Formation 2001 Headquarters University of Toronto Director Ronald Deibert | Type Research Laboratory Location Toronto, Ontario Website citizenlab.org | |
 | ||
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. Founded and directed by Professor Ronald Deibert, the Citizen Lab studies information controls—such as network surveillance and content filtering—that impact the openness and security of the Internet and that pose threats to human rights. The Citizen Lab collaborates with research centres, organizations, and individuals around the world, and uses a "mixed methods" approach, which combines technical interrogation and analysis with intensive field research, qualitative social science, and legal and policy analysis methods.
Contents
- Funding
- Threats against civil society
- Measuring Internet censorship
- Application level information controls
- Commercial surveillance
- Commercial filtering
- Policy engagement
- Capacity building
- References
The Citizen Lab was a founding partner of the OpenNet Initiative (2002-2013) and the Information Warfare Monitor (2002-2012) projects. The Citizen Lab also developed the original design of the Psiphon censorship circumvention software, which was spun out of the Lab into a private Canadian corporation (Psiphon Inc.) in 2008.
The Citizen Lab’s research outputs have made global news headlines around the world, including front page exclusives in the New York Times, Washington Post, and Globe and Mail. In Tracking Ghostnet (2009) researchers uncovered a suspected cyber espionage network of over 1,295 infected hosts in 103 countries, a high percentage of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs. This seminal study was one of the first public reports to reveal a cyber espionage network that targeted civil society and government targets around the world. In Shadows in the Cloud (2010), researchers document a complex ecosystem of cyber espionage that systematically compromised government, business, academic, and other computer network systems in India, the Offices of His Holiness the Dalai Lama, the United Nations, and several other countries.
The Citizen Lab has won a number of awards for its work. The Citizen Lab is the first Canadian institution to win the MacArthur Foundation’s MacArthur Award for Creative and Effective Institutions (2014) and the only Canadian institution to receive a “New Digital Age” Grant (2014) from Google Executive Chairman Eric Schmidt. Past awards include the Canadian Library Association's Advancement of Intellectual Freedom in Canada Award (2013), the Canadian Committee for World Press Freedom’s Press Freedom Award (2011), and the Canadian Journalists for Free Expression’s Vox Libera Award (2010).
In July 2014, Citizen Lab was profiled in the Ars Technica article, Inside Citizen Lab, the “Hacker Hothouse” protecting you from Big Brother.
Funding
The Citizen Lab is independent of government or corporate interests. Financial support for the Citizen Lab has come from the Ford Foundation, the Open Society Institute, the Social Sciences and Humanities Research Council of Canada, the International Development Research Centre (IDRC), the Canada Centre for Global Security Studies at the University of Toronto’s Munk School of Global Affairs, the John D. and Catherine T. MacArthur Foundation, the Donner Canadian Foundation, and The Walter and Duncan Gordon Foundation. The Citizen Lab has received donations of software and support from Palantir Technologies, VirusTotal, and Oculus Info Inc.
Threats against civil society
The Citizen Lab’s Targeted Threats project seeks to gain a better understanding of the technical and social nature of digital attacks against civil society groups and the political context that may motivate them. The Citizen Lab conducts ongoing comparative analysis of a growing spectrum of online threats, including Internet filtering, denial-of-service attacks, and targeted malware. Targeted Threats reports have covered a number espionage campaigns and information operations against the Tibetan community and diaspora. Citizen Lab researchers and collaborators like the Electronic Frontier Foundation have also revealed several different malware campaigns targeting Syrian activists and opposition groups in the context of the Syrian Civil War. Many of these findings were translated into Arabic and disseminated along with recommendations for detecting and removing malware.
The Citizen Lab’s research on threats against civil society organizations has been featured on the front page of BusinessWeek, and covered in Al Jazeera, Forbes, Wired, among other international media outlets.
The group reports that their work analyzing spyware used to target opposition figures in South America has triggered death threats. In September 2015 members of the group received a pop-up that said:
Measuring Internet censorship
The OpenNet Initiative has tested for Internet filtering in 74 countries and found that 42 of them—including both authoritarian and democratic regimes—implement some level of filtering.
The Citizen Lab is continuing this research area through the Internet Censorship Lab (ICLab), a project to develop new systems and methods for measuring Internet censorship. It is a collaborative effort between The Citizen Lab, Professor Phillipa Gill’s group at Stony Brook University's Department of Computer Science, and Professor Nick Feamster’s Network Operations and Internet Security Group at Princeton University.
Application-level information controls
The Citizen Lab studies censorship and surveillance implemented in popular applications including social networks, instant messaging, and search engines.
Previous work includes investigations of censorship practices of search engines provided by Google, Microsoft, and Yahoo! for the Chinese market along with the domestic Chinese search engine Baidu. In 2008, Nart Villeneuve found that TOM-Skype (the Chinese version of Skype at the time) had collected and stored millions of chat records on a publicly accessible server based in China. In 2013, Citizen Lab researchers collaborated with Professor Jedidiah Crandall and PhD student Jeffrey Knockel at the University of Mexico to reverse engineering of TOM-Skype and Sina UC, another instant messaging application used in China. The team was able to obtain the URLs and encryption keys for various versions of these two programs and downloaded the keyword blacklists daily. This work analyzed over one year and a half of data from tracking the keyword lists, examined the social and political contexts behind the content of these lists, and analyzed those times when the list had been updated, including correlations with current events.
Current research focuses on monitoring information controls on the popular Chinese microblogging service Sina Weibo, Chinese online encyclopedias, and mobile messaging applications popular in Asia. The Asia Chats project utilizes technical investigation of censorship and surveillance, assessment on the use and storage of user data, and comparison of the terms of service and privacy policies of the applications. The first report released from this project examined regional keyword filtering mechanisms that LINE applies to its Chinese users.
Analysis of a popular cellphone app called "Smart Sheriff", by Citizen Lab, and the German group Cure53, asserted the app represented a security hole that betrayed the privacy of the children it was claimed it protected, and that of their parents. South Korean law required all cellphones sold to those under 18 to contain software designed to protect children, and Smart Sheriff was the most popular government approved app—with 380,000 subscribers. The Citizen Lab/Cure53 report described Smart Sheriff's security holes as "catastrophic".
Commercial surveillance
The Citizen Lab conducts groundbreaking research on the global proliferation of targeted surveillance software and toolkits, including FinFisher, Hacking Team and NSO Group.
FinFisher is a suite of remote intrusion and surveillance software developed by Munich-based Gamma International GmbH and marketed and sold exclusively to law enforcement and intelligence agencies by the UK-based Gamma Group. In 2012, Morgan Marquis-Boire and Bill Marczak provided the first public identification of FinFisher's software. The Citizen Lab and collaborators have done extensive investigations into FinFisher, including revealing its use against Bahraini activists, analyzing variants of the FinFisher suite that target mobile phone operating systems, uncovering targeted spying campaigns against political dissidents in Malaysia and Ethiopia, and documenting FinFisher command and control servers in 36 countries. Citizen Lab's FinFisher research has informed and inspired responses from civil society organizations in Pakistan, Mexico, and the United Kingdom. In Mexico, for example, local activists, and politicians collaborated to demand an investigation into the state’s acquisition of surveillance technologies. In the UK, it led to a crackdown on the sale of the software over worries of misuse by repressive regimes.
Hacking Team is a Milan, Italy-based company that provides intrusion and surveillance software called Remote Control System (RCS) to law enforcement and intelligence agencies. The Citizen Lab and collaborators have mapped out RCS network endpoints in 21 countries, and have revealed evidence of RCS being used to target a human rights activist in the United Arab Emirates, a Moroccan citizen journalist organization, and an independent news agency run by members of the Ethiopian diaspora. Following the publication of Hacking Team and the Targeting of Ethiopian Journalists, the Electronic Frontier Foundation and Privacy International both took legal action related to allegations that the Ethiopian government had compromised the computers of Ethiopian expatriates in the United States and UK.
The Citizen Lab’s research on surveillance software has been featured on the front pages of the Washington Post and the New York Times and covered extensively in news media around the world, including the BBC, Bloomberg, CBC, Slate, and Salon.
The Citizen Lab’s research on commercial surveillance technologies has resulted in legal and policy impacts. In December 2013, the Wassenaar Arrangement was amended to include two new categories of surveillance systems on its Dual Use control list—“intrusion software” and “IP Network surveillance systems”. The Wassenaar Arrangement seeks to limit the export of conventional arms and dual-use technologies by calling on signatories to exchange information and provide notification on export activities of goods and munitions included in its control lists. The amendments in December 2013 were the product of intense lobbying by civil society organizations and politicians in Europe, whose efforts were informed by Citizen Lab’s research on intrusion software like FinFisher and surveillance systems developed and marketed by Blue Coat Systems.
Commercial filtering
The Citizen Lab studies the commercial market for censorship and surveillance technologies, which consists of a range of products that are capable of content filtering as well as passive surveillance.
The Citizen Lab has been developing and refining methods for performing Internet-wide scans to measure Internet filtering and detect externally visible installations of URL filtering products. The goal in this work is to develop simple, repeatable methodologies for identifying instances of internet filtering and installations of devices used to conduct censorship and surveillance.
The Citizen Lab has conducted research into companies such as Blue Coat Systems, Netsweeper, and SmartFilter. Major reports include "Some Devices Wander by Mistake: Planet Blue Coat Redux" (2013), "O Pakistan, We Stand on Guard for Thee: An Analysis of Canada-based Netsweeper’s Role in Pakistan’s Censorship Regime" (2013), and Planet Blue Coat: Mapping Global Censorship and Surveillance Tools (2013).
This research has been covered in news media around the world, including the front page of the Washington Post, the New York Times, the Globe and Mail, and the Jakarta Post.
Following the 2011 publication of "Behind Blue Coat: Investigations of Commercial Filtering in Syria and Burma", Blue Coat Systems officially announced that it would no longer provide “support, updates. or other services” to software in Syria. In December 2011, the U.S. Department of Commerce's Bureau of Industry and Security reacted to the Blue Coat evidence and imposed a $2.8 million fine on the Emirati company responsible for purchasing filtering products from Blue Coat and exporting them to Syria without a license.
Citizen Lab's Netsweeper research has been cited by Pakistani civil society organizations Bytes for All and Bolo Bhi in public interest litigation against the Pakistani government and in formal complaints to the High Commission (Embassy) of Canada to Pakistan.
Policy engagement
The Citizen Lab is an active participant in various global discussions on Internet governance, such as the Internet Governance Forum, ICANN, and the United Nations Government Group of Experts on Information and Telecommunications.
Since 2010, the Citizen Lab has helped organize the annual Cyber Dialogue conference, hosted by the Munk School of Global Affairs’ Canada Centre, which convenes over 100 individuals from countries around the world who work in government, civil society, academia, and private enterprise in an effort to better understand the most pressing issues in cyberspace. The Cyber Dialogue has a participatory format that engages all attendees in a moderated dialogue on Internet security, governance, and human rights. Other conferences around the world, including a high-level meeting by the Hague-based Scientific Council for Government Policy and the Swedish government’s Stockholm Internet Forum, have taken up themes inspired by discussions at the Cyber Dialogue.
Capacity building
The Citizen Lab contributes to capacity building by supporting networks of researchers, advocates, and practitioners around the world, particularly from the Global South. The Citizen Lab has developed regional networks of activists and researchers working on information controls and human rights for the past ten years. These networks are in Asia (OpenNet Asia), the Commonwealth of Independent States (OpenNet Eurasia), and the Middle East and North Africa.
With the support of the International Development Research Centre (IDRC), the Citizen Lab launched the Cyber Stewards Network in 2012, which consists of South-based researchers, advocates, and practitioners who analyze and impact cybersecurity policies and practices at the local, regional, and international level. The project consists of 12 partners from across Asia, sub-Saharan Africa, Latin America, and the Middle East and North Africa.
Citizen Lab staff also work with local partners to educate and train at-risk communities. For example, in 2013 it collaborated with the Tibet Action Institute to hold public awareness events in Dharamsala, India, for the exiled Tibetan community on cyber espionage campaigns. In the winter of 2013, the Citizen Lab conducted a digital security training session for Russian investigative journalists at the Sakharov Center in Moscow.