Leaky NHS health apps removed amid privacy concerns

The UK’s National Health Service (NHS) has had to remove several of its own health apps from its library after researchers discovered they were putting users’ privacy at risk.

The affected apps, part of NHS England’s Health Apps Library, were found to be sending unencrypted personal and medical information over the internet.

The privacy blunder was discovered by researchers from Imperial College London who first contacted NHS officials in April to express concern over how some apps were handling data.

Kit Huckvale, a PhD student at the college, told the BBC that the findings were not altogether dissimilar to what they had found in other health apps but the fact that they had all supposedly been vetted and approved by the NHS was “surprising”.

Huckvale, the lead researcher, said man in the middle attacks were used to analyse 79 apps over a period of six months in 2013.

Of those, 70 transmitted data over the internet and 38 had a privacy policy in place which did not disclose what information would be sent. Furthermore, 23 apps transmitted personal information without encryption and 4 also passed medical data with the same lack of protection in place.

Commenting on the findings, Huckvale said:

Our study suggests that the privacy of users of accredited apps may have been unnecessarily put at risk, and challenges claims of trustworthiness offered by the current national accreditation scheme being run through the NHS.

The results of the study provide an opportunity for action to address these concerns, and minimise the risk of a future privacy breach.

The report into apps aimed at smokers, drinkers and those wishing to lose weight, comes at a time when the UK government says patients could soon be able to access their medical records via their smartphones – earlier this month the Health Secretary, Jeremy Hunt, said his ambition was to get 15% of NHS patients routinely reading and adding to their online medical records using smartphone apps within the next year – and the NHS looks to increase the use of apps as an additional support mechanism for patients.

Responding to the BBC’s story, a spokesman for NHS England said:

We were made aware of some issues with some of the featured apps and took action to either remove them or contact the developers to insist they were updated.

A new, more thorough NHS endorsement model for apps has begun piloting this month.

While health data is a high value commodity – can you imagine its worth to an insurance company? – personal information can often be far more valuable, though many people do not realise that until it’s too late and their identity has been stolen, or their details used against them for other types of fraud.

So, with that in mind, this story should hopefully serve as a wake-up call to any company that puts apps out in the marketplace, whether developed in-house or by a contractor.

With the appetite for smart devices and the apps that run on them remaining high, the temptation to put something out there quickly may be hard to resist. But stop. And think. Has your developer followed good security practice? Have they considered how the app will handle and transmit personal data?

And have you thought about the possible legal implications of offering an app that transmits personal or, heaven forbid, medical data, in an unencrypted format?

Coming, ready or not – Windows 10, the operating system that wants to be wanted

If you were running a PC on Windows 7 through 8.1 a while back you may have become excited in the run-up to the release of Windows 10, what with the free upgrade and all.

If you were lucky, or persistent enough to cope with a multitude of problems, then you could have been among the early adopters who transmuted a reserved copy into the real deal at or soon after its release date.

Windows 10

Not everyone was so keen though – I myself only have Windows 10 installed on one of a few machines at my disposal because, well, being an earlier adopter with Microsoft is never a good idea, is it?

Especially with the new auto-updates and all.

I’d rather wait to upgrade the other machines in my house – my kids computers – because if there are any gremlins in the system then I’m the first and last line in tech support, a job that seemingly never ends as it is.

So, simple solution thought I – don’t even reserve a copy on their machines. After all, its going to be free for a year so plenty of time available to get it installed at a later date.


“Dad, I’ve run out of room on my computer”.

Oh, that’s strange, I wonder why?

Ah…. a hidden directory named $Windows.~BT. Hmmm…. that sounds familiar…. I remember seeing that when I was messing around with my installation of Windows 10. Curious.

So why is there 4.2 GB of unwanted operating system on my daughter’s computer?

Oh, and hang on, why is it asking to be installed?

Curiosity may have killed the cat but in my house it’s a far more dangerous affair – now the kids want 10. And they want it now.

According to the Inquirer, Microsoft says it’s a deliberate thing – Windows 10 wants to be found, in much the same way a certain gold band felt a compulsion to be picked up after the fall of Isildur:

For individuals who have chosen to receive automatic updates through Windows Update, we help upgradable devices get ready for Windows 10 by downloading the files they’ll need if they decide to upgrade.

When the upgrade is ready, the customer will be prompted to install Windows 10 on the device.

Thanks a bunch Redmond!

Now I’m left with a difficult choice – do I say no to my kids (my daughter will socially engineer me away from that course of action unless I stand extremely resolute in the face of extreme cuteness mixed with a dash of petulance and a sprinkling of A-star drama ability) or do I say yes and open up the can of worms that surrounds the latest operating system and its propensity to mimic E.T. and phone home just about all of the time?

Decisions, decisions.

Either way, there is going to be a conversation about privacy in my house tonight (security has already been done to death).

How do you feel about Windows 10? Are you annoyed by the privacy settings, aggravated by the compulsory updates (or pleased about that) or frustrated about how it wants to force itself upon the unwary like the new kid in school who is desperate to make a new friend?

Journalists arrested on terrorism charges after using encryption software

Terrorism = bad.

Encryption = good.

Turkey = confused?

Three journalists, including two Brits, have been arrested in Turkey and charged with “engaging in terrorist activity” because one of the men used encryption software.

Speaking to Al Jazeera, a senior Turkish official said the crypto on one of the journo’s computers was the same as that used by some members of the Islamic State of Iraq and the Levant (ISIL):

The main issue seems to be that the fixer uses a complex encryption system on his personal computer that a lot of ISIL militants also utilise for strategic communications.

The official, who demanded anonymity in return for their statement, did not elaborate on just what constituted ‘complex encryption’ but current thinking suggests it may be nothing more than The Onion Router (TOR) or even PGP email encryption software, both of which are used by security professionals and others on a regular basis.

The correspondent, cameraman and fixer, who is a Turkey-based Iraqi, were all arrested in Diyarbakir (south east Turkey) last Thursday.

According to The Guardian, the journalists were covering “recent clashes between Turkish security forces and the Patriotic Revolutionary Youth Movement, the youth wing of the outlawed Kurdistan Workers’ Party (PKK).”

Whether there is any truth in the terrorist claims levied against them remains to be seen, but the case does show that governments have the potential to become at least a little twitchy when faced with systems they cannot easily monitor.

Just like David Cameron, Turkey (my parents live there) has a deep interest in monitoring the use of encryption, as well as keeping tabs on the internet and other invasions of personal privacy.

Censorship is also a big deal, especially where negative commentary of the government or, especially, President Erdogan is concerned. Last year, for example, the authorities banned Twitter for a while after citizens took to the social network to complain about alleged corruption among high-ranking officials.

Other major services, such as Facebook and YouTube, have also come under the spotlight with the PM saying both could be closed for “privacy violations” in the future in what many saw as a thinly veiled threat against sites hosting anti-government content.

In the meantime, three members of the Vice News team remain in detention, possibly because they were reporting on an issue deemed sensitive by the Turkish government.

Encrypted communication is good. For some, such as missionaries and aid workers, it is essential, given the nature of the areas they are working in.

The same could also be said for journalists though not, perhaps, those tasked with reporting from within Turkey!

The death of tin foil? New anti-facial recognition tech set to launch in 2016

Security, security, security.

I love it, you need it, many people are talking about it. I could talk about it all the time.

But in this day and age there is another important topic coming up on the rails: privacy.

Prior to, but especially since, Edward Snowden came onto the scene, people have become increasingly aware of how their privacy is being invaded, both online and off.

I’m sure you’re all aware of the online issues – the actions of the NSA, GCHQ, et al., have been widely publicised – but what about in real, every day life?

Have you seen the roadside cameras designed to ‘improve safety’ by flinging fines at every speeding motorist? Or the CCTV cameras in your local shopping centre? Do you realise the UK has the most video surveillance per capita anywhere in the world?

If so, you may have already taken precautions. After all, the solution has been around for over a century:

tin foil

But if you’re slow to the party, then a new piece of tech may be of interest.

Designed by the National Institute of Informatics (NII) in Japan, Privacy Visor is for the discerning customer who cares about their civil liberties.

Equipped with special lenses, the £240 visor reflects and absorbs light in a way that thwarts security cameras which would otherwise engage facial recognition tactics to id the wearer.

Due to go on general sale next year, researchers suggest it is effective around 90% of the time.

IT World quotes NII researcher Isao Echizen who thinks the new device is rather nifty:

This is a way to prevent privacy invasion through the many image sensors in smartphones and other devices that can unintentionally photograph people in the background.

Speaking to The Wall Street Journal, Echizen gave a bit more detail as to why he thinks Privacy Visor could be the must-have gadget of next year, explaining how “We are often told not to unveil our personal information to others, but our faces are also a type of an ID. There should be a way to protect that”.

The latest device is a successor to prototypes first mooted back in 2012 which utilised 11 LED lights which could prevent facial recognition tech from identifying that a subject was even a person.

That early iteration ultimately proved to be unwieldy though, not to mention garish, and so the new, far more sylish model was born.

Whether it proves to be popular among privacy advocates or as derided as Google’s antithesis – Glass – remains to be seen.

So, will you be buying a pair for yourself, or perhaps as a present for the man who has to have every new gadget?

Or will you stick with the old tin foil?

Toshiba Working On “Unbreakable” Encryption Tech

Asian tech firm Toshiba Corp, has grand plans for encryption – it wants to make it completely unbreakable.

The ambitious plan, which Toshiba hopes will come to fruition by 2020, will attempt to address the issue of transferring encryption keys securely in a world where even mail carriers could be engaging in espionage.

The key to Toshiba’s system is a quantum-cryptography system that will make use of photons – light particles – that will be deliverable via custom-made fiber optic cable. No internet required.

According to the Wall Street Journal,

Due to the nature of the particles, any interception or wiretapping activities on the cable would change the form of data, making any spying attempts detectable. And the one-time key would be the same size as the encrypted data, meaning there will be no repeated use of the pattern, which would make decoding without the correct key impossible, analysts say.

The company, which is better known for its TVs, laptops and computer components, will test its new quantum-cryptography system for a period of two years. If it proves to be successful, we could expect to see the company take it to market in ten to twenty years which, beyond being a long way into the future, is also a huge pita for anyone looking for an alternative to RSA and ElGamal encryptions.

Currently able to transmit photons at a distance of 100 km without a repeater, Toshiba’s experts will take the system out of its own labs and into Japan’s Tohoku University in August for further testing.

Whether the new system will prove to be the silver bullet we’re all looking for remains to be seen – as Tripwire’s Ken Westin says:

It is great to see new innovations and research focused on better methods of encrypting data, however when I hear “unbreakable encryption” or “100% secure” I immediately think of the Titanic. Making such claims in the world of security, particularly when it involves new technology is getting a bit ahead of ourselves, particularly when it will not be deployed for another decade. A component of security that is often overlooked which is critical to adoption of new security technology is usability and actual adoption of the technology.

Not only that, Toshiba also has to contend with domestic competition from NEC Corp. and other non-Japanese firms who are also looking into new types of encryption technology. Add the fact that development of such tech doesn’t come cheaply – the WSJ says Toshiba’s servers cost $81,000 a pop – and technical issues such as heat and vibration caused by far-travelling protons, and it’s hard to see the company’s dream of providing “perfect” encryption to everyone becoming a reality any time soon.

And talking of perfect, there are no guarantees that Toshiba’s system will deliver that promise either with Westin saying:

Even if new technologies are able to completely ensure the encryption of data in transit, this does not ensure that the data is encrypted at rest, so many of the challenges with securing data we see today could still exist. We will see a lot can changes over the next ten years and it’s hard to know how effective newer encryption technologies will be when they are deployed.

But what if a completely unbreakable form of encryption was developed?

How would the various governments of the world react? Do you think they’d be pleased? :-)

Twitter Ye Not – Microblogging Site Blamed For ‘Endangering National Security’

Over the weekend one of the biggest stories surrounded the Sunday Times article about Edward Snowden and how his actions may have placed US and UK spies’ lives in danger. With every source for that article hiding behind the cloak of anonymity, it has been widely trashed by the security community. And probably rightly so.

But what the story did do was detract from something else of interest – a piece in the Telegraph about how one of Britain’s top cops has suggested Twitter could be ‘endangering national security’ by tipping off users who may be under surveillance.

On the back of the news that Twitter blocks two-thirds of the UK government’s requests for information, Sir Hugh Orde, former president of the Association of Chief Police Officers and Northern Ireland chief constable, said the approach of Twitter and other tech firms “needs to be addressed”.

Prime Minister David Cameron, who favours the abolition of encryption, also waded in, suggesting that social media companies have a responsibility to the safety of the British public which could only be honoured by handing over terrorism-related data whenever asked for.

Responding to a report by the government’s independent reviewer of terror laws, which claimed Twitter and others had alerted terror suspects that they were being monitored by the authorities, Orde said:

Clearly this needs to be addressed. It’s a statement of the blindingly obvious that this is endangering national security. Anyone who thinks it’s sensible to compromise investigations is acting in an extremely irresponsible way. It certainly needs to be looked at.

Adding to the wave of condemnation, Professor Anthony Glees, from the University of Buckingham’s Centre for Security and Intelligence Studies, said Twitter’s behaviour was “deeply offensive” and driven by profit:

The implication is that Twitter views itself as neutral in the fight for a decent and safe society. The people who use Twitter will be horrified. It shows the depths to which people who make money out of the lack of regulation on the internet are prepared to go.

So, I guess the question is, just how horrified are you?

Are you horrified that Twitter and other social networks don’t simply hand all of your data over to the authorities whenever they click their fingers?

Maybe you are horrified at the thought of Twitter informing people – who have not been convicted of any crime – that they are being spied upon?

Perhaps you are horrified that two online newspapers have run ‘scary’ stories within days of each other?

Or are you just horrified that the government and other authoritive figures don’t have a grasp on topics such as privacy and how the internet works as they continue to promote “The Snooper’s Charter” as the solution to a problem arguably of their own making?

Privacy And Porn Faux Pas Leaves ‘Earl Grey’ Choking On His Tea

We here at SecurityWatch believe security is important. Very important.

But, as we’ve often said, technical security can often amount to nothing when human nature gets added into the mix.

And yesterday Ars Technica provided a fine example of what we mean.

Those of you with good memories, or an interest in the certain corners of the web, may well remember how the FBI nabbed Megaupload.com off of Kim Dotcom.

The agency subsequently lauded their new acquisition by proudly redirecting fans of the site to another page under their control, complete with a lovely bureau banner.


All good things come to an end though, and that includes the registration of the Megaupload.com domain.

Normally a business owner, or dedicated member of staff, would be highly alert to such a happenstance – after all, most hosts are hardly bashful when it comes to sending reminders out – but, in this case, something went wrong and the domain was put up for auction by GoDaddy.

Enter a British ex-pat adorned with a suitably nationalistic name: Earl Grey.

A self-styled “black hat SEO marketer,” Earl Grey swiped the domain up, presumably hoping to profit from the undoubted popularity and brand awareness it still carries, not to mention traffic.

As senior GoDaddy security architect Scott Gerlach says:

Once the domain is transferred, DNS records don’t move with domain. The new domain holder could have scraped all the DNS records, and then recreated them and monkeyed with the ones he wanted to change. He would have had to recreate all the entries; there are some tools out there that allow you to guess DNS entries and scrape the info. He would have had to know what he was doing to make it happen—it’s not technically easy to do, but doable.

Irrespective of what actually happened – and I don’t think anyone other than Earl Grey and GoDaddy have any answers right now – the Megaupload.com domain ultimately ended up serving “porn, drugs, malware & ad scams,” according to Kim Dotcom.

Imagine if that was your corporate website?

The amount of security in place would be largely irrelevant if someone let the domain name expire and, hence, end up under someone else’s control, wouldn’t it?

But there is a twist in this tale for Earl Grey.

No matter what he may or may not have done with the Megaupload domain he did, in many respects, become a victim himself.

A week after the domain expired the FBI finally realised and contacted GoDaddy. Gerlach explained that:

We got a notice of an ongoing criminal investigation regarding malware distribution, which lead to a Terms of Service violation and domain suspension.

Which basically means that the domain was frozen. I’m not sure whether that means Earl Grey will be entitled to a refund on the purchase price but one thing that’s for sure is that the purchase cost him his privacy.

As many website owners do, he blocked his contact details from appearing via a Whois lookup which is a sensible and advisable course of action to take.

Unfortunately, however, the suspension of the domain also took away his Domains By Proxy coverage, revealing all manner of personal info to anyone who cared to look for it.

Not that we needed such a disaster to befall him to find out that he lives in sunnier climes – Earl Grey likes to tweet you see, often talking about his taste in food, but also occasionally requesting assistance in the form of “an english person to be a cook/maid for a few hours a day in Marbella Center”.

I guess he didn’t value his privacy that much then, even though he does feel quite strongly about it (” I feel like I have been raped by @godaddy over my privacy. I empathize with women and men who have been raped. Violated.”)

So, what can we learn here?

There’s a few lessons, the first of which is that privacy and security issues are more often than not caused by the action/inaction of people rather than shortfalls in technology.

Secondly, if you own a website be on the lookout for domain renewal notices or at least be aware of when your registration expires – it’s no good securing a website if you let it slip out of your control.

Thirdly, are you aware of what your website is serving to visitors? I’ve seen many a derelict site that is packed full of junk and malware and the same can be said for current sites that get attacked – how often are you checking the integrity of yours?

Lastly, what are you doing to ensure your privacy? Are you hiding your contact details from the general web populace? Are members of your team then undermining that by saying too much on social media?

Food for thought, eh?

As The Coalition Government Ends, What Next For Your Privacy?


It’s over.

After what seems like months, the election is finally over and done with and we don’t need to worry about politics again for another 5 years.

Or do we?

Well, as the dust begins to settle, some within the heart of British politics have already set their minds toward policy and, irrespective of your allegiances, that means change.

One of the key policies that was mooted last night, long before the result was known, was the Snoopers’ Charter – a plan to increase the British government’s surveillance powers – that had hitherto been thwarted by the Conservative Party’s coalition partners.

Theresa May, the Home Secretary, raised the controversial legislation during an interview with the BBC last night and, now that her party has secured a majority mandate, she seems keen to finally realise her ambition of pushing the Draft Communications Data Bill through The House of Commons.

Should the proposal now secure the support it requires to become law, it will see British internet service providers forced to store massive amounts of data on their customers and to make it available to the government and its security services upon request.

The bill, which was blocked by the Liberal Democrats in 2014, has received a huge amount of criticism from security experts and civil liberties groups alike.

Given the new distribution of MPs after last night’s election, it seems likely that the bill will now find its way into law though.

Should that prove to be so, it will be interesting to see what the government’s next move is, especially given how David Cameron has previously hinted that re-election would see him seek additional powers.

Back in January, he demonstrated what many would argue was a complete lack of understanding about encryption, as he suggested there should be no form of communication that the security services should not be able to read.

His comments at the time were taken to mean that encryption could be outlawed altogether, or at the very least highly regulated, leading to concerns among British businesses who immediately felt at risk, and security professionals and privacy advocates who collectively shuddered at the though of what it may mean for the average user.

Hopefully any further ideas thought up by politicians, whatever party they may be associated with, will be better thought out, especially given how we heard only yesterday that the US appears to be moving in the opposite direction to the UK as a federal appeals court ruled the NSA’s bulk data collection program to be illegal.

We’ve also seen Germany’s surveillance agency BND caught in cahoots with the NSA – a revelation that led to a massive drop in popularity for Chancellor Angela Merkel.

Where we go next with privacy in the UK is anyone’s guess right now but what is for sure is that we now live in a world where the topic of civil liberties is becoming more widely discussed and understood (unless you’re a politician, or so it seems) which cannot be a bad thing (we like the thought of awareness here).

We live in interesting times. Let’s hope that’s not a curse.

Privacy – by Design?

This is our first blog of 2015 and we’d like to wish all the readers of SecurityWatch a very Happy New Year!

So what are the predictions for cybersecurity issues this year?! More open source software bugs, vulnerabilities in mobile payment systems, IoT attacks…etc. Apart from these issues, there is one global concern which is ongoing and undoubtedly growing – PRIVACY.Privacy Image

Surveillance issues are at the forefront due to rising terrorist activities. Such activities that could be potential threats to a nation or it’s people, compel governments (or as claimed so by them) to keep a close eye on all activity over the wire within their remit.

Not long ago, such operations were conducted covertly. But the NSA and GCHQ revelations by Edward Snowden starting June 2013, were an eye-opener for many. An international survey on Internet security and trust reported that, of ‘23,376 Internet users in 24 countries reported that 60% of Internet users have heard of Edward Snowden, and 39% of those ‘have taken steps to protect their online privacy and security as a result of his revelations’ which is considerable number.

Recently UK’s prime minister announced that, if elected again, he would block chat messengers that support end-to-end encryption (such as WhatsApp, iMessage, Telegram, Cyberdust, etc.), as part of his plans for new surveillance powers announced in the wake of the Charlie Hebdo shootings in Paris. Seems like the onus is now on the citizens to assist the governments by sacrificing their privacy as opposed to the them putting in more resources to tackle terrorist threats.

And it isn’t just the governments ready to put their hands on any kind of personal information available over the wire, there are other actors involved as well. Cyber theft is escalating and information is being sold on the deep web or darknet for financial gain. Moreover, companies monitor user activity more than ever before to keep track of users and their activities to boost sales.

Such growing interest in personal information for malicious purposes compels us to think more and more about protecting our privacy online in the internet era. This Hindi proverb, in my view, explains it well –

“Shaadi laddoo motichoor ka, jo khaaye pachtaye, jo na khaaye pachtaye”

Which means – Marriage is like a delicious tempting sweet, the one who consumes it suffers as well as the one who doesn’t (unless you absolutely hate sweets)! Which is entirely true if we substitute Internet in place of Marriage in this case. Anyone using the internet needs to be cautious and must take proactive measures to protect their privacy if they want to have a good relationship with it!

There are already complaints being lodged and measures being taken to strengthen the privacy regulations in Europe. Among them is the “Right to be Forgotten” Ruling (C-131/12) that states a search engine will have to delete information, along with the links when it receives a specific request from a person affected.

Some users of the internet, especially the younger generation, might relate to privacy as only changing their twitter or Facebook settings to restrict feeds and pictures to contacts.

However, privacy is more than that.

“Privacy is not something that I’m merely entitled to, it’s an absolute prerequisite.” – Marlon Brando

Privacy is a fundamental human right. This is acknowledged by Article 8 of the European Convention on Human Rights, which provides a right to respect for one’s “private and family life, his home and his correspondence”. The Charter of Fundamental Rights of the European Union and Universal Declaration of Human Rights have similar sections on privacy protection.

However, not every fundamental right that a citizen possesses is set out in a country’s constitution. For example, in Ireland, the Constitution does not specifically state a right to privacy but the courts recognize that the personal rights in the constitution imply the right to privacy.

Privacy is an integral element of democratic societies and this applies to the digital world as well. Digital technologies may be designed to protect privacy. Since the 1980s technologies with embedded privacy features have been proposed. During that time, deploying Privacy Enhancing Technologies (PETs) (e.g. encryption, protocols for anonymous communications, attribute based credentials and private search of databases) was seen as the solution as opposed to embedding of privacy into the design of technology. However, apart from a few exceptions such as encryption, PETs haven’t really become a standard or a widely used component in system design.

Most of us may have heard about the relatively newer concept of Privacy by Design (PbD) which has been around for a few years now. It was developed by the former Information and Privacy Commissioner of Ontario, Dr. Ann Cavoukian, back in the 90’s. Dr. Ann argued that “the future of privacy cannot be assured solely by compliance with legislation and regulatory frameworks; rather, privacy assurance must ideally become an organization’s default mode of operation.”

Privacy by Design is believed to be accomplished by practicing its 7 Foundational Principles which have been have been translated into over 30 languages.

  1. Proactive not Reactive; Preventative not Remedial
  2. Privacy as the Default Setting
  3. Privacy Embedded into Design
  4. Full Functionality – Positive-Sum, not Zero-Sum
  5. End-to-End Security – Full Lifecycle Protection
  6. Visibility and Transparency – Keep it Open
  7. Respect for User Privacy – Keep it User-Centric

Privacy is a challenging subject that covers a number of domains, including law, policy and technology. Some believe that the concept of Privacy by Design is too vague and since it does not focus on the role of the actual data holder, but on that of the system designer, it is not applicable in the privacy law.

Despite the criticism, Privacy by Design has been globally recognized and adopted. The U.S. Federal Trade Commission recognized Privacy by Design in 2012 as one of its three recommended practices for protecting online privacy. In addition, a variation of the concept, known as ‘Data protection by Design’ has been incorporated into the European Commission plans to unify data protection within the European Union with a single law – the General Data Protection Regulation. The variation apparently goes beyond mere technical solutions and addresses organisational procedures and business models as well. However, since the proposal does not explicitly define or give references for definitions of either data protection by design or privacy by design, the precise meaning of these concepts is nebulous.

In an effort to encourage adoption and implementation of privacy by design and, provide guidance on privacy engineering practices, several bodies have taken initiatives.

European Commission

In January 2012 the European Commission proposed a regulation on data protection that will replace the existing Data Protection Directive. The proposal for the new regulation in general associates the requirements for data protection by design and data protection by default with data security and contains specific provisions relevant to Privacy by Design and by Default.

European Union Agency for Network and Information Security (ENISA)

In December 2014, European Union Agency for Network and Information Security (ENISA) published a report to elaborate on how privacy by design can be implemented with the help of engineering methods. According to the ENISA report-

“The principle “Privacy/Data Protection by design” is based on the insight that building in privacy features from the beginning of the design process is preferable over the attempt to adapt a product or service at a later stage. The involvement in the design process supports the consideration of the full life-cycle of the data and its usage.”

The report is intended for data protection authorities, policy makers, regulators, engineers and researchers. It discusses the notion of a privacy design strategy, and how it differs from both a design pattern and a PET. Moreover, the report briefly summarizes the eight privacy design strategies as derived by Hoepman from the legal principles underlying data protection legislation for both data and processes. It also provides a list of privacy implementation techniques.

The report identifies and highlights some limitations of privacy by design too. The predominant ones are – fragility of privacy properties if two systems are combined or one embedded in the other, absence of a general and intuitive metric that allows comparing two systems with the same or similar functionality with respect to a set of privacy properties, increased complexity and reduced utility of the resulting system and different interpretations of privacy by design.

National Institute of Standards and Technology (NIST)

A similar initiative is underway by NIST as well, called the Privacy Engineering initiative which focuses onproviding standards-based tools and privacy engineering practices to help evaluate the privacy posture of existing systems, enable the creation of new systems that mitigate the risk of privacy harm and, address privacy risks in a measurable way within an organization’s overall risk management process. The organization published a draft last year in April – NIST Privacy Engineering Objectives and Risk Model Discussion in which a definition for Privacy engineering was proposed –

“..a collection of methods to support the mitigation of risks to individuals of loss of self-determination, loss of trust, discrimination and economic loss by providing predictability, manageability, and confidentiality of personal information within information systems.”

However, as per our knowledge, this is not the final accepted definition and a meeting to update the draft will be held in February 2015.

Although the requirement for such initiatives was long due, these standards, regulations and guidelines can only take us so far when it comes to protecting our privacy in times of these technological transformations and rising cyber security threats. Nevertheless, using the right means with the right technology and embedding privacy and data protection in the way we design/build solutions could certainly facilitate the protection of our user identities in this crazy world of the internet

Stay Safe!

Just Given Up Your Eldest Child For Free WiFi? Perhaps I Can Interest You In This Tech Preview?

‘Ello guv’nor, I heard you sold your kid for WiFi. Perhaps I could interest you in another good deal? It’s called tech for privacy and I know you’re gonna luv it.

Having decided to pass on the logical numbering of the next rendition of Windows, Microsoft’s new operating system will be called Windows 10.

In a move many see as an attempt to put the memory of the not-so-popular Windows 8 behind it, the company is all steam ahead as it marches toward the inevitable retail release of its replacement.

In the meantime, however, early adopters can grab a technical preview to see how Redmond has accommodated Start button-loving fans of its arguably much better Windows 7.

Being one of the first people to get your hands on a new operating system may sound pretty cool but that will only be the case if you read the privacy policy first (something you should always do before installing new software).


Because Microsoft sharing the tech preview with you is a reciprocal agreement which sees your data travel back in the opposite direction.

Specifically, the Windows Insider Programme policy says,

“Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage.”

While the sheer volume of collectible data is staggering and far beyond what I for one would be happy to give up if I had a choice, it is standard fare these days, mores the pity.

More disconcerting though are these two following entries:

“We may collect information about your device and applications and use it for purposes such as determining or improving compatibility” and “use voice input features like speech-to-text, we may collect voice information and use it for purposes such as improving speech processing.”


“If you open a file, we may collect information about the file, the application used to open the file, and how long it takes any use [of] it for purposes such as improving performance, or [if you] enter text, we may collect typed characters, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features.”

Did that sink in?

If not read it again and you will see that signing up for the Windows 10 preview will see you giving Microsoft permission to both record your voice and, specifically what you say, and to collect everything you type on your keyboard.

In other words, you will be voluntarily installing voice and keyloggers onto any system running this version of Windows.


There is no word on whether the privacy policy will be similarly worded when bundled with the final version and I suspect, and hope, that it won’t – I’d like to think that Microsoft is merely gathering so much data to help it make improvements to the new operating system before its retail release.

But there are no guarantees of anything these days, especially where technology is concerned and, likewise it seems, in the realm of data gathering.

So, my advice, is to research Windows 10 thoroughly upon its general release and to check out its privacy policy in its entirety before letting it anywhere near any of your devices.

Alas, most people will not do so though. After all, the latest tech is often so enticing that people will do the craziest things to get on the bandwagon.