), Citizen Lab senior researcher Marcus Michaelsen discusses digital transnational repression (DTR) and its impacts on diasporas worldwide. Read the interview.
In a submission to the United Nations Office of the High Commissioner of Human Rights, Citizen Lab researchers warn of the dangerous rhetoric of “birth registration and certification as a prerequisite for other rights” and the risks digital ID infrastructure could pose to human rights.
On August 6, join Citizen Lab director Ron Deibert for his keynote, “Chasing Shadows: Chronicles of Counter-Intelligence from the Citizen Lab,” at Black Hat 2025.
In a new piece for Policy Options, senior research associate Kate Robertson and legal extern Song-Ly Tran discuss how outdated protections in Canada’s decades old wiretap laws fail to protect people in Canada from abuse of spyware technologies.
This new piece co-authored by the Citizen Lab’s Gabrielle Lim discusses the risks of privatized space technology. She and her co-authors highlight that the issue is not private-sector involvement, but the concentration of power in the hands of a few private firms that are “incentivized to serve the surveillance state and further a new kind… Read more »
