Dark Dealings: How Terrorists Use Encrypted Messaging, the Dark Web and Cryptocurrencies

Total Page:16

File Type:pdf, Size:1020Kb

Dark Dealings: How Terrorists Use Encrypted Messaging, the Dark Web and Cryptocurrencies SCIENCE AND TECHNOLOGY COMMITTEE (STC) Sub-Committee on Technology Trends and Security (STCTTS) DARK DEALINGS: HOW TERRORISTS USE ENCRYPTED MESSAGING, THE DARK WEB AND CRYPTOCURRENCIES Report by Matej TONIN (Slovenia) Rapporteur 182 STCTTS18 E fin | Original: English | 18 November 2018 TABLE OF CONTENTS I. INTRODUCTION ............................................................................................................ 1 II. CRYPTOGRAPHIC TECHNOLOGIES: A PRIMER......................................................... 2 A. MODERN CRYPTOGRAPHY ................................................................................ 2 B. ENCRYPTED MESSAGING SERVICES ............................................................... 2 C. THE DARK WEB ................................................................................................... 3 D. CRYPTOCURRENCIES ........................................................................................ 5 III. HOW TERRORISTS USE CRYPTOGRAPHIC TECHNOLOGIES .................................. 7 A. COMMUNICATIONS, COMMAND AND CONTROL .............................................. 7 B. ACQUISITION OF WEAPONS AND OTHER ILLICIT GOODS .............................. 8 C. TERRORIST FINANCING ..................................................................................... 9 IV. CURRENT POLICIES AND FUTURE OPTIONS .......................................................... 10 A. MONITORING, REPORTING AND DISRUPTION BY ACTIVISTS, CITIZENS AND OPERATORS ............................................................................. 10 B. LAW ENFORCEMENT AND INTELLIGENCE OPERATIONS ............................. 11 C. NEW LAWS AND REGULATIONS ...................................................................... 12 D. WEAKENING OR TARGETING ENCRYPTION ................................................... 13 V. CONCLUSION .............................................................................................................. 13 SELECT BIBLIOGRAPHY ............................................................................................ 15 182 STCTTS 18 E fin I. INTRODUCTION 1. The wish to privately communicate has probably been with humankind forever. The first case of encryption – the use of a private code to encipher and decipher messages – can be traced back to ancient Egypt almost 4,000 years ago (Cypher Research Laboratories, 2014). Until the end of the 20th century, the most powerful encryption technologies were largely in the hands of governments. Today, such encryption technology is widely available, offering several key advantages to users, including: - Authentication: Users can be assured that other users are who they claim to be and not somebody impersonating them. - Integrity: Users can be assured that the data they receive from other users has not been altered (intentionally or unintentionally) between “there” and “here” or between “then” and “now.” - Confidentiality: Users can be assured that data they receive from other users cannot be read by third parties. - Anonymity: Depending on the encryption and other methods employed, users can put distance between their real identities and their digital pseudonyms, granting them various degrees of anonymity. 2. Modern encryption technology has “become a bedrock of the modern internet” (Moore and Rid, 2016). Indeed, encryption by default is “becoming the new normal in personal cyber security” (Buchanan, 2016). After all, who would trust online banking or e-government services if we were not reasonably assured that our data is secured by strong encryption? In liberal democracies, private communications also fulfil a vital and legitimate role in support of fundamental human rights, such as privacy and freedom of speech (Chertoff and Simon, 2014). Indeed, modern encryption technology “is a crucial ingredient for any free political order in the twenty-first century” (Moore and Rid, 2016). In authoritarian countries, the ability to communicate anonymously can be a matter of life and death for activists, dissidents and journalists. 3. Like any other technology, modern encryption can have a dark side. Inevitably, its advantages hold much attraction for malicious actors, including extremists and terrorists. Such groups are typically organised in a decentralised manner, where individual members have little to no information about other cells or top officials. Even Daesh, which adopted a more hierarchical and territorial organisation in Iraq and Syria, has increased its decentralisation in step with the loss of territory. In today’s world, such a fluid organising style would be near impossible to maintain if terrorists did not have access to encrypted messaging services for propaganda, recruitment, communications, command and control, financing and illicit acquisitions. Modern encryption technology has also enabled the rise of two other cryptographic technologies with the potential to further enable extremist and terrorist operations: the dark web, composed of intentionally hidden servers on the World Wide Web, and cryptocurrencies, virtual currencies secured through the use of cryptography. 4. This report informs and supports the Science and Technology Committee’s (STC) continuing focus on potentially disruptive technologies with important implications for defence and security policies. The report was adopted in November 2018 at the NATO PA Annual Session in Halifax, Canada. 5. First, the report examines the basics of modern encryption, encrypted messaging services, the dark web and cryptocurrencies. Second, it analyses how extremists and terrorists use these instruments for communications, command and control, financing and illicit acquisitions. Third, it maps some of the most important policy debates surrounding these technologies. Finally, the Rapporteur proposes some recommendations on the way forward. 1 182 STCTTS 18 E fin II. CRYPTOGRAPHIC TECHNOLOGIES: A PRIMER A. MODERN CRYPTOGRAPHY 6. Until the 1970s, the only way to encipher and decipher electronic messages was symmetric-key cryptography, where sender and recipient must have the same key to unlock the message. If someone gains access to the key or cracks the code, communications are no longer secure. During the Cold War, as the complexity of warfare increased dramatically, so did the complexity of ensuring the secure distribution of encryption keys. In the late 1960s, an employee of the British Government Communications Headquarters was the first to propose a new encryption method to solve the problem of key distribution. However, the real turning point came when researchers at Stanford University had the same idea and published their results openly in 1976, enabling researchers around the world to take their ideas further. This was the birth of asymmetric public-key encryption – “one of the most pivotal inventions of the twentieth century” (Moore and Rid, 2016). 7. The mathematics behind asymmetric public-key encryption is intricate, but the idea is simple. Those who wish to communicate in private are given a private key and a public key, which are mathematically linked. Crucially, the public key is visible to anyone. If Alice wants to send a private message to Bob, she will use Bob’s public key to encrypt the message. As Bob alone has access to the private key, only he can open the message. Not even Alice can read her message anymore. The crucial advantage is that Alice and Bob no longer need to meet to exchange keys or rely on a middleman for distribution. 8. For two decades, the US government and its allies attempted to keep strong public-key encryption out of the hands of the US public and its adversaries, classifying it as ‘munition’ in 1976 and imposing strict export laws (Bartlett, 2014). Nonetheless, as the basics were publicly known and the available computing power outside government control rose dramatically, public-key encryption began to spread – both to private citizens and states outside the West. Despite efforts by the US government, strong public-key encryption could no longer be kept under control, as privacy-minded individuals and libertarian “cypherpunks” employed the technology and advocated its use. In 1996, public-key encryption was then moved to the commerce control list, marking the end of what has become known as the Crypto Wars. Today, public-key encryption is found everywhere, and it is hard to imagine where the internet would be without it. Most internet users employ a degree of encryption by default and often unwittingly when they browse secure web sites or send private online messages or emails for example. However, those who seek stronger privacy protections – whether for benign or nefarious purposes – do not have to look very far. On the internet, an endless trove of information exists on how to shield oneself from those who would like to access one’s data – no matter whether it is governments, criminals or terrorists. In other words, it is easy for those who want to decrease their online footprint to do so, as the requirements for digital literacy and technical skills are low. B. ENCRYPTED MESSAGING SERVICES 9. Popular social media platforms, like Facebook and Twitter, are increasingly – if not sufficiently for some – cracking down on extremist and terrorist material. As a result, encrypted instant messaging services have become central for communications, command and control, acquisition and financing. 10. With roughly 1.5 billion users, WhatsApp is the most widely used messaging app in the world (Statista, 2018). Since April 2016, it has
Recommended publications
  • A Decentralized Private Marketplace: DRAFT 0.1
    A Decentralized Private Marketplace: DRAFT 0.1 Ido Kaiser1 Abstract— The online services we use are increasingly de- structure provided by the Bitcoin blockchain but is equally manding more of our personal data, a disturbing trend that applicable to any of it derivatives, meaning the marketplace threatens the privacy of users on a global scale. Entities such as is indifferent about the underlying cryptocurrency used for Google, Facebook and Yahoo have grown into colossal, seem- ingly unaccountable corporations by monetizing their users’ payments. personal data. These entities are charged with keeping said data secure and, in the case of social and economic interactions, II. HIGH LEVEL OVERVIEW safeguarding the privacy of their users. Centralized security The overview consists of two main components: a models are not applicable to the new generation of technologies blockchain and a data storage network. Technically speaking such as Bitcoin. This paper discusses a system which combines these networks can operate over the same set of nodes. But a Bitmessage-style network with anonymous payment schemes to create a privacy-centric marketplace. Furthermore we apply for clarity we separate them to highlight that it does not have a multi-signature escrow technique involving insurance deposits to be the same set. should which deter fraudulent actors from participating in trades, given that their incentive is to make a profit. A. Blockchain The blockchain is typically tasked with processing pay- I. INTRODUCTION ments but for our purpose it will also be storing the market- Satoshi Nakamoto, the visionary and creator of Bitcoin[1], place index and the identities.
    [Show full text]
  • January 2020 Zillman Column
    2020 Guide to Online Privacy Resources and Tools By Marcus P. Zillman, M.S., A.M.H.A. Executive Director - Virtual Private Library http://www.VirtualPrivateLibrary.org The January 2020 Zillman Column features the 2020 Guide to Online Privacy Resources and Tools and is a very comprehensive listing of Internet and Web privacy resources, sources and sites on the Internet for the latest competent sources and research. The below list of sources is taken partially from my Subject Tracer™ white paper titled Privacy Resources 2020 and is constantly updated with Subject Tracer™ bots at the following URL: http://www.PrivacyResources.info/ http://www.StealthMode.info/ These resources and sources will help you to discover the many pathways available through the Internet to find the latest Internet and web search and discovery research, resources, sources and sites. As this site is constantly updated it would be to your benefit to bookmark and return to the above URL frequently. Figure 1: 2020 Guide to Online Privacy Resources and Tools 1 January 2020 Zillman Column – 2020 Guide to Online Privacy Resources and Tools http://www.zillmancolumns.com/ [email protected] eVoice: (800) 858-1462 © 2020 Marcus P. Zillman, M.S., A.M.H.A. 2020 Guide to Online Privacy Resources and Tools: 10 Best Security and Privacy Apps for Smartphones and Tablets http://drippler.com/drip/10-best-security-privacy-apps-smartphones-tablets 10 Minute Mail http://10minutemail.com/10MinuteMail/index.html 10 Privacy Gadgets To Help You Keep a Secret http://www.popsci.com/keep-your-secrets-a-secret
    [Show full text]
  • 5.Sustainability
    P2Pvalue More than 95% of the cases surveyed use centralized servers to store the users’ data. Over the whole population of cases this would be lower, as less than 88% has a centralized architecture allowing for central storage. Index infrastructure provision On a scale of 1 to 9, half of the cases have less than 3, and 84.1% of the cases are at the intermediate level of the index (between 4 and 5). None of the cases are at the highest range of the index. 5.Sustainability Regarding the question of profitability versus non profitability character of infrastructure provision, what results from the data on the legal type of infrastructure provision (see table above as part of infrastructure provision section) is that non-profit organizations make up the majority of cases (57%), something that makes sense with the voluntary dimension of the majority of CBPP experiences. Nevertheless, we consider it important to highlight that 28.9% of the cases are for profit organizations, something that is closely related to the diffusion of hybrid cases in CBPP. The data on the type of organization connected to the case (see table at section infrastructure provider) notes that 25.1% of the cases are businesses, which is the second type of most common organization. What we highlight about this data concerning the main strategies to achieve economic sustainability is the high level of importance that is given to the non- monetary contributions. For instance, 51% of respondents assign a value of 10 to non-monetary contributions. Instead, when we analyze all the other strategies of sustainability, the median is very low.
    [Show full text]
  • MEMO. Nº. 52/2017 – SCOM
    00100.096648/2017-00 MEMO. nº. 52/2017 – SCOM Brasília, 21 de junho de 2017 A Sua Excelência a Senhora SENADORA REGINA SOUSA Assunto: Ideia Legislativa nº. 76.334 Senhora Presidente, Nos termos do parágrafo único do art. 6º da Resolução do Senado Federal nº. 19 de 2015, encaminho a Vossa Excelência a Ideia Legislativa nº. 76.334, sob o título de “Criminalização Da Apologia Ao Comunismo”, que alcançou, no período de 09/06/2017 a 20/06/2017, apoiamento superior a 20.000 manifestações individuais, conforme a ficha informativa em anexo. Respeitosamente, Dirceu Vieira Machado Filho Diretor da Secretaria de Comissões Senado Federal – Praça dos Três Poderes – CEP 70.165-900 – Brasília DF ARQUIVO ASSINADO DIGITALMENTE. CÓDIGO DE VERIFICAÇÃO: CE7C06D2001B6231. CONSULTE EM http://www.senado.gov.br/sigadweb/v.aspx. 00100.096648/2017-00 ANEXO AO MEMORANDO Nº. 52/2017 – SCOM - FICHA INFORMATIVA E RELAÇÃO DE APOIADORES - Senado Federal – Praça dos Três Poderes – CEP 70.165-900 – Brasília DF ARQUIVO ASSINADO DIGITALMENTE. CÓDIGO DE VERIFICAÇÃO: CE7C06D2001B6231. CONSULTE EM http://www.senado.gov.br/sigadweb/v.aspx. 00100.096648/2017-00 Ideia Legislativa nº. 76.334 TÍTULO Criminalização Da Apologia Ao Comunismo DESCRIÇÃO Assim como a Lei já prevê o "Crime de Divulgação do Nazismo", a apologia ao COMUNISMO e seus símbolos tem que ser proibidos no Brasil, como já acontece cada vez mais em diversos países, pois essa ideologia genocida causou males muito piores à Humanidade, massacrando mais de 100 milhões de inocentes! (sic) MAIS DETALHES O art. 20 da Lei 7.716/89 estabeleceu o "Crime de Divulgação do Nazismo": "§1º - Fabricar, comercializar, distribuir ou veicular, símbolos, emblemas, ornamentos, distintivos ou propaganda que utilizem a cruz suástica ou gamada, para fins de divulgação do nazismo.
    [Show full text]
  • Subtitling in the Iranian Mediascape: Towards a Culture-Specific Typology
    Subtitling in the Iranian Mediascape: Towards a Culture-Specific Typology Masood Khoshsaligheh1a, Saeed Ameri2a, Farzaneh Shokoohmand3a, Milad Mehdizadkhani4b Abstract Given the increasing pace of dissemination of cultural ARTICLE HISTORY: content across global borders, subtitling as a cost-effective Received May 2020 solution for rendering audiovisual programs is gaining more Received in revised form July 2020 popularity, even in societies, which have been traditionally Accepted July 2020 using dubbing as the dominant modality for foreign films and Available online August 2020 television series. Likewise, various types of subtitling practices have developed and are used in Iran both at official and non-official outlets. While official dubbing has failed in some aspect in addressing the growing interest of Iranian viewers of foreign content, a variety of non-professional subtitling has been filling the gap, and subtitling appears to be dominating the audiovisual media market. Despite such KEYWORDS: developments, the necessities of professional practice of Non-professional subtitling subtitling, including standardized guidelines, codes of ethics Amateur subtitling and practice, and training, have never been realized in Iran. Quasi-professional subtitling In the absence of a professional subtitling tradition, this Professional subtitling article presents the status quo of non-professional subtitling Subtitling for the d/Deaf and hard of into Persian and introduces the specific typology of this hearing practice in the Iranian mediascape. © 2020 IJSCL. All rights reserved. 1 Associate Professor, Email: [email protected] (Corresponding Author) Tel: +98-915-5012669 2 PhD, Email: [email protected] 3 Assistant Professor, Email: [email protected] 4 PhD Candidate, Email: [email protected] a Ferdowsi University of Mashhad, Iran b University of Szeged, Hungary 56 Subtitling in the Iranian Mediascape: Towards a Culture-Specific Typology 1.
    [Show full text]
  • Closed Groups, Messaging Apps & Online
    FIRST DRAFT'S ESSENTIAL GUIDE TO Closed Groups, Messaging Apps & Online Ads November 2019 TABLE OF CONTENTS Introduction 5 CHAPTER 1 Understanding ad libraries 13 CHAPTER 2 Facebook groups 21 CHAPTER 3 Closed messaging apps 27 CHAPTER 4 Ethical considerations 37 Conclusion 43 3 ABOUT THE AUTHORS Carlotta Dotto is a research reporter at First Draft, specialising in data-led investigations into global information disorder and coordinated networks of amplification. She previously worked with The Times’ data team and La Repubblica’s Visual Lab, and written for a number of publications including The Guardian, the BBC and the New Internationalist. Rory Smith is a senior investigator at First Draft where he researches and writes about information disorder. Before joining First Draft, Rory worked for CNN, Vox, Vice and Introduction Truthout, covering various topics from immigration and food policy to politics and organized crime. Claire Wardle currently leads the strategic direction and research for First Draft. In 2017 she co-authored the seminal report, Information Disorder: An interdisciplinary Framework for Research and Policy, for the Council of Europe. Previous to that she was a Fellow at the Shorenstein Center for Media, Politics and Public Policy at Harvard's Kennedy School, the Research Director at the Tow Center for Digital Journalism at Columbia University Graduate School of Journalism and head of social media for the United Nations Refugee Agency. She was also the project lead for the BBC Academy in 2009, where she designed a comprehensive training program for social media verification for BBC News, that was rolled out across the organization.
    [Show full text]
  • Are Cookie Banners Indeed Compliant with the Law? Cristiana Santos, Nataliia Bielova, Célestin Matte
    Are cookie banners indeed compliant with the law? Cristiana Santos, Nataliia Bielova, Célestin Matte To cite this version: Cristiana Santos, Nataliia Bielova, Célestin Matte. Are cookie banners indeed compliant with the law?: Deciphering EU legal requirements on consent and technical means to verify compli- ance of cookie banners. Technology and Regulation, Tilburg University, 2020, 2020, pp.91-135. 10.26116/TECHREG.2020.009. hal-02875447v2 HAL Id: hal-02875447 https://hal.inria.fr/hal-02875447v2 Submitted on 23 Sep 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Are cookie banners indeed compliant with the law? Deciphering EU legal requirements on consent and technical means to verify compliance of cookie banners Cristiana Santos, Nataliia Bielova, Célestin Matte Inria, France [email protected] [email protected] [email protected] Abstract In this paper, we describe how cookie banners, as a consent mechanism in web applications, should be designed and implemented to be compliant with the ePrivacy Directive and the GDPR, defining 22 legal requirements. While some are provided by legal sources, others result from the domain expertise of computer scientists. We perform a technical assessment of whether technical (with computer science tools), manual (with a human operator) or user studies verification is needed.
    [Show full text]
  • Indicators of Compromise Associated with Onepercent Group Ransomware
    TLP: WHITE The following information is being provided by the FBI, with no guarantees or 23 AUG 2021 warranties, for potential use at the sole discretion of recipients in order to protect against cyber threats. This data is provided to help cyber security Alert Number professionals and system administrators guard against the persistent malicious CU-000149-MW actions of cyber actors. This FLASH was coordinated with DHS-CISA. WE NEED YOUR HELP! This FLASH has been released TLP: WHITE. Subject to standard copyright rules, If you find any of TLP: WHITE information may be distributed without restriction. these indicators on your networks, or have related Indicators of Compromise Associated with OnePercent information, please contact Group Ransomware www.fbi.gov/con Summary tact-us/field- offices The FBI has learned of a cyber-criminal group who self identifies as the *Note: By reporting “OnePercent Group” and who have used Cobalt Strike to perpetuate any related ransomware attacks against US companies since November 2020. OnePercent information to the Group actors compromise victims through a phishing email in which an FBI, you are assisting in sharing attachment is opened by the user. The attachment’s macros infect the system information that with the IcedID1 banking trojan. IcedID downloads additional software to include allows the FBI to track malicious Cobalt Strike. Cobalt Strike moves laterally in the network, primarily with actors and PowerShell remoting. coordinate with private industry OnePercent Group actors encrypt the data and exfiltrate it from the victims’ and the United systems. The actors contact the victims via telephone and email, threatening to States Government to prevent future release the stolen data through The Onion Router (TOR) network and clearnet, intrusions and unless a ransom is paid in virtual currency.
    [Show full text]
  • Considering PGP
    Security Now! Transcript of Episode #418 Page 1 of 38 Transcript of Episode #418 Considering PGP Description: This week, Steve and Leo continue covering the consequences of the Snowden leaks and, with that in mind, they examine the Pretty Good Privacy (PGP) system for securely encrypting eMail and attachments. High quality (64 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-418.mp3 Quarter size (16 kbps) mp3 audio file URL: http://media.GRC.com/sn/sn-418-lq.mp3 SHOW TEASE: It's time for Security Now!. Steve Gibson, our security guru, is here. This is a show everybody has to watch. In fact, share it with your friends, your neighbors, your colleagues: Using PGP to protect your email. Steve talks about it next on Security Now!. Leo Laporte: This is Security Now! with Steve Gibson, Episode 418, recorded August 21st, 2013: Considering PGP. It's time for Security Now!, the show that covers your security, your privacy, your safety online with this man here, the 'Splainer in Chief, Steven Gibson at GRC.com. Hey, Steverino. Steve Gibson: Hey, Leo. Great to be with you for Show No. 1 of Year No. 9. Leo: Wow. Steve: We begin our ninth year. Leo: Wow. Episode 418, and you've only missed one, and that was because we made you. Steve: Yeah. So we're not going to do that again. That was not pretty. There was an uprising among the natives. Security Now! Transcript of Episode #418 Page 2 of 38 Leo: Well, you've got to fight it out with Lisa because I don't - I never had the cojones to stop you, but she does.
    [Show full text]
  • CSCI-UA.9480 Introduction to Computer Security
    CSCI-UA.9480 Introduction to Computer Security Session 2.3 Designing Secure Network Systems Prof. Nadim Kobeissi Goals of today’s class. A look into some secure network systems: ● WireGuard: a modern VPN. ● A critical look at ProtonMail, a secure email service. WireGuard is an example of a well-designed secure network application. ProtonMail is an example of a badly designed network application. CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi 2 WireGuard Following slides are by Jason A. 2.3a Donenfeld, author of WireGuard. CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi 3 What is WireGuard? ▪ Layer 3 secure network tunnel for IPv4 and IPv6. ▪ Opinionated. Only layer 3! ▪ Designed for the Linux kernel ▪ Slower cross platform implementations also. ▪ UDP-based. Punches through firewalls. ▪ Modern conservative cryptographic principles. ▪ Emphasis on simplicity and auditability. ▪ Authentication model similar to SSH’s authenticated_keys. ▪ Replacement for OpenVPN and IPsec. ▪ Grew out of a stealth rootkit project. ▪ Techniques desired for stealth are equally as useful for tunnel defensive measures. Security Design Principle 1: Easily Auditable OpenVPN Linux XFRM StrongSwan SoftEther WireGuard 116,730 LoC 119,363 LoC 405,894 LoC 329,853 LoC 3,771 LoC Plus OpenSSL! Plus StrongSwan! Plus XFRM! Less is more. Security Design Principle 1: Easily Auditable WireGuard 3,771 LoC IPsec SoftEther OpenVPN (XFRM+StrongSwan) 329,853 LoC 119,363 419,792 LoC LoC Security Design Principle 2: Simplicity of Interface ▪ WireGuard presents a normal network interface: # ip link add wg0 type wireguard # ip address add 192.168.3.2/24 dev wg0 # ip route add default via wg0 # ifconfig wg0 … # iptables –A INPUT -i wg0 … /etc/hosts.{allow,deny}, bind(), … ▪ Everything that ordinarily builds on top of network interfaces – like eth0 or wlan0 – can build on top of wg0.
    [Show full text]
  • Data Ethics (Former Journalist)
    DATAETHICS Nanna H Bach Pia Thomassen Pernille Tranberg Lili The Lazy Cocker Advisor in data ethics (former journalist) Author of 6 books incl FAKE IT (2012) and DataEthics - The New Competitive Advantage (2016) Co-founder of the ThinkDoTank DataEthics.eu Pernille Tranberg Privacy Tech findx.com adblockfast Cliqz FakeNameGenerator.com disconnect.me Hushfile startpage.com Protonmail wire.com IBVPN.COM TOR OPERA Consumers/Citizens ➤ 7 of 10 worried about their data ➤ Have started to ACT on their worry. E.g. w adblockers, 1 of 3 Europeans lie about their data (the younger the better) ➤ We trust the regulated and distrust those tracking us: social media, search, news ➤ We understand the value of our data and want control ➤ Convenience rules! But there is a creepiness limit Sources: datatilsynet.no Eurobarometer on DataProtection 2015, Symantec State of Privacy 2015, Erhvervsstyrelsen/IDA 2015 , Ctrl-Shift Sept 2016, Danmarks Statistik 2017, McKinsey Comscore Jan 2017 We are with data where we were with the environment in the beginning of 1960s The New Green digital mistrust Political & Commercial Manipulation Price discrimination or differentiaton Pay-as-you-behave ➤ Not based on solidarity or for the better of society ➤ It gives the employer or insurance company a lot of power over individuals who is responsible? Government ➤ enforce the law Companies & Institutions ➤ promote the new market ➤ create digital trust with data for privacy tech and data ethics ethics ➤ give customers control over ➤ be a role model own data shared responsibility ➤ Innovate w Privacy by Design Individuals ➤ digital selfdefense ➤ demand it from gov ➤ chose ethical alternatives Definition DATA ETHICS is responsible and sustainable use of personal data.
    [Show full text]
  • Social Networking in Iran, P.4 , Download/1609
    Social Networking & Virtual Freedom of Association in Iran Research Report —March 2016 2 Contents Executive Summary 3 Introduction 5 The Iranian Context 7 The digital climate in Iran 8 Iran’s cyber defense 9 Digital policy under the Rouhani administration 10 Digital trends in Iran 12 Social Networking Sites (SNSs) and Messaging Apps (MAs) 13 The significance of SNSs & MAs 13 Civic activism via SNSs & MAs 14 The rise of SNSs in Iran 15 SNS popularity 16 MAs in Iran - A story of coercion and throttling 17 Providing homegrown alternatives for SNSs & MAs 19 Circumvention and Anti-Censorship Tools 21 Virtual Private Networks (VPNs) 22 Volunteer Activists Survey Report 24 Concluding Thoughts 32 Endnotes 34 Cover Photo: Ben Curtis / AP Volunteer Activists 3 Executive Summary Iran is a country that bans major international social media sites like Twitter or Facebook yet sees its highest state officials utilize the very social media channels it banned. This messaging applications (MAs) does not contradiction is the embodiment of make an exception for Iran. Rather the Iran’s relationship towards social media. opposite has been the case. In 2012, On one hand, conservative forces 29% percent used to spend at least 1 describe international social media tools hour a day on social media whereas as a ploy of Iran’s enemies (most notable now that figure has now skyrocketed the US and Israel) to spy on Iranians. On to 62%, of which 22% spend more than the other hand, Iranian companies are three hours a day on social media. Also trying to build parallel homegrown tools posting photos at least once or twice a for the Iranian market or convincing day has multiplied threefold, from 7% international social media companies to in 2012 to 25% in 2016.
    [Show full text]