Potential mass surveillance and privacy violations in proximity-based social applications

Proximity-based social applications let users interact with people that are currently close to them, by revealing some information about their preferences and whereabouts. This information is acquired through passive geo-localisation and used to build a sense of serendipitous discovery of people, places and interests. Unfortunately, while this class of applications opens different interactions possibilities for people in urban settings, obtaining access to certain identity information could lead a possible privacy attacker to identify and follow a user in their movements in a specific period of time. The same information shared through the platform could also help an attacker to link the victim's online profiles to physical identities. We analyse a set of popular dating application that shares users relative distances within a certain radius and show how, by using the information shared on these platforms, it is possible to formalise a multilateration attack, able to identify the user actual position. The same attack can also be used to follow a user in all their movements within a certain period of time, therefore identifying their habits and Points of Interest across the city. Furthermore we introduce a social attack which uses common Facebook likes to profile a person and finally identify their real identity

Incorporation of privacy elements in space station design

Privacy exists to the extent that individuals can control the degree of social contact that they have with one another. The opportunity to withdraw from other people serves a number of important psychological and social functions, and is in the interests of safety, high performance, and high quality of human life. Privacy requirements for Space Station crew members are reviewed, and architectual and other guidelines for helping astronauts achieve desired levels of privacy are suggested. In turn, four dimensions of privacy are discussed: the separation of activities by areas within the Space Station, controlling the extent to which astronauts have visual contact with one another, controlling the extent to which astronauts have auditory contact with one another, and odor control. Each section presents a statement of the problem, a review of general solutions, and specific recommendations. The report is concluded with a brief consideration of how selection, training, and other procedures can also help Space Station occupants achieve satisfactory levels of seclusion

The COVID-19 Pandemic and the Technology Trust Gap

Industry and government tried to use information technologies to respond to the COVID-19 pandemic, but using the internet as a tool for disease surveillance, public health messaging, and testing logistics turned out to be a disappointment. Why weren’t these efforts more effective? This Essay argues that industry and government efforts to leverage technology were doomed to fail because tech platforms have failed over the past few decades to make their tools trustworthy, and lawmakers have done little to hold these companies accountable. People cannot trust the interfaces they interact with, the devices they use, and the systems that power tech companies’ services.This Essay explores these pre-existing privacy ills that contributed to these problems, including manipulative user interfaces, consent regimes that burden people with all the risks of using technology, and devices that collect far more data than they should. A pandemic response is only as good as its adoption, but pre-existing privacy and technology concerns make it difficult for people seeking lifelines to have confidence in the technologies designed to protect them. We argue that a good way to help close the technology trust gap is through relational duties of loyalty and care, better frameworks regulating the design of information technologies, and substantive rules limiting data collection and use instead of procedural “consent and control” rules. We conclude that the pandemic could prove to be an opportunity to leverage motivated lawmakers to improve our privacy frameworks and make information technologies worthy of our trust

COVID-19 Tracking Applications: A Human-Centric Analysis

The year 2020 will always be remembered with the imprints left by COVID-19 on our lives. While the pandemic has had many undesirable effects for the whole world, one of its biggest side effects has been the fast digital transformation that has taken place, which was already in progress with the Industry 4.0 era. The readily available technology and wireless communications infrastructures paved the way for a myriad of digital technologies for the containment of the disease using mobile contact tracing applications developed by health authority organizations in many countries. The mounting privacy concerns especially with Bluetooth-enabled proximity tracing and centralized tracking technologies used by these applications have given rise to the development of new privacy-preserving contact tracing protocols. Although these new protocols have alleviated the privacy concerns of citizens to a certain extent, widespread adoption is still far from being the reality. In this paper, we analyze existing contact tracing technologies from a human-centric standpoint by focusing on their privacy implications. We present our comprehensive dataset consisting of the contact tracing application usage information in 94 countries and provide results of a multinational survey we have conducted on the sentiments of people regarding contact tracing applications. The survey results demonstrate that privacy concerns are still the leading deterrent for people when deciding whether to use these applications. Nevertheless, it is a globally accepted argument that the most effective and fastest method for contact tracking will be digital technologies free from human errors and manual procedures. Accordingly, it is concluded that a policy of developing decentralized tracking solutions based entirely on user privacy should be followed, in which independent trusted third parties assume the role of authority in the system architecture, if absolutely necessary, in order to effectively combat the pandemic worldwide. An important feature of the systems to be developed to pave the way for widespread use is to provide the users the right to be forgotten