Research works conducted in the previous two decades bore fruits. At many organisations or companies, privacy has become elevated in importance. One of such potentially recent developments in the discussion around the changes to the web platform that could support the work of privacy-preserving digital advertising systems, the design of Read More
The UK just released its comprehensive report Integrated Review concerning future diplomatic and military capabilities. While the document discusses foreign policy, adversaries, and kinetic forces such as missiles, tanks, or nuclear weapons, it contains interesting tidbits about cybersecurity and cyberwarfare (and is perhaps analogical to the other one from France) Read More
Digital web advertising is an ecosystem undergoing strategic changes. Google’s Privacy Sandbox is promising to redesign web advertising technology in ways that will respect user’s privacy, including based on some previous designs. Detailed technically-enabled analysis should wait until more design features are known. In this post I focus Read More
User tracking technologies are ubiquitous on the web. In recent times web browsers try to fight abuses. This led to an arms race where new tracking and anti-tracking measures are being developed. The use of one of such evasion techniques, the CNAME cloaking technique is recently quickly gaining popularity. Our Read More
There is no question that cybersecurity is among the key world challenges. As reports of cyber attacks increase, policy decisions follow. The creation of military cyber operations, including planning and conducting offensive or defensive activities in cyberspace to achieve strategic and military objectives, slowly become the standard. While the details Read More
The last and final version of the ePrivacy Regulation was finally delivered by the Council of the European Union. The work will finally move forward. I tracked all relevant ePrivacy events since 2016. I also directly participated in the works as an expert and advisor. While this is likely the Read More
This post describes some of the technologies that are or may be used, as well as the ideas of improving the privacy stance of such a certificate/passports technology. Treat it as a standardisation and food-for-thoughts consideration, with a view towards privacy-preserving Covid19 health certificates or ‘passports’. It seems that Read More
European Union showcased its new aims for cybersecurity (“strategy”), along with the new proposal for directives regulating cybersecurity, critical infrastructure, and end-to-end encryption. The strategy goes first. Strategic EU focus on cybersecurity? The strategy contains several interesting points, for example: European DNS European DNS resolver system. This point is critical Read More
Technology platforms create technologies with significant impacts on nations, governments, and societies. This impact is increasing, reaching new heights. Many feel that the rules of the game are unclear, insufficient, or non-existent. Without rules, one only wonders who would set out the road to the future. In other words, does Read More
European Commission announced the “Democratic Action Plan”. It is a rather general strategic document. What stands out is the realization that New Digital Technologies have great impacts on democratic societies. Both positive (i.e. like the ability to reach new groups of people) and negative (like the non-transparent campaigning, disinformation, Read More
We may be in the middle of a process of redesigning how the web economy functions. Considerations include web advertisements. Such works involve many actors. Some big platforms. Some web browser vendors. Some ads companies, with a modest list of analysts or researchers keeping a close eye. I believe it’ Read More
There’s a trend of bringing web apps closer to smartphone native apps. You can see it in the increasingly popular Progressive Web Applications (PWAs), web applications that can be installed locally to a smartphone, to subsequently be available to the user just like any other native apps, for example Read More
The Council of the European Union is a group of representatives of 27 EU governments. The institution continues to investigate the challenges caused by encryption technology. Someone in there recently coined a new policy term “security through encryption and security despite encryption” (in this document). What does it mean? The Read More
IPv6 is a big enough topic that any short writing obviously cannot account for all the issues. But it’s important to realize that at its core, the IP version 6 (which was/is supposed to replace IPv4 at some point) is modern technology at its core from the ‘90s Read More
Web advertising moving towards privacy - is it possible? Six issues to consider In 2016 I argued that 2017 will be the year of privacy. It was but we did not stop there. We are still in the cycle of transforming technologies into processes with privacy in mind. This process Read More
In the past, I analyzed some more interesting EU regulations relating to privacy or cybersecurity, as well as some national cybersecurity strategies. This post is about a the proposal for a regulation just unveiled by the European Council. The primary focus of the regulation is the cyber resilience of the Read More
When big chunks of user data collected on an industrial scale continue to induce constant privacy concerns, the need to seriously address problems of privacy and data protection with respect to data processing is important as never before. Data is increasingly fed into machine learning models (i.e. “artificial intelligence” Read More
This post is built around my paper (presented to/at the International Workshop on Privacy Engineering) devoted to privacy assessment in web standards. After the previous one (Battery Status Not Included: Assessing Privacy in W3C Web Standards) this is the next insight in this domain. While I point out the Read More
Cyberattacks in times of conflict will look different than in peacetime. There are many reasons for that but naturally such points might not be at the center of interest now. Because we are fortunately in peacetime, and because imagining such a qualitative change is not simple. Still, there’s the Read More
The user’s Web browsing history is usually defined as a list of websites the user has visited, such as “google.com, facebook.com, reddit.com, bbc.co.uk, random-site.org, etcetc.org.uk”. On its own, it may seem innocuous. It turns out browsing history can be processed to Read More
Why do countries resort to cyber operations or cyberattacks (depending on the terminology)? It’s a long discussion that involves matters of performance, speed, aptness, ability, and risk. Some better-informed folks used to speak about it and we also covered it during the ICRC assessment of cyber operations. But only Read More
Countries continue to refine their approach to cybersecurity. Australia is not an exception, with the recent release of its new cybersecurity strategy. Previously I looked at several countries or organisations (i.e. USA, Ireland, Netherlands, France, ICRC, France, Luxembourg) along different dimensions of cybersecurity. Why is Australia worth a look? Read More
Quantum computers benefit from special effects like the quantum superposition and quantum interference to perform computation outside the reach to to classical computers, and attaining a speed advantage over classical computers for selected problems. What matters is quantum computers may allow an exponential computing speedup for certain problems. This speedup Read More
Privacy Shield provided for simple grounds for transferring data from the European Union to the USA. The news of invalidation of Privacy Shield as a result of the verdict of the European Court of Justice (ECJ) has now settled. It’s a matter of law, and the associated decision contains Read More
European Parliament recently called on a ban on micro-targeted ads. Such a decision made by a democratically elected body is somewhat unprecedented. Micro-targeting allows people (i.e. “advertisers”) to use platform profiling to reach the “right” audience. For example targeting content based on traits such as: Male/Female, age, the Read More