The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security. Learn more »

In Focus

2016 Citizen Lab Fellowship Opportunities

In 2016, we have three exciting fellowship programs open for applications that provide the opportunity for students, researchers, and software developers to spend from three months to up to one year at the Citizen Lab.

Baidu’s and Don’ts: Privacy and Security Issues in Baidu Browser

This report describes privacy and security issues with Baidu Browser, a web browser for the Windows and Android platforms. Our research shows that the application transmits personal user data to Baidu servers without encryption and with easily decryptable encryption, and is vulnerable to arbitrary code execution during software updates via man-in-the-middle attacks. Much of the data leakage is the result of a shared Baidu software development kit, which affects hundreds of additional applications.

Every Step You Fake: A Comparative Analysis of Fitness Tracker Privacy and Security

This report describes major security and privacy issues in several leading wearable fitness tracking devices and accompanying mobile applications.

Research News

研究发现百度浏览器存在安全与隐私问题

多伦多大学公民实验室的最新报告揭露了百度浏览器存在的多处隐私与安全问题。百度浏览器是基于中国的一款移动浏览器,拥有数百万的用户,而报告反映的隐私与安全问题很可能会至用户的沟通于风险中。

여전히 위험에 처해있는 아이들: 시티즌랩의 스마트보안관 보고서 “우리의 아이들은 안전한가”에 대한 업데이트

두 번째 스마트보안관 감사에서 해당 앱의 자녀용과 부모용을 사용하는 이용자들을 심각한 위험에 노출시키는 취약점이 무수히 해결되지 않은 채 남아있음이 확인되었다.

Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance

Citizen Lab Postdoctoral Fellow Christopher Parsons published a paper titled “Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance” in Media and Communication. The paper explores how dominant theories of privacy grapple with the pervasive mass surveillance activities undertaken by western signals intelligence activities, including those of the NSA, CSE, GCHQ, GCSB, and ASD.

An Analysis of the International Code of Conduct for Information Security

As the United Nations General Assembly begins its milestone 70th session, international digital security is high on the agenda. One starting point for discussion is likely to be the International Code of Conduct for Information Security (the “Code”). This analysis explores how the Code has developed over time, impetus behind the changes made, and the potential impact of the Code on international human rights law and its application. It is accompanied by an interactive comparison of the 2015 and 2011 versions of the Code.

More Research...

Lab News

Privacy International report cites Citizen Lab research

March 3, 2016 – 12:32 pm

Privacy International (PI) latest report, entitled “The President’s Men?,” explores the role of Egypt’s Technical Research Department (TRD), a secret unit in the country’s intelligence infrastructure. In the report, PI cite Citizen Lab research on FinFisher and Hacking Team.

Christopher Parsons and Morgan Marquis-Boire on Apple’s encryption battle

March 2, 2016 – 12:48 pm

Apple CEO Tim Cook recently announced that the company would battle a court order requiring it to turn over information stored on an iPhone belonging to one of the San Bernardino shooters to the FBI. Christopher Parsons and Morgan Marquis-Boire outline the possibility that the creation of a backdoor would be used as a precedent for future cases.

2016 Citizen Lab Fellowship Opportunities

February 29, 2016 – 3:35 pm

In 2016, we have three exciting fellowship programs open for applications that provide the opportunity for students, researchers, and software developers to spend from three months to up to one year at the Citizen Lab.

Andrew Hilts on fitness tracker privacy concerns

February 24, 2016 – 1:22 pm

Citizen Lab Research Fellow and Executive Director of OpenEffect Andrew Hilts was interviewed by Fox8 News Cleveland regarding privacy concerns with popular fitness trackers, including Apple, Fitbit, and Basis. The findings were detailed in the report “Every Step You Fake: A Comparative Analysis of Fitness Tracker Privacy and Security.”

More Lab News...

Get Connected




Events