Abstracts:

Sofia Celi, Centro de Autonomia Digital
The loss of the sovereignty in privacy
Perhaps, one of the fundamental things that History has shown us is the fact that the loss of sovereignty leads to a self proclaimed liberalization imposed in the interests of the powerful, as Noam Chomsky has stated. This loss does not only exist in regards to countries or nations, but also in regards to individual human rights. Over the last decades we have seen a will to annihilate the individual right to privacy and the sovereignty of choosing it. And this, as Chomsky pointed out, has been done in interest of the powerful. Because of this, journalists, activists, lawyers, and software developers fighting for this right have experienced increased harassment and unlawful detentions all over the world, specially in the Global South. When cryptography was born, a part of it was developed with the idea of giving people back this right to privacy in face of an ever increased surveillance state. Today, decades later, we still have some tools developed with those ideals in mind (PGP, OTR, Tor), but there is a lot of work to be done. There is fundamental need for talking about morality in the design of cryptographic algorithms and protocols. There is an increase need of taking into account the different countries where these protocols and algorithms will be used. There is a crucial need to think about the fundamental threat that activists face when working for privacy and how to help them in their field. In this talk, we will outline what questions can be inquired when developing cryptographic tools, which parts of the world should be taken into account, and what new proposed versions are there of the already created privacy-preserving tools (like the upcoming OTR version 4).

Ot van Daalen, Institute for Information Law (IViR) and Root Legal
Evaluating crypto restrictions under EU human rights law
We have learned from the Snowden-revelations that the US and UK have actively undermined cryptographic technologies. The Five Eyes-countries have floated proposals to weaken crypto. Australia recently adopted a law aimed at backdooring messaging services. Germany is considering a proposal to force messenger services, such as WhatsApp, to provide access to plaintext communications. And goverments are investing in quantum technologies to break strong encryption.
But cryptographic technologies are fundamental to privacy, freedom of expression and information security. So how should we assess these proposals and practices under European human rights law? And does human rights law perhaps create obligations on governments to actually support and protect these technologies?

Ryan Gallagher, The Intercept
Silicon Valley and China: US tech giants' complicity in the CCP regime's censorship and surveillance

Sjoera Nas, senior advisor Privacy Company
I know you didn't read the fine print!
If you use Microsoft Office 365, possibly in combination with Windows 10 Enterprise, what personal data does Microsoft collect about you? And what does the fine print say about the purposes for which Microsoft can process your data? At the request of the Dutch Ministry of Justice, Sjoera Nas has performed data protection impact assessments (DPIA) on the processing of data through Microsoft Office 365 ProPlus, Windows 10 Enterprise and the use of Azure VM's. In her talk she will explain how she investigated the data protection risks for users. This involved both technical analysis of the diagnostic data and close reading of the fine print, the terms and conditions. The key take aways from these assessments apply to all contracts with IT providers.

Adriana Nugter, Guest Lecturer TU/e & Independent Senior Advisor
Everything under control? – The GDPR one year later.
The GDPR has been in force for one year now. So where are we? Definitely some good things are happening. But will it be sufficient as a tool to protect citizens in an age of increasing use of biometrics and AI?

Paul Reuvers and Marc Simons, Cryptomuseum Eindhoven
Operation "Easy Chair" – How the Dutch helped the CIA to bug the Russian embassy
A small Dutch laboratory had a contract with the CIA to develop equipment for the use of covert bugging for the CIA. We will tell about two brilliant engineers who have developed all this and we will also explain how the operation took place.

Edward Snowden, Freedom of the Press Foundation
Combating Online Surveillance

David Stainton, Core developer of the Katzenpost mix network
Introduction to Mix Networks
This talk will introduce the fundamental concepts of mix networks by systematically describing attacks and defenses. Academics have proposed various anonymity technologies with far stronger threat models than Tor, but by far the most practical and efficient option remains mix networks, which date to the founding of anonymity research by David Chaum in 1981. Historically mix networks achieved enough mix entropy by using long delays whereas it is becoming more widely understood that there exists a trade off between legit traffic, decoy itraffic and latency.
I shall mention the Katzenpost free software project and how it allows developers to easily add network services to the mix network supporting a wide variety of client applications including but not limited to: cryptographic messaging, off-line browsing, transporting interactions with DHTs, CRDTs, databases, crypto currency blockchains etc. Join us in this new anonymity movement!

Back to main page for Security in Times of Surveillance with tweets and without tweets.