621 research outputs found
Analysing the privacy policies of Wi-Fi trackers
International audienceWi-Fi-based tracking systems have recently appeared. By collecting radio signals emitted by Wi-Fi enabled devices, those systems are able to track individuals. They basically rely on the MAC address to uniquely identify each individual. If retailers and business have high expectations for physical tracking, it is also a threat for citizens privacy. We analyse the privacy policies used by the current tracking companies then we show the pitfalls of hash-based anonymization. More particularly we demonstrate that the hash-based anonymization of MAC address used in many Wi-Fi tracking systems can be easily defeated using of-the-shelf software and hardware. Finally we discuss possible solutions for MAC address anonymization in Wi-Fi tracking systems
Privacy and Data Protection Practices of Digital Lending Apps in Kenya
The Centre for Intellectual Property and Information Technology Law (CIPIT) has been studying the impact of digital identities on society. This has included policy research on the legal and technical aspects of the national digital ID system Huduma Namba under which the Government is integrating all its identification documents. This research shows that the national digital identity system also integrates with privately issued digital identities such as mobile phone numbers and social media accounts.  We anticipate that as national digital ID uses increase, so will the linkage with private systems. This is already evident from e-government services, where payments for Government services, such as passport applications, driversâ licences, national health insurance and hospital bills in public hospitals are made using mobile money platforms. We also appreciate that private digital ID is more developed and has more uses than national digital ID. For example, a 2019 survey, undertaken by the Central Bank of Kenya (CBK), estimates that access to financial products had risen from 26.7% in 2006 to 89% of the population in 2019. This is attributed partly to the availability of digital products such as âmobile banking, agency banking, digital finance and mobile appsâ. These products make use of personal data, which broadly falls under digital identities. This study seeks to understand the privacy implications of digital ID by looking at digital lending apps
A Generic Information and Consent Framework for the IoT
The Internet of Things (IoT) raises specific issues in terms of information
and consent, which makes the implementation of the General Data Protection
Regulation (GDPR) challenging in this context. In this report, we propose a
generic framework for information and consent in the IoT which is protective
both for data subjects and for data controllers. We present a high level
description of the framework, illustrate its generality through several
technical solutions and case studies, and sketch a prototype implementation
Practical Hash-based Anonymity for MAC Addresses
Given that a MAC address can uniquely identify a person or a vehicle,
continuous tracking over a large geographical scale has raised serious privacy
concerns amongst governments and the general public. Prior work has
demonstrated that simple hash-based approaches to anonymization can be easily
inverted due to the small search space of MAC addresses. In particular, it is
possible to represent the entire allocated MAC address space in 39 bits and
that frequency-based attacks allow for 50% of MAC addresses to be enumerated in
31 bits. We present a practical approach to MAC address anonymization using
both computationally expensive hash functions and truncating the resulting
hashes to allow for k-anonymity. We provide an expression for computing the
percentage of expected collisions, demonstrating that for digests of 24 bits it
is possible to store up to 168,617 MAC addresses with the rate of collisions
less than 1%. We experimentally demonstrate that a rate of collision of 1% or
less can be achieved by storing data sets of 100 MAC addresses in 13 bits,
1,000 MAC addresses in 17 bits and 10,000 MAC addresses in 20 bits.Comment: Accepted at the 17th International Conference on Security and
Cryptography (SECRYPT 2020). To be presented between 8-10 July 202
Regulatory technologies for the study of data and platform power in the app economy
Tracking, the large-scale collection of data about user behaviour, is commonplace in mobile apps. While some see tracking as a necessary evil to making apps available at lower prices by showing users personalised advertising and selling their data to third parties, tracking can also have highly disproportionate effects on the lives of individuals and society as a whole. For example, tracking has significant effects on the rights to privacy and data protection, but also on other fundamental rights, such as the right to non-discrimination (e.g. when data from mobile tracking is used in AI systems, such as targeted ads for job offers) or the right to free and fair elections (e.g. when political microtargeting is used, as in the Brexit vote or the Trump election).
This thesis develops and applies techno-legal methods to study choice over app tracking at four levels: the impact of the GDPR (Chapter 4), consent to tracking in apps (Chapter 5), differences between Android and iOS (Chapters 6), and the impact of Appleâs App Tracking Transparency (ATT) framework (Chapter 7). While many previous studies looked at data protection and privacy in apps, few studies analysed tracking over time, took a compliance angle, or looked at iOS apps at scale. Throughout our analysis of apps, we find compliance problems within apps as regards key aspects of US, EU and UK data protection and privacy law, particularly the need to seek consent before tracking. For instance, while user consent is usually required prior to tracking in the EU and UK (under the ePrivacy Directive), our empirical findings suggest that tracking takes place widely and usually without usersâ awareness or explicit agreement.
This thesis contributes 1) a scalable downloading and analysis framework for iOS and Android privacy and compliance analysis (PlatformControl), 2) an improved understanding of the legal requirements and empirical facts regarding app tracking, 3) a comprehensive database of the relations between companies in the app ecosystem (X-Ray 2020), and 4) an Android app to support the easy and independent analysis of appsâ privacy practices (TrackerControl)
Betrayed by the Guardian: Security and Privacy Risks of Parental Control Solutions
For parents of young children and adolescents, the digital age has introduced
many new challenges, including excessive screen time, inappropriate online
content, cyber predators, and cyberbullying. To address these challenges, many
parents rely on numerous parental control solutions on different platforms,
including parental control network devices (e.g., WiFi routers) and software
applications on mobile devices and laptops. While these parental control
solutions may help digital parenting, they may also introduce serious security
and privacy risks to children and parents, due to their elevated privileges and
having access to a significant amount of privacy-sensitive data. In this paper,
we present an experimental framework for systematically evaluating security and
privacy issues in parental control software and hardware solutions. Using the
developed framework, we provide the first comprehensive study of parental
control tools on multiple platforms including network devices, Windows
applications, Chrome extensions and Android apps. Our analysis uncovers
pervasive security and privacy issues that can lead to leakage of private
information, and/or allow an adversary to fully control the parental control
solution, and thereby may directly aid cyberbullying and cyber predators
Wombat: An experimental Wi-Fi tracking system
National audienceIn this paper, we present Wombat, a Wi-Fi tracking platform aiming at improving user awareness toward physical tracking technologies and at experimenting new privacy-preserving mechanisms. Elements of this system are presented along with its architecture. We also present the use of Wombat in the context of a demonstration scenario. We introduce a new privacy-enhancing feature developed on top of Wombat: a Wi-Fi-based opt-out mechanism that allows users to easily express their opt-out decision
Aperçu du déploiement dans le monde réel des systÚmes de traçage physique
This document studies the real-world deployment of physical analytics systems. Starting with a few real-world examples, it then discusses various aspects of such systems: privacy implication, regulation, consent, public acceptance, and engineering aspects.Ce document étudies le déploiement des systÚmes de traçage physique dans le monde réel. Commençant par quelques exemples réels, il discute ensuite d'aspects variés de tels systÚmes: implications en terme de vie privée, consentement, acceptation par le grand public, et aspects d'ingénierie
Traçage en ligne : démystification et contrÎle
It is no surprise, given smartphones convenience and utility, to see their wide adoption worldwide. Smartphones are naturally gathering a lot of personal information as the user communicates, browses the web and runs various Apps. They are equipped with GPS, NFC and digital camera facilities and therefore smartphones generate new personal information as they are used. Since they are almost always connected to the Internet, and are barely turned off, they can potentially reveal a lot of information about the activities of their owners. The close arrival of smart-Ââwatches and smart-Ââglasses will just increase the amount of personal information available and the privacy leakage risks. This subject is closely related to the Mobilitics project that is currently conducted by Inria/Privatics and CNIL, the French data protection authority [1][2][3]. Therefore, the candidate will benefit from the investigations that are on progress in this context, in order to understand the situation and the trends. The candidate will also benefit from all the logging and analysis tools we developed for the iOS and Android Mobile OSes, as well as the experienced gained on the subject. Another question is the arrival of HTML5 based Mobile OSes, like Firefox OS: it clearly opens new directions as it "uses completely open standards and thereâs no proprietary software or technology involved" (Andreas Gal, Mozilla). But what are the implications from a Mobile OS privacy point of view? That's an important topic to analyze. Beyond understanding the situation, the candidate will also explore several directions in order to improve the privacy control of mobile devices. First of all, a privacy-Ââby-Ââdesign approach, when feasible, is an excellent way to tackle the problem. For instance the current trend is to rely more and more on cloud-Ââbased services, either directly (e.g., via Dropbox, Instagram, Social Networks, or similar services), or indirectly (e.g., when a backup of the contact, calendar, accounts databases is needed). But pushing data on cloud-Ââbased systems, somewhere on the Internet, is in total contradiction with our privacy considerations. Therefore, an idea is to analyze and experiment with personal cloud services (e.g., ownCLoud, diaspora) that are fully managed by the user. Here the goal is to understand the possibilities, the opportunities, and the usability of such systems, either as a replacement or in association with commercial cloud services. Another direction is to carry out behavioral analyses. Indeed, in order to precisely control the privacy aspects, at one extreme, the user may have to deeply interact with the device (e.g., through pop-ups each time a potential privacy leak is identified), which negatively impacts the usability of the device. At the other extreme, the privacy control may be oversimplified, in the hope not to interfere too much with the user, as is the case with the Android static authorizations or the one-Ââtime pop-Ââups of iOS6. This is not appropriate either, since using private information once is not comparable to using it every minute. A better approach could be to perform, with the help of a machine learning system for instance, a dynamic analysis of the Mobile OS or App behavior from a privacy perspective and to interfere with the user only when it is deemed appropriate. This could enable a good tradeoff between privacy control and usability, with user actions only when meaningful. How far such a behavioral analysis can go and what are the limitations of the approach (e.g., either from a CPU/battery drain perspective, or in front of programming tricks to escape the analysis) are open questions. Tainting techniques applied to Mobile OSes (e.g., Taint-ÂDroid) can be used as a basic bloc to build a behavioral analysis tool, but they have limited accuracy are unable to analyze native code and have poor performances.Il n'est pas surprenant , compte tenu de smartphones commoditĂ© et l'utilitĂ©, pour voir leur adoption Ă grande Ă©chelle dans le monde entier . Les smartphones sont naturellement rassemblent un grand nombre de renseignements personnels que l'utilisateur communique , navigue sur le Web et fonctionne diverses applications . Ils sont Ă©quipĂ©s de GPS , NFC et les installations d'appareils photo numĂ©riques et les smartphones gĂ©nĂšrent donc de nouvelles informations personnelles telles qu'elles sont utilisĂ©es . Comme ils sont presque toujours connectĂ©s Ă Internet , et sont Ă peine Ă©teints, ils peuvent potentiellement rĂ©vĂ©ler beaucoup d'informations sur les activitĂ©s de leurs propriĂ©taires. L'arrivĂ©e Ă proximitĂ© de la puce - montres et intelligents - lunettes va juste augmenter la quantitĂ© de renseignements personnels disponibles et les risques de fuite de confidentialitĂ© . Ce sujet est Ă©troitement liĂ© au projet Mobilitics qui est actuellement menĂ©e par l'Inria / Privatics et CNIL , l'autoritĂ© française de protection des donnĂ©es [ 1] [2 ] [3] . Par consĂ©quent , le candidat bĂ©nĂ©ficiera des enquĂȘtes qui sont en cours dans ce contexte, afin de comprendre la situation et les tendances. Le candidat devra Ă©galement bĂ©nĂ©ficier de tous les outils de diagraphie et l'analyse que nous avons dĂ©veloppĂ©es pour l'iOS et Android OS mobiles , ainsi que l' expĂ©rience acquise sur le sujet. Une autre question est l'arrivĂ©e de HTML5 base de systĂšmes d'exploitation mobiles , comme Firefox OS: il ouvre clairement de nouvelles directives qu'elle " utilise des normes ouvertes complĂštement et il n'y a pas de logiciel propriĂ©taire ou technologie impliquĂ©e " ( Andreas Gal, Mozilla) . Mais quelles sont les implications d'un point de vie privĂ©e OS mobile de vue? C'est un sujet important Ă analyser. Au-delĂ de la comprĂ©hension de la situation , le candidat devra aussi explorer plusieurs directions afin d' amĂ©liorer le contrĂŽle des appareils mobiles de la vie privĂ©e . Tout d'abord, une vie privĂ©e - par - approche de conception , lorsque cela est possible , est une excellente façon d'aborder le problĂšme . Par exemple, la tendance actuelle est de plus en plus compter sur un nuage - Services basĂ©s , soit directement (par exemple , via Dropbox, Instagram , les rĂ©seaux sociaux ou services similaires ) , ou indirectement (par exemple , lorsqu'une sauvegarde du contact , calendrier, bases de donnĂ©es des comptes sont nĂ©cessaires ) . Mais en poussant des donnĂ©es sur les nuages ââ- systĂšmes basĂ©s , quelque part sur Internet , est en totale contradiction avec nos considĂ©rations de confidentialitĂ©. Par consĂ©quent, l'idĂ©e est d'analyser et d'expĂ©rimenter avec les services de cloud personnel (par exemple , owncloud , diaspora ) qui sont entiĂšrement gĂ©rĂ©s par l'utilisateur. Ici, le but est de comprendre les possibilitĂ©s, les opportunitĂ©s et la facilitĂ© d'utilisation de ces systĂšmes , que ce soit en remplacement ou en association avec les services de cloud commerciales. Une autre direction est d' effectuer des analyses comportementales . En effet, afin de contrĂŽler prĂ©cisĂ©ment les aspects de la vie privĂ©e , Ă un extrĂȘme , l'utilisateur peut avoir Ă interagir fortement avec l'appareil (par exemple , par le biais des pop-ups chaque fois une fuite potentielle de la vie privĂ©e est identifiĂ© ) , qui a un impact nĂ©gatif sur la facilitĂ© d'utilisation de l'appareil . Ă l'autre extrĂȘme , le contrĂŽle de la vie privĂ©e peut ĂȘtre simplifiĂ©e Ă l'extrĂȘme , dans l'espoir de ne pas trop interfĂ©rer avec l'utilisateur, comme c'est le cas avec les autorisations statiques Android ou celui - Temps pop - up de iOS6 . Ce n'est pas non plus appropriĂ© , puisque l'utilisation de renseignements personnels une fois n'est pas comparable Ă l'utiliser chaque minute
- âŠ