WeChat censorship, the dangers of stalkerware, and Canada's irresponsible encryption policy
Research at the intersection of global security, digital media, and humans rights
1. Latest Publications
2. News and Announcements
3. Events and Upcoming Opportunities 1. Latest Publications
(Can’t) Picture This 2
WeChat conducts realtime, automatic image censorship of content on their platform according to Citizen Lab’s latest research. Following up on their prior work on image censorship on the Chinese social media behemoth, Jeffrey Knockel and Ruohan Xiong demonstrate how WeChat facilitates realtime censorship in chat by performing a computationally inexpensive lookup against an MD5 hash index of sensitive images previously sent over the platform. This report builds on its predecessor, demonstrating how social media censorship is reactive to contemporary events—censoring politically charged topics such as Huawei’s CFO Meng Wanzhou’s controversial arrest in Canada.
How Stalkerware Facilitates Intimate Partner Harassment
Citizen Lab researchers recently published two reports that provide a seminal, in-depth analysis of commercially available ‘stalkerware’ applications: spyware technology that grant a perpetrator powerful surveillance capabilities used to facilitate intimate partner violence, abuse, or harassment. The Predator in Your Pocket provides a holistic overview of the stalkerware ecosystem including technical elements associated with stalkerware applications, stalkerware companies’ marketing activities, and public policies, and Installing Fear contextualizes these issues in Canadian law.
While often advertised to aid in legitimate activities, such as child and employee monitoring, stalkerware is easily and frequently repurposed to carry out intimate partner surveillance. The reports are aimed to assist law enforcement agencies, policy-makers, and frontline workers who are increasingly asked to address issues of technology-facilitated abuse. Both reports additionally clarify existing legal ambiguity, arguing that the creators, users, and vendors of spyware apps are likely liable under numerous Canadian civil, criminal, and consumer protection laws.
30 years after the Tiananmen Square massacre on June 4, 1989, Chinese state directed social media censorship continues to double down on pro-democratic narratives that disrupt its status quo. In the build up to June 4, Chinese live streaming app YY, with a reported user base of over 300 million users, updated its keyword black list to censor content focused on Democracy Movement related memorials and activism in Hong Kong.
YY is not alone in its censorship of pro-democratic topics. Indeed, this is emblematic of a broader Faustian pact signed between Chinese Internet companies and government regulators, where continued business operations are contingent on rigorous state-aligned self-censorship. Citizen Lab’s keyword censorship research is part of a broader project on technologies and practices that impact freedom of expression online.
Canada’s New and Irresponsible Encryption Policy
The Government of Canada has historically opposed the calls of its western allies to undermine the encryption protocols and associated applications that secure Canadians’ communications and devices from criminal and illicit activities. This year, however, the tide may have turned, with the Minister of Public Safety apparently deciding to adopt the very irresponsible encryption policy position he had previously steadfastly opposed. Should the Government of Canada, along with its allies, compel private companies to deliberately sabotage strong and robust encryption protocols and systems, then basic rights and freedoms, cybersecurity, economic development, and foreign policy goals will all be jeopardized. 2. News and Announcements
The Dangerous Effects of Unregulated Commercial Spyware
Authoritarian states increasingly rely on commercial spyware and other technologies from the private surveillance industry to target dissidents and human rights workers. In response to this worrying trend, Special Rapporteurs David Kaye and Agnès Callamard recently issued two reports: the first calls for a global moratorium on the sale and transfer of the tools of the private surveillance industry; the second—created in response to the extra-judicial killing of Jamal Khashoggi, who’s inner circle was targeted with Pegasus spyware in the weeks prior to his death—endorses the full suspension of spyware technologies sold to Saudi Arabia until proper protections can be implemented. Both reports highlight the danger of unaccountable and unregulated surveillance technology sold to countries with egregious human rights records.
Ronald Deibert Receives Honorary Doctorate
Citizen Lab director, Ronald Deibert, received an honorary doctorate from the University of Guelph for his contributions to cybersecurity and human rights research. Deibert founded the Citizen Lab in 2001 which has since gone on to become a world renowned research institute at the intersection of information and communication technologies, human rights, and global security.
“I am honoured to receive this award. But I feel the honour must also be given to the research group of which I am a part – the Citizen Lab,” says Deibert of his honorary degree. “I do not work alone; I am part of a dedicated and very talented team and my accomplishments are theirs too.”
A Proposed Response to the Commercial Surveillance Emergency
Siena Anstis, Ronald Deibert, and John Scott-Railton write for Lawfare about the use of surveillance technology to silence dissent, recounting substantial work on NSO Group's Pegasus technology. "...[T]he urgency is very real, and the lethal effects of spyware abuses are becoming more apparent to a growing number of concerned citizens," they argue. "It is long past time for us all to recognize that the continued failure to address this growing emergency implicates the very core of liberal democracy."
Engaging NSO Group Investors
Against the backdrop of an ever-increasing list of victims and a WhatsApp hack that affected 1.5 billion users, Citizen Lab continues to engage with Novalpina Capital, a private equity firm with a majority stake in NSO Group, urging them to increase transparency over NSO Group’s business activities. This correspondence continues despite Novalpina’s reluctance to acknowledge the extensive human rights abuses enabled by the unaccountable sale of NSO spyware.
Furthermore, Citizen Lab continues to engage with South Yorkshire Pensions Authority regarding its recent investment in Novalpina’s Capital Investment Fund—a decision the Lab believes runs counter to the Authority’s own Responsible Investment Policy.
Building Resilience in Virtual Digital Response Networks: A Case Study
Jennie Phillips, a PhD candidate at the Ontario Institute for Studies in Education (OISE) and Munk School of Global Affairs & Public Policy, published a paper on resilience building in virtual digital response networks. This paper aims to address the gap between resilience practices and the requirements of physical infrastructure networks through a simulated case study of resilience development within and between a physical network and a virtual online network. 3. Events and Upcoming Opportunities
Ontario Disaster & Emergency Management Conference
October 9 - 10, Toronto, Canada
Jennie Phillips will be hosing a workshop on The Digital Response: Exploring the technology-driven needs and capabilities of citizens in crisis. Tickets and additional information can be found here.