Posts filed under 'Privacy technology

Jun 19, '13

The Internet is and has always been a space where participants battle for control. The two core protocols that define the Internet – TCP and IP – are both designed to allow separate networks to connect to each other easily, so that networks that differ not only in hardware implementation (wired vs. satellite vs. radio networks) but also in their politics of control (consumer vs. research vs. military networks) can interoperate easily. It is a feature of the Internet, not a bug, that China – with its extensive, explicit censorship infrastructure – can interact with the rest of the Internet.

Today we have released an open-access collection (also published as a special issue of IEEE Internet Computing), of five peer reviewed papers on the topic of Internet censorship and control, edited by Hal Roberts and myself (Steven Murdoch). The topics of the papers include a broad look at information controls, censorship of microblogs in China, new modes of online censorship, the balance of power in Internet governance, and control in the certificate authority model.

These papers make it clear that there is no global consensus on what mechanisms of control are best suited for managing conflicts on the Internet, just as there is none for other fields of human endeavour. That said, there is optimism that with vigilance and continuing efforts to maintain transparency the Internet can stay as a force for increasing freedom than a tool for more efficient repression.

Apr 28, '13

On Friday I went to a fascinating lobbying meeting on the new EU data protection regulation. Europe is by default the world’s privacy regulator, as America doesn’t care and no-one else is big enough to matter; so this is really important. Some 3000 amendments have been proposed and the regulation is in the final stages of the committee process; the rapporteurs of the various parties are negotiating compromise amendments which should be ready for a vote within weeks. So the pressure is really on.

Friday was extraordinary because all the lobbyists came together in one room to argue their cases. This is because the liberal shadow rapporteur Alexander Alvaro was injured in a car crash last month, so Sarah Ludford, a London MEP, took over at the last minute. Normally lobbyists see MEPs singly or in small groups, but as time was short Sarah called a mass meeting at Europa House in London. So we all got to hear what the others were pushing for. Campaigners for open government say we’d have better laws if more if the process was public; here’s an example where that happened (literally) by accident.

I am posting my notes of the meeting here, as it’s a good case history of how lobbying works, as well as of how our privacy is being lost. There were about 100 people present, of which only 5 were from civil society. Most were corporate lobbyists: good-looking, articulate and impressive, but pushing some jaw-dropping agendas. For example the lovely lady from the Association of British Insurers found it painful that the regulation might ban profiling that was unfair or discriminatory.


Apr 8, '13

The 3rd USENIX Workshop on Free and Open Communications on the Internet (FOCI ‘13) seeks to bring together researchers and practitioners from technology, law, and policy who are working on means to study, detect, or circumvent practices that inhibit free and open communications on the Internet. We invite two distinct tracks for papers: a technical track for technically-focused position papers or works-in-progress; and a social science track for papers focused on policy, law, regulation, economics or related fields of study.

FOCI will favor interesting and new ideas and early results that lead to well-founded position papers. We envision that work presented at FOCI will ultimately be published at relevant, high-quality conferences. Papers will be selected primarily based on originality, with additional consideration given to their potential to generate discussion at the workshop. Papers in the technical track will also be evaluated based on technical merit. As with other USENIX events, papers accepted for FOCI ‘13 will be made freely available on the USENIX website.

For further details, see the call for papers (PDF version). The submission deadline is 6 May 2013.

Mar 28, '13

Regular readers of this blog will have noticed growing issues with medical privacy. On April 24th, a new medical confidentiality campaign will kick off in London.

New legislation that comes into force next month will permit the upload of identifiable patient data directly from family doctors’ records to central systems, from which it will be sold and made available to researchers and private companies. Other developments include the creation of online patient records, and a proposal to create shared record systems across health and social care.

MedConfidential has been formed to deal with these multiple threats to patient privacy, and is hosting its first conference on April 24th in central London. This will be a one-day briefing session to provide details of the new policies and explain their potential impact. The conference is free of charge but places are limited. If you would like to attend, please contact Terri Dowty:

Mar 25, '13

Applications are invited for one PhD position in the Security Group at the Computer Laboratory to work with Dr Steven Murdoch. Funding for this position is provided by the Engineering and Physical Sciences Research Council (EPSRC) in collaboration with the Royal Society.

The successful candidate will undertake research on methods to analyse the security of anonymous communication systems and privacy enhancing technologies. This broad research topic falls within an EPSRC priority area and provides considerable scope for the PhD candidate to find his or her own research direction.

Further details can be found in the advertisement (NR27372). The closing date for applications is 31 May 2013.

Mar 18, '13

I am on the award committee for the 2013 PET Award and we are looking for nominations of papers which have made an outstanding contribution to the theory, design, implementation, or deployment of privacy enhancing technology.

The 2013 award will be presented at Privacy Enhancing Technologies Symposium (PETS) and carries a prize of $3,000 USD thanks to the generous support of Microsoft. The crystal prize itself is offered by the Office of the Information and Privacy Commissioner of Ontario, Canada.

Any paper by any author written in the area of privacy enhancing technologies is eligible for nomination. However, the paper must have appeared in a refereed journal, conference, or workshop with proceedings published in the period from 16 April 2011 until 31 March 2013.

To submit a nomination, please see the instructions on the award page.

Mar 8, '13

Last week I spoke at a conference on digital health at the Scottish parliament. The talks are now online; my talk is here, and my slides here. At present, medical records in Scotland are organised differently under its fourteen different health boards, with wide variations in privacy, safety and functionality. Needless to say, officials in Edinburgh see this as an opportunity for centralisation; they want to follow the sad story in England. The political dynamic north of the border is much the same: officials want to grab all the data, GPs are not keen, but the public’s not paying attention.

If you’re interested in these issues, save April 24th in your diary; there will be a big medical privacy event in London organised by a number of NGOs.

Nov 25, '12

When you register an Internet domain name in “.com” (and some other top level domains) you have the choice of using a “privacy” or “proxy” service rather than having your name and contact details recorded within the “whois” systems that provide a public record of domain name ownership.

A privacy service will record that you are the owner of the domain name but your contact details will be hidden. A proxy service will hide your identity as well.

The privacy-conscious use these services to avoid disclosing information about themselves (and to avoid the trivial amount of spam sent to contact email addresses). The cyber criminals use these services as well — so that it is hard for the Good Guys to link domains into groups and hard for them to argue (in an Al Capone tax evading manner) that “you may not understand this criminality or be convinced this evidence, but just take a look at the invalid details given when registering the domain“.

I’m currently working on a project for ICANN that will measure the prevalance of privacy/proxy usage by different types of cybercriminals… of which more at another time — because at present I’m having a holiday! I went to Palm Cove (just north of Cairns) to see the recent total solar eclipse… and my holiday involves a short(ish) drive south to Melbourne

… and since I was passing Nobby Beach (just south of Brisbane) I took the opportunity to peek at the home of the larger Internet domain name proxy services:
Richard points at's PO Box
whose details appear in whois records like this:
Domain Admin (
ID#10760, PO Box 16
Note - All Postal Mails Rejected, visit
Nobby Beach
null,QLD 4218
Tel. +45.36946676

There are at present (according to some 2,584,758 domains associated with You can see why they don’t want any postal mail, because their PO box is merely a standard size:
Close-up of PO Box #16
The reality of course is that you should contact Privacy Protection by email or their website… but then you’d miss out on getting to look at some of the nearby beaches!
View of beach at Surfer's Paradise

Nov 20, '12

This afternoon, the Information Commissioner will unveil a code of practice for data anonymisation. His office is under pressure; as I described back in August, Big Pharma wants all our medical records and has persuaded the Prime Minister it should have access so long as our names and addresses are removed. The theory is that a scientist doing research into cardiology (for example) could have access to the anonymised records of all heart patients.

The ICO’s blog suggests that he will consider data to be anonymous and thus no longer private if they cannot be reidentified by reference to any other data already in the public domain. But this is trickier than you might think. For example, Tim Gowers just revealed on his excellent blog that he had an ablation procedure for atrial fibrillation a couple of weeks ago. So if our researcher can search for all males aged 45-54 who had such a procedure on November 6th 2012 he can pull Tim’s record, including everything that Tim intended to keep private. Even with a central cardiology register, it’s hard to think of a practical mechanism could block Tim’s record as soon as he made that blog post. But now researchers are starting to carry round millions of people’s records on their laptops, protecting privacy is getting really hard.

In his role as data protection regulator, the Commissioner has been eager to disregard the risk of re-identification from private information. Yet Maurice Frankel of the Campaign for Freedom of Information has pointed out to me that he regularly applies a very different rule in Freedom of Information cases, including one involving the University of Cambridge. There, he refused a freedom of information request about university dismissals on the grounds that “friends, former colleagues, or acquaintances of a dismissed person may, through their contact with that person, know something of the circumstances of that person’s departure” (see para 30).

So I will be curious to see this afternoon whether the Commissioner places greater value on the consistency of his legal rulings, or their convenience to the powerful.

Aug 28, '12

The Guardian has published an op-ed I wrote on the risks of anonymised medical records along with a news article on CPRD, a system that will make our medical records available for researchers from next month, albeit with the names and addresses removed.

The government has been pushing for this since last year, having appointed medical datamining enthusiast Tim Kelsey as its “transparency tsar”. There have been two consultations on how records should be anonymised, and how effective it could be; you can read our responses here and here (see also FIPR blog here). Anonymisation has long been known to be harder than it looks (and the Royal Society recently issued a authoritative report which said so). But getting civil servants to listen to X when the Prime Minister has declared for Not-X is harder still!

Despite promises that the anonymity mechanisms would be open for public scrutiny, CPRD refused a Freedom of Information request to disclose them, apparently fearing that disclosure would damage security. Yet research papers written using CPRD data will surely have to disclose how the data were manipulated. So the security mechanisms will become known, and yet researchers will become careless. I fear we can expect a lot more incidents like this one.


April 2014
« Mar    

Posts by Month

Posts by Category