Homomorphic encryption: A game-changer shaping up
This article breaks down advancements in homomorphic encryption as it becomes more standardized, with the potential to change the way we manage and utilize personal data.
Read More
The EU’s temptation to break end-to-end encryption
The European Commission’s proposal to fight “child sexual abuse materials” has spurred controversy as it touches upon the issue of private interpersonal communications and might affect end-to-end encryption. This article discusses reactions to the proposal and the current state of play, its impact on end-to-end encryption, and the legislative process.
Read More
Decryption and Inspection and the Steps Needed for Privacy Compliance
This web conference provides an overview of the threat landscape and how attackers use encryption to their benefit and why the inspection of network traffic is necessary for privacy compliance.
Read More
How can homomorphic encryption address privacy in COVID-19 apps?
Husna Siddiqi and Dalia Khader explain how a cryptographic concept called “homomorphic encryption” may be able to help assuage privacy concerns around COVID-19 applications.
Read More
Encryption, redaction and the CCPA
This article dives into the differences between encryption and redaction and points to what privacy pros should be thinking about with consideration of the CCPA.
Read More
Encryption isn’t enough: Why conversational AI requires more
This piece covers why conversational AI solutions need to have a comprehensive security program in place to uphold privacy and maintain regulatory compliance, and why those AI providers cannot rely on encryption alone.
Read More
Additional News and Resources
Countries race to strengthen encryption standards as quantum computing advances
The New York Times reports on the race to develop stronger encryption techniques as the field of quantum computing continues to advance. The technology could bring substantial change to the medicine and artificial intelligence fields by reducing the time and power needed to run complex simulations, but it poses a major risk to privacy and data security.Full story... Read More
Spain's AEPD releases encryption assessment tool
Spain's data protection authority, the Agencia Española de Protección de Datos, released a browser app to assess the security of online encryption systems. The tool is meant to give guidance on what encryption standards to look for while processing personal data and does not transmit any information back to the authority.Full story... Read More
UK government publishes E2E encryption, child safety guidance
The U.K. Home Office released guidelines on the interplay between end-to-end encryption standards and children's safety as it relates to the recently passed U.K. Online Safety Bill. The office explained the overlap between the two topics, Meta's leading example on the matter, and current techniques and technological solutions being used. Notably, the guidance also lays out the application of the Online Safety Bill in the encryption-child safety context.Full story... Read More
Facebook Messenger expands encryption trials
Meta announced millions of Facebook Messenger accounts will be able to trial end-to-end encryption standards for individual and group chats. Meta is working to finalize default encryption standards by year's end and maintains it is on track to do so. The company said default encryption will "enhance the security we already provide and give people additional confidence that their personal messages will remain private."Full story... Read More
Apple to expand encryption in its cloud backups, halts CSAM rollout
Apple announced Wednesday a suite of data security improvements it plans to roll out in the coming months that aim to protect consumer data and ward off hackers. The three data security features include iMessage Contact Key Verification, Security Keys for Apple ID and Advanced Data Protection for iCloud. In a company announcement, Apple Senior Vice President of Software Engineering Craig Federighi said the new features will provide users with "three powerful new tools to further protect their ... Read More
Privacy Affairs — Complete guide on how to encrypt your internet traffic
This article from Privacy Affairs serves as an in-depth guide on how consumers can encrypt their internet connection. Read More
Outside Looking In: Approaches to Content Moderation in End-to-End Encrypted Systems
The Center for Democracy & Technology issued a report on end-to-end encryption and how individual rights, including privacy, can be upheld when facing problematic content on encrypted platforms. Read More
Multiparty computation as supplementary measure and potential data anonymization tool
Privacy-enhancing technologies like secure multiparty computation, homomorphic encryption, federated learning, differential privacy, secure enclaves, zero-knowledge proof or synthetic data are becoming increasingly relevant in practice and considered by regulators. Approaching the challenging trade-off between data privacy and data utility for a vast variety of use cases, privacy-enhancing technologies embed important privacy-by-design principles in the data life cycle. They aim at enabling inc... Read More
AEPD: Encryption and Privacy Series
This article series from the Spanish DPA (AEPD) breaks down and provides insight on different topics of encryption and privacy. Read More
Factsheet: How Encryption Can Protect Advocacy Groups and Social Change Movements
This guide, published by Internet Society, details how encryption can effectively serve as a tool for advocacy groups by protecting the integrity of personal information from hacking attempts and other vulnerabilities. Read More
Internet Society: Encryption unlocks the benefits of a thriving, trustworthy internet
This article, published by the Internet Society, analyzes the use and benefits of encryption technology, and how it fits into and supports the infrastructure of the internet, both present and future. Read More
FPF: Strong Data Encryption Protects Everyone
The Future of Privacy Forum released “Strong Data Encryption Protects Everyone,” a visual guide to data encryption. The interactive tool outlines how encryption works, where it is used and potential risks. “The infographic illustrates how strong encryption protects individuals, enterprises, and the government. View Visual Guide View Infographic (PDF) ... Read More
Measuring how encryption impacts potential liability under CCPA
In the last decade, California has suffered twice as many data breaches as any other state, with roughly 1,493 breaches affecting nearly 5.6 billion records. Where California’s privacy laws apply to an organization, encrypting customer data will provide immunity from the private right of action under the California Consumer Privacy Act and limit obligations of notification in the event of a data breach under California’s data breach notification law. Santa Clara University School of Law's Solima... Read More
Finding encryption's place in privacy law
In a piece for CMSWire, Securiti.ai Product Lead Anas Baig provides a breakdown of how encryption meshes with privacy regulations around the world. Baig goes into detail on what privacy laws in the U.S., EU, Canada, Brazil and others say about the deployment of encryption. Additionally, Baig lays out the fines associated with encryption while offering best practices for companies implementing it into their systems. "In this era of data privacy, encryption is no longer an option, but rather a nec... Read More
Australia’s anti-encryption collision with GDPR sub-processing
On Dec. 6, Australia passed a surprising law with a global impact on privacy. The new law requires any Australian company to build backdoors to encrypted data and communications when instructed to do so by the government, while also requiring secrecy about the existence of such surveillance capabilities from individuals and enterprise customers. This unverifiable question of compromised encryption presents many technical threats and introduces international regulatory compliance challenges as we... Read More
Why the 'encryption exception' may be over used
How familiar are you with the “encryption exception” in the EU General Data Protection Regulation and some U.S. state laws? It can be used to exempt a company from breach reporting and notification obligations if data was encrypted and the key had not also been compromised. The GDPR identifies the exception in Article 34(3)(a), stating that the breach notification of Article 34(1) is not required if “the controller has implemented appropriate technical and organisational protection measures, … ... Read More
Encryption and Globalization
This article by Peter Swire and Kenesa Ahmad offers a short history of wiretaps for phone and Internet data; highlights key lessons learned from the U.S. crypto wars of the 1990s; proposes reasons why effective encryption becomes even more important when the debate shifts from one country to a globalized setting, and synthesizes the key reasons supporting effective encryption in today’s globalized world. Read More