Archives for category: Science

TLS secures the connection between your browser and the websites you visit (and a lot of other Internet connections that do not involve either a browser or a web server). TLS should provide confidentiality (so nobody can steal your passwords or see which webpages you are visiting), integrity (so nobody can modify the transactions you send to your bank) and authenticity. When properly used, TLS provides the first two guarantees, but it is increasingly becoming apparent that it fails to provide the latter: authenticity. The use of certificates (and the poor understanding of what authenticity on the web really means) is to blame.

(Note: I wrote an update to clarify and improve the idea, based on comments I received.)

Read the rest of this entry »

Privacy policies are hard to read. They are very long, and written in ‘legalese’ that very few people understand. As a result, people don’t read them. To allow people to nevertheless learn how websites, apps or services treat their personal data, the use of privacy icons have been proposed. These icons should, when properly designed and used, summarise the privacy policy and convey its essential privacy characteristics. In this blog post I will discuss and analyse the main proposals, and suggest some steps forward.

Read the rest of this entry »

Please find below a summary of the lectures given on day #2 of the Interdisciplinary Summerschool on Privacy (ISP 2016), held at Berg en Dal this week. There was a lecture by George Danezis on anonymous communication.

Read the rest of this entry »

Please find below a summary of the lectures given on day #2 of the Interdisciplinary Summerschool on Privacy (ISP 2016), held at Berg en Dal this week. There were lectures by Solon Barocas on fairness in machine learning, and Stefania Milan on privacy from the point of view of (organized) collective action.
Read the rest of this entry »

Please find below a summary of the lectures given on day #2 of the Interdisciplinary Summerschool on Privacy (ISP 2016), held at Berg en Dal this week. There were lectures by George Danezis privacy-friendly services and Helen Nissenbaum on contextual integrity.

Read the rest of this entry »

Please find below a summary of the lectures given on day #1 of the Interdisciplinary Summerschool on Privacy (ISP 2016), held at Berg en Dal this week. There were lectures by Eleni Kosta on the General Data Protection Regulation (GDPR) and Lilian Edwards on consent in the Internet of Things and Smart Environments.
Read the rest of this entry »

Last week I presented at a workshop on Smart Sharing at the European Parliament organised by the European Data Protection Supervisor. My co-presenter, Gabriela Zanfir, told the following story when asked by the audience why privacy is important. I very much liked the example. That’s why I am sharing it here.
Read the rest of this entry »