This report describes our investigation into the global proliferation of Internet filtering systems manufactured by the Canadian company, Netsweeper Inc.

This section details the research questions that informed our study. We also outline in detail the methods that we adopted to identify Netsweeper installations worldwide, and those that we employed to reduce the findings to countries of interest. We also present high-level technical findings and observations.

In this section, we spotlight several countries where we have evidence of public ISPs blocking websites using Netsweeper’s products. Each country has significant human rights, public policy, insecurity, or corruption challenges, and/or a history of using Internet censorship to prevent access to content that is protected under international human rights frameworks.

This section examines the legal, regulatory, corporate social responsibility, and other public policy issues raised by our report’s findings. We focus on the responsibilities of Netsweeper, Inc. and the obligations of the Canadian government under international human rights law.

This report describes our investigation into the apparent use of Sandvine/Procera Networks Deep Packet Inspection (DPI) devices to deliver nation-state malware in Turkey and indirectly into Syria, and to covertly raise money through affiliate ads and cryptocurrency mining in Egypt.

Bu rapor, Sandvine/Procera Networks Derin Veri Analizi (DPI) cihazlarının, Türkiye’de ve dolaylı olarak Suriye’de devlet menşeili kötücül yazılım yaymak; Mısır’da ise reklam ve kripto para madenciliği marifetiyle gizlice para toplamak için kullanımına yönelik araştırmamızı anlatmaktadır.  

يشرح هذا التقرير تحقيقنا عن استخدام واضح لأجهزة فحص عميق للحزم (DPI) من شركة ساندفين\بروكيرا لنشر البرامج الضارة في تركيا وبشكل غير مباشر إلى سوريا، وجمع الأموال سرا من خلال الإعلانات التابعة لتعدين العملات الرقمية في مصر.

If you’re attending the Internet Freedom Festival (IFF) from March 5-9, you’ll be in good company: Citizen Lab researchers, fellows, and associates will be participating in panels and events throughout the week. Here’s a round-up of where you can find them: Against stalkerware: building public awareness and consent technology Monday, March 5 5:00 pm –… Read more »

In this post, we evaluate the Government’s explanation of some of the more problematic elements of Bill C-59 in its briefing notes. We ultimately conclude that while the government’s briefing material provides insight into some of the ways that the CSE might act following the passage of the CSE Act, the material itself does not resolve our concerns with the CSE Act.

This report describes an inexpensive and technically simple phishing operation. It shows that the continued low adoption rates for digital security features, such as two factor authentication, contribute to the low bar to entry for digital espionage.