Privacy / en Smartphones and privacy: U of T researchers on why we give access to apps /news/smartphones-and-privacy-u-t-researchers-why-we-give-access-apps <span class="field field--name-title field--type-string field--label-hidden">Smartphones and privacy: U of T researchers on why we give access to apps</span> <div class="field field--name-field-featured-picture field--type-image field--label-hidden field__item"> <img loading="eager" srcset="/sites/default/files/styles/news_banner_370/public/2023-05/GettyImages-1231819878-crop.jpg?h=afdc3185&amp;itok=8gK1I3ys 370w, /sites/default/files/styles/news_banner_740/public/2023-05/GettyImages-1231819878-crop.jpg?h=afdc3185&amp;itok=JZaemn6t 740w, /sites/default/files/styles/news_banner_1110/public/2023-05/GettyImages-1231819878-crop.jpg?h=afdc3185&amp;itok=QVNHlKmE 1110w" sizes="(min-width:1200px) 1110px, (max-width: 1199px) 80vw, (max-width: 767px) 90vw, (max-width: 575px) 95vw" width="740" height="494" src="/sites/default/files/styles/news_banner_370/public/2023-05/GettyImages-1231819878-crop.jpg?h=afdc3185&amp;itok=8gK1I3ys" alt="iphone screen with different social media pps like instagram, twitter, and facebook"> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>lanthierj</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2021-08-16T14:13:43-04:00" title="Monday, August 16, 2021 - 14:13" class="datetime">Mon, 08/16/2021 - 14:13</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item"><p>(Photo Illustration by Rafael Henrique/SOPA Images/LightRocket via Getty Images)</p> </div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/matthew-tierney" hreflang="en">Matthew Tierney</a></div> </div> <div class="field field--name-field-topic field--type-entity-reference field--label-above"> <div class="field__label">Topic</div> <div class="field__item"><a href="/news/topics/breaking-research" hreflang="en">Breaking Research</a></div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/schwartz-reisman-institute-technology-and-society" hreflang="en">Schwartz Reisman Institute for Technology and Society</a></div> <div class="field__item"><a href="/news/tags/electrical-computer-engineering" hreflang="en">Electrical &amp; Computer Engineering</a></div> <div class="field__item"><a href="/news/tags/faculty-applied-science-engineering" hreflang="en">Faculty of Applied Science &amp; Engineering</a></div> <div class="field__item"><a href="/news/tags/faculty-law" hreflang="en">Faculty of Law</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> <div class="field__item"><a href="/news/tags/research-innovation" hreflang="en">Research &amp; Innovation</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>If you hesitate when an app on your phone asks to access your location you’re not alone.</p> <p>That’s according to a new study from University of Toronto researchers that was&nbsp;conducted in four languages and across five continents.</p> <p>In&nbsp;<a href="https://security.csl.toronto.edu/news/privadroid-paper-accepted-at-usenix-security-2021/" target="_blank">a paper presented at Usenix Security’s Symposium</a>&nbsp;last week, U of T researchers examined why users choose to grant or deny permission when apps request access to contacts, calendars, microphones and more. The iPhone and Android operating systems give users control over data access when installing an app and during the app’s operation – a process known as a “runtime permission request.”</p> <p><b>David Lie</b>, a professor in&nbsp;the Edward S. Rogers Sr. department electrical and computer engineering (ECE) in the Faculty of Applied Science &amp; Engineering, says that when the team initially set out to determine which factors influence behaviour, they had no idea user expectations would be so significant.</p> <p>“An unexpected request is more than twice as likely to be denied,” Lie says. “Also, if there is some explanation for it – if the app conveys to the user why it needs access to something – then we see the denial rate cut in half.</p> <p>“App developers and smartphone OS designers should give serious consideration to how they communicate and set expectations with their users, which is more important than previously thought.”</p> <p>The multidisciplinary team of researchers included&nbsp;<b>Lisa Austin</b>, a cross-appointed ECE professor who is also chair in law and technology in the Faculty of Law. Both Austin and Li are also affiliated with the&nbsp;Schwartz Reisman Institute for Technology and Society.</p> <p><img alt src="/sites/default/files/Lie%20and%20Austin-crop.jpg" style="width: 750px; height: 500px;"></p> <p><em>Professors Lisa Austin and David Lie, pictured here prior to the COVID-19 pandemic, are part of a multidisciplinary team behind a new global study that explores the privacy expectations and behaviour of smartphone users (photo by&nbsp;Jessica MacInnis)</em></p> <p>To gather data for the study, the team developed an Android app, named PrivaDroid, that runs in the background of each participant’s phone for 30 days. After each new app installation or runtime permission request, PrivaDroid asks participants whether they expected the request and their rationale behind either granting or denying it.</p> <p>Using online advertising, they&nbsp;recruited more than 1,700 participants from a variety of countries with contrasting privacy legislation and levels of economic development. Over several months ending in the spring of 2020, PrivaDroid observed more than 36,000 permission events.</p> <p>“Previous studies were constrained to more artificial environments, where participants come into a lab or are set up with phone that’s not their own device,” says Lie. “This was first time someone has been able to do a global smartphone study ‘in the wild.’”</p> <p>Past research has shown that factors such as age, gender, country of residence and level of education can influence privacy behaviour.</p> <p>“Our study confirms this,” says Lie. “For example, women are more cautious about granting permissions than men, and young people grant permissions more often than older ones –&nbsp;but not as much as you might think.”</p> <p>Another finding was that participants who were rated ‘privacy sensitive’ according to the international Internet Users’ Information&nbsp;Privacy&nbsp;Concerns privacy scale have highly variable deny rates –&nbsp;and nearly 30 per cent of them grant permissions more frequently than average.</p> <p>“This gap between stated behaviour and actual behaviour is known as the ‘privacy paradox,’” says Lie. “This gap would make sense with behaviour one wouldn’t be proud of, but it’s hard to see how that applies with privacy. It’s a puzzle.”</p> <p>Are these people paying lip service to privacy concerns and then prioritizing their own convenience in the moment? The study reveals that this apparent contradictory behaviour is more nuanced.</p> <p>“The privacy-sensitive group who granted a lot of permissions said they expected them,” says Lie. “It’s possible they have a better understanding of how and why applications use permissions –&nbsp;that they’re avoiding the ‘creepy’ apps and installing the more transparent ones.”</p> <p>“So many complex technical and geopolitical issues converge around privacy,” says Professor&nbsp;<b>Deepa Kundur</b>, chair of ECE. “They truly demand a multidisciplinary approach and a long runway. This smartphone privacy study may be a first in its size, scope and complexity, but hopefully it’s the first of many.”</p> <p>Though prudence might suggest people deny permissions, “that belies how they actually use their phones,” says Lie. “If you really didn’t want what the app provided, or you thought the developer was malicious, you’d just uninstall the app. Smartphone users are telling us that clearly communicating expectations builds trust, and trust plays an important role in granting permissions.”</p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> Mon, 16 Aug 2021 18:13:43 +0000 lanthierj 170022 at From phishing scams to compromised passwords: U of T cyber security expert on how to stay safe online /news/phishing-scams-compromised-passwords-u-t-cyber-security-expert-how-stay-safe-online <span class="field field--name-title field--type-string field--label-hidden">From phishing scams to compromised passwords: U of T cyber security expert on how to stay safe online</span> <div class="field field--name-field-featured-picture field--type-image field--label-hidden field__item"> <img loading="eager" srcset="/sites/default/files/styles/news_banner_370/public/unsplash-data-privacy.jpg?h=afdc3185&amp;itok=sV5L8QR7 370w, /sites/default/files/styles/news_banner_740/public/unsplash-data-privacy.jpg?h=afdc3185&amp;itok=BGx6HXro 740w, /sites/default/files/styles/news_banner_1110/public/unsplash-data-privacy.jpg?h=afdc3185&amp;itok=uhjmDDaH 1110w" sizes="(min-width:1200px) 1110px, (max-width: 1199px) 80vw, (max-width: 767px) 90vw, (max-width: 575px) 95vw" width="740" height="494" src="/sites/default/files/styles/news_banner_370/public/unsplash-data-privacy.jpg?h=afdc3185&amp;itok=sV5L8QR7" alt="Photo of someone using smartphone"> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>Romi Levine</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2019-01-28T16:53:56-05:00" title="Monday, January 28, 2019 - 16:53" class="datetime">Mon, 01/28/2019 - 16:53</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item">Whether you're browsing social media sites or checking your work email, there are ways to protect your data online (photo by rawpixel via Unsplash)</div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/romi-levine" hreflang="en">Romi Levine</a></div> </div> <div class="field field--name-field-topic field--type-entity-reference field--label-above"> <div class="field__label">Topic</div> <div class="field__item"><a href="/news/topics/our-community" hreflang="en">Our Community</a></div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/cyber-security-0" hreflang="en">Cyber Security</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>The internet is everywhere – from smartphones to cars and fridges. While that means our apps and appliances are more sophisticated than ever before, so too are the hackers, scammers and phishers who&nbsp;are trying to access your personal information. &nbsp;</p> <p>Today, the University of Toronto is raising awareness about managing the risks&nbsp;of the digital world and providing resources to help the university community stay safe online with <a href="https://securitymatters.utoronto.ca/january-28th-is-data-privacy-day/">Data Privacy Day</a> events taking place on the downtown Toronto campus. There is also a wealth of information available at <a href="https://securitymatters.utoronto.ca/">securitymatters.utoronto.ca</a>, including tools like <a href="https://securityplanner.org/#/">Citizen Lab’s security planner</a>, which gives you a personalized online safety recommendation, and a series of video tutorials with online safety tips. &nbsp;</p> <p><strong>Isaac Straley,&nbsp;</strong>U of T’s first-ever chief information security officer, shared his tips with <em>U of T News</em> on how to put your online privacy first.</p> <h3>Protect your passwords</h3> <p>“Password management is one of the most important things for everybody to be paying attention to right now,” says Straley.</p> <p>Compromised accounts are one of the primary ways that data breaches happen, but there are a number of ways to keep yours safe and secure. &nbsp;</p> <p>The first is using websites or applications with two-factor or multifactor authentication – where you are required to provide more than just a password when logging in.</p> <p>“When you're using banking or other online tools, they might send you a code in addition to putting in your password or might have you push a button on your phone,” says Straley. “What this does is make it harder for an attacker to just know your password because you have to have the other information to be able to log in.”</p> <p>The university is starting to roll out two-factor authentication for Office 365 for faculty and staff, he says.</p> <p><strong><a href="https://twofactorauth.org/">Protip: Check out twofactorauth.org to find out if a website uses two-factor authentication.</a></strong></p> <p>Straley also says to avoid reusing passwords, but recognizes that remembering them all can be a challenge.</p> <p>“Using a password manager is a really good tool,” says Straley. Apps like Password Safe and KeePass allow you to generate and store multiple passwords in one safe place – and not in your head.</p> <p>But don’t put everything in your password manager, Straley warns. “Take the logins that are the most sacred or most important – protect the highest risk information – and remember those. But put everything else in the password manager so you don't have to waste your valuable brain space on remembering half a dozen passwords.”</p> <h3>Don’t be bait for phishing scams</h3> <p>It’s getting harder to distinguish&nbsp;an email scam from a legitimate message, but there are a few red flags you should be aware of, says Straley.</p> <p>“Number one is almost always urgency,” he says. “When someone is asking you to do something fast.”</p> <p>Emails warning you your account is about to be locked, or that you’ve gone over a quota are likely coming from illegitimate sources.</p> <p>“Another one we’re starting to see more of are emails that look like they come from a supervisor or a manager or a colleague that say, ‘Hey, I'm really busy right now, can you help me out?’”</p> <p>Don’t be fooled by these seemingly personal messages, says Straley. As soon as you agree to help, the scammer will ask you to do something for them, like buy a gift card.</p> <p>“When you do, you end up spending your money and giving the gift cards to the attackers,” he says.</p> <h3>Personalize your privacy settings</h3> <p>It doesn’t matter if you’re a technophobe or a social media addict, you need to decide what level of privacy you’re comfortable with online, says Straley.</p> <p>“I'm surprised how often folks don't stop and think about what they expect from their online life. Most of the services are pretty open on their privacy settings,” he says.</p> <p>With social media platforms like Twitter, Instagram and Facebook, Straley says to make sure that the sharing settings are restricted to the communities you are specifically looking to engage online.</p> <p>“Especially if you install a lot of social media and tools that have applications on the phone or multiple devices, those tools will ask for a lot of permissions like ‘give us access to all your photos or your mic, camera, or your location settings,’” he says.</p> <p>Depending on the operating system you use, Straley says, you can choose to share your information with an application only when you're using it.</p> <h3>Cyber crime fighting at U of T</h3> <p>“A big portion of what we do is identifying different resources that would be attacked and making sure they are protected,” says Straley of his information security team.</p> <p>“We’ve got tools that allow us to detect attacks – in our jargon they're called intrusion prevention or detection systems – and we have other ways to look for bad activity,” he says.</p> <p>U of T also co-ordinates with fellow higher education institutions, governments and other organizations so it knows what to look out for. &nbsp;</p> <p>“One of our biggest challenges is just keeping up with the attackers,” Straley says.</p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> Mon, 28 Jan 2019 21:53:56 +0000 Romi Levine 151952 at Panel discussion to explore data privacy, social media in health care /news/panel-discussion-explore-data-privacy-social-media-health-care <span class="field field--name-title field--type-string field--label-hidden">Panel discussion to explore data privacy, social media in health care</span> <div class="field field--name-field-featured-picture field--type-image field--label-hidden field__item"> <img loading="eager" srcset="/sites/default/files/styles/news_banner_370/public/2018-05-15-hospital-resized.jpg?h=afdc3185&amp;itok=vjRll3Ro 370w, /sites/default/files/styles/news_banner_740/public/2018-05-15-hospital-resized.jpg?h=afdc3185&amp;itok=L_a1OhUO 740w, /sites/default/files/styles/news_banner_1110/public/2018-05-15-hospital-resized.jpg?h=afdc3185&amp;itok=ipnIeX3F 1110w" sizes="(min-width:1200px) 1110px, (max-width: 1199px) 80vw, (max-width: 767px) 90vw, (max-width: 575px) 95vw" width="740" height="494" src="/sites/default/files/styles/news_banner_370/public/2018-05-15-hospital-resized.jpg?h=afdc3185&amp;itok=vjRll3Ro" alt="Photo of a doctor's tools"> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>noreen.rasbach</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2018-05-15T13:45:42-04:00" title="Tuesday, May 15, 2018 - 13:45" class="datetime">Tue, 05/15/2018 - 13:45</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item">(photo by rawpixel via Unsplash)</div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/nicole-bodnar" hreflang="en">Nicole Bodnar</a></div> </div> <div class="field field--name-field-topic field--type-entity-reference field--label-above"> <div class="field__label">Topic</div> <div class="field__item"><a href="/news/topics/city-culture" hreflang="en">City &amp; Culture</a></div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/institute-health-policy-management-and-evaluation" hreflang="en">Institute of Health Policy Management and Evaluation</a></div> <div class="field__item"><a href="/news/tags/dalla-lana-school-public-health" hreflang="en">Dalla Lana School of Public Health</a></div> <div class="field__item"><a href="/news/tags/faculty-medicine" hreflang="en">Faculty of Medicine</a></div> <div class="field__item"><a href="/news/tags/health" hreflang="en">Health</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> </div> <div class="field field--name-field-subheadline field--type-string-long field--label-above"> <div class="field__label">Subheadline</div> <div class="field__item"> </div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Political views and voting patterns were allegedly compromised in Facebook’s Cambridge Analytica data breach, but what if personal health information was leaked as a result of poor public policy on data privacy?</p> <p>“Good data governance is the best way to mitigate risk and it’s absolutely critical when the public’s health is at stake,” said <strong>Jennifer Gibson</strong>, director of the <a href="http://jcb.utoronto.ca/">University of Toronto Joint Centre for Bioethics</a> (JCB).</p> <p><img alt class="media-image attr__typeof__foaf:Image img__fid__8359 img__view_mode__media_large attr__format__media_large" src="/sites/default/files/2018-05-15-Jennifer%20Gibson-resized.jpg" style="width: 300px; height: 275px; margin: 10px; float: left;" typeof="foaf:Image">“If digital technologies are to realize their promise of improving health, ensuring public trust must be a primary goal. This means engaging potential ethical issues upfront and with intention,” said Gibson&nbsp;(pictured left), also an associate professor at the Institute of Health Policy, Management and Evaluation.</p> <p>Digital technologies are increasingly prevalent in daily life and it’s commonplace to see a patient blogging about their health-care journey or a surgeon tweeting from the operating room. That’s why the JCB is hosting a panel discussion on <a href="https://www.eventbrite.ca/e/bioethics-for-health-in-a-digital-age-registration-44165171216?aff=efbeventtix">Bioethics for Health in a Digital Age</a>&nbsp;at Hart House on Wednesday to explore the urgent need for new bioethical parameters in a digital world.</p> <p>The all-women panel includes a surgeon, a bioethicist and a privacy lawyer, all of whom are intimately aware of the benefits and pitfalls of delivering health care in an increasingly digital world where the speed of technological advancement far outpaces reflective public policy that addresses ethical dilemmas.</p> <p>“There aren’t enough conversations happening around the ethical challenges related to data power and governance,” said Gibson. “If we fail to put safeguards in place, important decisions will be made for us by corporations that don’t always have patients’ best interests in mind.”</p> <p>Dr. <strong>Karen Devon</strong>, assistant professor of surgery at U of T’s Faculty of Medicine, will discuss her personal journey with social media in the clinical setting.</p> <p>“We must be cognizant of the scope and permanence of anything posted online, which can be used for good or bad. Everyone needs to be very thoughtful before pressing the ‘post’ button and always consider all the potential impacts,” said Devon, who is an endocrine surgeon at <a href="http://www.womenscollegehospital.ca/">Women’s College Hospital</a>.</p> <p>Devon will be joined by fellow panellists Ann Heesters, director of bioethics at the University Health Network, and <a href="https://www.fasken.com/en/rosario-cartagena#sort=%40fclosedate79734%20descending">Rosario G. Cartagena</a>, a senior associate at Fasken Martineau and an expert on privacy and risk management.</p> <p>The JCB is based at the <a href="http://www.dlsph.utoronto.ca/">Dalla Lana School of Public Health</a> and is home to the largest academic community of health-care ethicists in the world. As the first WHO Collaborating Centre for Bioethics, the JCB is an international leader in end-of-life care, resource allocation ethics, infectious disease ethics, and global health ethics.</p> <p><a href="https://www.eventbrite.ca/e/bioethics-for-health-in-a-digital-age-registration-44165171216?aff=efbeventtix">Bioethics for Health in a Digital Age</a> is open to the U of T community on May 16. Registration is required. Doors open at 5 p.m. Opening remarks and panel discussion will take place from 5:30-7 p.m. with a cocktail reception to follow.</p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> Tue, 15 May 2018 17:45:42 +0000 noreen.rasbach 135374 at U of T's Citizen Lab and Open Effect develop privacy watchdog tool for Canadian consumers /news/u-t-s-citizen-lab-and-open-effect-develop-privacy-watchdog-tool-canadian-consumers <span class="field field--name-title field--type-string field--label-hidden">U of T's Citizen Lab and Open Effect develop privacy watchdog tool for Canadian consumers </span> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>lanthierj</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2016-06-24T16:40:10-04:00" title="Friday, June 24, 2016 - 16:40" class="datetime">Fri, 06/24/2016 - 16:40</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item">(photo by uditha wickramanayaka via flickr)</div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/adrienne-harry" hreflang="en">Adrienne Harry</a></div> </div> <div class="field field--name-field-author-legacy field--type-string field--label-above"> <div class="field__label">Author legacy</div> <div class="field__item">Adrienne Harry</div> </div> <div class="field field--name-field-topic field--type-entity-reference field--label-above"> <div class="field__label">Topic</div> <div class="field__item"><a href="/news/topics/city-culture" hreflang="en">City &amp; Culture</a></div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/citizen-lab" hreflang="en">Citizen Lab</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> <div class="field__item"><a href="/news/tags/political-science" hreflang="en">Political Science</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>You want to meet someone new or track how many steps you take in a day. But your dating and fitness apps might have other plans for your personal data. &nbsp;</p> <p>Enter <a href="https://accessmyinfo.org/#/">Access My Info</a>, an online tool developed by <a href="https://openeffect.ca/">Open Effect </a>and the University of Toronto’s <a href="http://citizenlab.org/">Citizen Lab,</a> at the Munk School of Global Affairs. This tool makes it easier for Canadians to keep track of how their personal information is being used.&nbsp;</p> <p>“Access My Info empowers individual Canadians to easily exercise their legal right to understand what data is out there about them, whether that information is shared and, if so, with whom,” said <strong>Andrew Hilts</strong>, executive director of Open Effect and researcher at the Citizen Lab.&nbsp;</p> <p>“This will help consumers make informed choices, and help companies assess whether their policies and practices are meeting the needs of their customers while also complying with the law.”</p> <h2><a href="http://www.ctvnews.ca/sci-tech/is-tinder-or-fitbit-using-your-personal-data-online-tool-shows-you-how-to-ask-1.2956721">See the CTV story</a></h2> <p>Under the Personal Information Protection and Electronic Documents Act, Canadians have the right to ask companies for a record of what personal data the company is keeping on them. But the process of doing so can be complicated, especially if you don’t know the right questions to ask.&nbsp;</p> <p>This is where Access My Info helps. In just a few minutes users can create a custom letter, crafted by policy experts from the Citizen Lab, that asks companies careful questions about how personal data is collected and used. &nbsp;The tool streamlines a potentially convoluted process, making it easier for the average Canadian to exercise their privacy rights.&nbsp;</p> <p>“Most Internet users are either ignorant of, or apathetic about, the data they give away and what companies and governments do with it. When faced with lengthy and confusing terms of service, most users simply click ‘I agree’,” Professor <strong>Ronald Deibert</strong>, director of the Citizen Lab, says. &nbsp;</p> <p>“Tools like Access My Info, in which consumers exercise their privacy rights to inquire how companies handle the data they collect on them, will help both bolster these rights and let companies and governments know we are watching.”&nbsp;</p> <p>Funded by the Canadian Internet Registration Authority (CIRA) through its Community Investment Program, the aim of the Access My Info tool is to build more honest online relationships between Canadian companies and consumers. David Fowler, CIRA’s director of marketing and communications, adds that it never hurts for consumers to be informed.</p> <p>“Just as we should do periodic checks of our own credit scores to ensure that our financial house is in order, it’s equally, if not more important to know what the companies we do business with are doing with the information we give them.”</p> <p>(<a href="https://www.flickr.com/photos/126915310@N08/16981803257/in/photolist-rSCbtk-rvXQso-ssekqA-ryZUEe-5xuJuw-8kLCKi-rszwxL-4GcnSN-qC7idw-sb6am4-sBDC4d-crZJPC-oVGPG5-p1DE2x-nJMbfu-cqgqk5-rxBwdE-dU8Sg2-eGZDMF-rfUHEe-s4nuWg-ryfkqZ-rQ7PA3-nLzC8A-hxa7sJ-qim216-nr21vh-roYEVr-w3vLFh-rqA2Le-paujMX-p7dEzG-pZL2Qf-sHZvcb-pfM3vV-brXyci-s4m2Ux-pZSTe5-kBxhP2-sqWx8n-6akRDL-dgqxf3-rdTaJa-qHhyMV-ry9qTv-e6fbBH-fcEmHq-r5ovPJ-4r33wX-AB4xbP">visit flickr to see the original of the photo used above</a>)</p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> Fri, 24 Jun 2016 20:40:10 +0000 lanthierj 14458 at Digital Hygiene website aims to make the Internet a little less scary /news/digital-hygiene-website-aims-make-internet-little-less-scary <span class="field field--name-title field--type-string field--label-hidden">Digital Hygiene website aims to make the Internet a little less scary</span> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>sgupta</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2016-03-01T06:13:46-05:00" title="Tuesday, March 1, 2016 - 06:13" class="datetime">Tue, 03/01/2016 - 06:13</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item"> “It's like the Wild West online” (photo by Enko Koceku)</div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/terry-lavender" hreflang="en">Terry Lavender</a></div> </div> <div class="field field--name-field-author-legacy field--type-string field--label-above"> <div class="field__label">Author legacy</div> <div class="field__item">Terry Lavender</div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/more-news" hreflang="en">More News</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> <div class="field__item"><a href="/news/tags/munk-school-global-affairs-public-policy" hreflang="en">Munk School of Global Affairs &amp; Public Policy</a></div> </div> <div class="field field--name-field-subheadline field--type-string-long field--label-above"> <div class="field__label">Subheadline</div> <div class="field__item">Munk School project offers advice on online risks</div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><em>“You’re less incognito than you think.”</em></p> <p>That’s the blunt message that greets visitors to the recently created <a href="https://hygiene.digitalpublicsquare.com/" target="_blank">Hygiene in the Digital Public Square website</a>, a joint project of U of T’s Munk School of Global Affairs and online security specialists eQualit.ie.</p> <p><em>“Malicious apps, theft, spam, cyber stalking, censorship, surveillance. There are no foolproof answers to risk online,” </em>the website continues. “<em>But there is advice to help</em>.”</p> <p>Hygiene in the Digital Public Square was created to give that advice. It offers guidelines on email, social networks, computers, data, identity and location, phones and more. For example, if a user clicks on “Access to the web” they see a brief introduction to security issues with websites and then can choose between three specific scenarios – connecting to a website anonymously, figuring out why a website is unreachable, or connecting to a website securely. Choosing one of the options brings up advice on how to achieve the goal and links to online tools that might help.</p> <p><strong>Sean Willett</strong>, creative director for the project, is one of the founders of the site. He spoke to U of T News about Hygiene in the Digital Public Square recently.</p> <p><strong>The Hygiene site is an offshoot of the Munk School’s Digital Public Square project, which is designed to increase digital communications access for people who face repression in countries worldwide. Is the Hygiene site just for people in authoritarian countries?</strong></p> <p>The Hygiene site is for everyone. Yes, it’s helpful for people under authoritarian regimes, but the Internet in general is sensitive digital space, and there are many actors in that space who can be malicious. It runs the gamut from an authoritarian government that’s punishing bloggers worldwide for writing what they want to write, to ISIS targeting internet cafes in Raqqa, to hackers who might be out for a bit of fun or something more malicious.</p> <p>It’s like the Wild West online. There’s such a gap between what you’re experiencing on a computer and what’s actually happening to you. People don’t realize how much they’re being tracked. Even when you move in between websites – from Google to Facebook to your favourite news site, ad trackers in the background are monitoring you and your identity. With three points of data on a Google Map – where you go to work, where you shop, and your home – Google knows enough about you to identify you as unique. It knows what you’re shopping for; can guess your rough level of income; and a lot more. Some days you might be okay with that, some days you may not be. This site helps on may-not-be days.</p> <p><strong>How did you develop the site?</strong></p> <p>I approached the founder of eQualit.ie, Dmitri Vitaliev, saying I’d love to build something that’s natural language for users connecting to our websites. Something that offers no-nonsense answers about what it really means to have “great digital hygiene” online. He said what he’d love to do is develop a process that takes people through an interview, a “Q and A” process. That was just right. The design, the development, user experience was managed by Munk’s Digital Public Square team, and eQualit.ie mapped the question and answer framework.</p> <p><strong>Can you give an example of how people might use the site?</strong></p> <p>Ever worried about deleting a file permanently? You must have at some point. An email, or maybe a picture, that you’re really embarrassed about. So you delete it – but when you delete a file, you never really delete it off the computer. To really get rid of something so no one can recover it is a process that involves a few smart steps. That’s an example of the kind of thing this site explains how to do.</p> <p>When you land on our site, we assume that the user may or may not know where they want to start to become a bit safer online. Hopefully, the process helps them uncover information not only about the thing that they’re looking for, but also the kinds of tools and how-to’s that they need in order to be cleaner, protect their identity, stop getting viruses or avoid surveillance in dangerous environments. This way beginners and advanced users are able to find something useful in the project.</p> <p><strong>Does the Hygiene site itself protect users’ identities?</strong></p> <p>It’s an anonymous process on the site. We do our best to automatically scrub any information that could identify a visiting user. I can’t say it enough – most people do not realize how identifiable they are when just browsing the web regularly.</p> <p>When you land on our page you can immediately sift through the questions that interest, and importantly, tell us if it was useful without revealing your identity. And we hope users do. Each answer gives them a chance to say, “I think it was really helpful” or “it wasn’t helpful” – with the support of crowdsourcing, we can make this project better.&nbsp;</p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> <div class="field field--name-field-picpath field--type-string field--label-above"> <div class="field__label">picpath</div> <div class="field__item">sites/default/files/Willett_3 (2).jpg</div> </div> Tue, 01 Mar 2016 11:13:46 +0000 sgupta 7689 at Fitness tracker flaws exposed by U of T's Citizen Lab and Open Effect /news/fitness-tracker-flaws-exposed-u-ts-citizen-lab-and-open-effect <span class="field field--name-title field--type-string field--label-hidden">Fitness tracker flaws exposed by U of T's Citizen Lab and Open Effect</span> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>sgupta</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2016-02-02T02:02:40-05:00" title="Tuesday, February 2, 2016 - 02:02" class="datetime">Tue, 02/02/2016 - 02:02</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item">The Apple Watch was the only device tested that had no issues, researchers said (photo by LWYang via flickr)</div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/alex-gillis" hreflang="en">Alex Gillis</a></div> </div> <div class="field field--name-field-author-legacy field--type-string field--label-above"> <div class="field__label">Author legacy</div> <div class="field__item">Alex Gillis</div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/top-stories" hreflang="en">Top Stories</a></div> <div class="field__item"><a href="/news/tags/surveillance" hreflang="en">Surveillance</a></div> <div class="field__item"><a href="/news/tags/sports" hreflang="en">Sports</a></div> <div class="field__item"><a href="/news/tags/sport" hreflang="en">Sport</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> <div class="field__item"><a href="/news/tags/munk-school-global-affairs-public-policy" hreflang="en">Munk School of Global Affairs &amp; Public Policy</a></div> <div class="field__item"><a href="/news/tags/fitness" hreflang="en">Fitness</a></div> <div class="field__item"><a href="/news/tags/citizen-lab" hreflang="en">Citizen Lab</a></div> </div> <div class="field field--name-field-subheadline field--type-string-long field--label-above"> <div class="field__label">Subheadline</div> <div class="field__item"> Research backed by Office of the Privacy Commissioner of Canada’s Contributions Program </div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Barb Gormley didn’t know that strangers could track her fitness tracker. Or that anyone could rip off personal data leaking from the device.</p> <p>The personal trainer and her clients use the exercise-boosting devices to record steps taken, calories burned and other data about their progress when working out.</p> <p>“People are hooked on them,” she said. “I feel like I have a training assistant.”</p> <p>But the machines also leak personal information –&nbsp;such as name, age and gender –&nbsp;communicated via wifi.</p> <p>Researchers at the University of Toronto released a new report on Feb. 2 that revealed major security and privacy issues in devices made by Basis, Fitbit, Garmin, Jawbone, Mio, Withings and Xiaomi. The research involved analyzing data transmissions between the Internet and apps for the fitness trackers. The story is already making headlines. (<a href="http://www.cbc.ca/news/technology/fitness-trackers-monitoring-users-1.3428817">Read the CBC coverage</a>.)</p> <p>The report, <a href="https://openeffect.ca/reports/Every_Step_You_Fake.pdf">Every Step You Fake: A Comparative Analysis of Fitness Tracker Privacy and Security</a>, shows that Bluetooth on seven fitness trackers studied leak personal data that enable anyone near a device to track a user’s location over time. Researchers also found that certain devices by Garmin and Withings transmit information without encryption, leaking other personal data to anyone with the know-how to collect the leaks.&nbsp;</p> <p>The researchers also analyzed the Apple Watch and found no issues.</p> <h2><a href="https://openeffect.ca/reports/Every_Step_You_Fake.pdf">Read the complete report</a></h2> <p>The report is a collaborative effort between Open Effect, a non-profit applied research group focusing on digital privacy and security, and the Citizen Lab at the Munk School of Global Affairs at U of T. Open Effect previously published research on the security of ad tracking cookies. It also developed Access My Info, an application that makes it easy for Canadians to file legal requests for access to their personal information.</p> <p>“I hadn’t thought about the issues too much,” said Gormley, “that somebody could find me using my watch.”</p> <p>“The upside is they’re so great,” she said. She uses a Garmin device. “I guess we’re maybe a bit blind that there could be a downside.”</p> <p>The downside, said <strong>Andrew Hilts</strong>, one of the report’s authors, stems from the fact that each device has a unique identifier emitted constantly via Bluetooth, even after users think they’ve stopped using it.</p> <p>Hilts, the executive director of Open Effect and a research fellow with the Citizen Lab at the Munk School, said that means anyone –&nbsp;from savvy analytics firms or just someone in a coffee shop –&nbsp;could collect that unique identifier and, in some cases, collect your location and a whole lot more.</p> <p>“The perception might be, ‘Okay, I’m done with this. I’m turning off Bluetooth,’ but your tracker is still emitting this unique identifier, even if your phone has Bluetooth turned off,” Hilts explained.</p> <p>“There is a Bluetooth privacy standard in place that provides specifications on how device manufacturers can protect the privacy of their users,” Hilts said. “We’re trying to encourage fitness tracking companies to adopt this standard.” Most devices mentioned in the report do not implement Bluetooth privacy, leaving users vulnerable to location-based surveillance.&nbsp;</p> <p>“We hope our findings will help consumers make more informed decisions about how they use fitness trackers, help companies improve the privacy and security of their offerings, and help regulators understand the current landscape of wearable products.”</p> <p>Their findings come on the heels of a report by Professor&nbsp;<strong>Guy Faulkner</strong>&nbsp;and master's student <strong>Krystn Orr </strong>of U of T's&nbsp;Faculty of Kinesiology &amp; Physical Education that examined the reliability of smartphone pedometer applications.&nbsp;</p> <p>Released at the end of 2015, that research found an “unacceptable error percentage”&nbsp;in all apps compared with actual pedometers and urged “caution in their promotion to the public for self-monitoring physical activity and in their use as tools for assessing physical activity in research trials”.</p> <h2><a href="http://news.utoronto.ca/stuck-traffic-these-pedometer-apps-think-youre-walking">Read:&nbsp;Stuck in traffic? These apps think you're walking</a></h2> <p>The Citizen Lab and Open Effect researchers sought contact with the seven fitness tracker companies whose products exhibited security vulnerabilities. Fitbit, Intel (Basis), and Mio responded and engaged the researchers in a dialogue. Fitbit further expressed interest in exploring the topic of implementing Bluetooth privacy features in its communications with the researchers. Out of the devices studied, only the Apple Watch adopted the Bluetooth privacy standard.</p> <p>The report’s authors, Hilts, <strong>Christopher Parsons</strong> and <strong>Jeffrey Knockel</strong>, reveal a third issue that arose in the Withings and Jawbone devices: users can falsify their own activity levels. The findings cast doubt on the reliability of data for insurance or other purposes.</p> <p>“Maybe I’m naïve,”&nbsp;Gormley said. “Maybe an insurance company is conducting top-secret research on me and decide they don’t want to give me insurance?”</p> <p>“Should I be worried?”&nbsp;</p> <p>(<a href="https://www.flickr.com/photos/lwy/16893674013/in/photolist-rJQuHB-zijWKT-rx29be-zUuUgC-rgC2Z9-uws237-zsuCpS-zhSKji-ChVb2s-tsVfd1-tKBFJM-sNujMo-tsUEqj-sNujTq-tt41Qc-tKBERK-sNEFuK-rgBZfw-san4Ex-tKvqd2-tHaHbU-tKbDso-tsVfJS-tsUES1-tHaHd7-tKvpEi-tKBFcp-tHaHdC-tsVf2u-tKBEVx-tsVfzU-tHaHwd-tt42e8-tKBFzP-tKBEVT-tKBFhz-tKvpwT-tsUEs3-tsVfom-sNujHq-tHaJ21-tKBFLF-tKvpLR-sNujGo-tsUEiq-sNEFzp-tsVfW5-tKbCKG-tKBF1x-tKbCKw">Visit flickr to see the original of the photo used above</a>)</p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> <div class="field field--name-field-picpath field--type-string field--label-above"> <div class="field__label">picpath</div> <div class="field__item">sites/default/files/2016-02-02-apple-watch-1.jpg</div> </div> Tue, 02 Feb 2016 07:02:40 +0000 sgupta 7624 at NSA whistleblower Thomas Drake at U of T /news/nsa-whistleblower-thomas-drake-u-t <span class="field field--name-title field--type-string field--label-hidden">NSA whistleblower Thomas Drake at U of T</span> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>sgupta</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2013-12-09T04:49:09-05:00" title="Monday, December 9, 2013 - 04:49" class="datetime">Mon, 12/09/2013 - 04:49</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item">Thomas Drake, whistleblower and former senior NSA official speaks at the U of T iSchool. (photo by Johnny Guatto)</div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/kathleen-o-brien" hreflang="en">Kathleen O'Brien</a></div> </div> <div class="field field--name-field-author-legacy field--type-string field--label-above"> <div class="field__label">Author legacy</div> <div class="field__item">Kathleen O'Brien</div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/more-news" hreflang="en">More News</a></div> <div class="field__item"><a href="/news/tags/surveillance" hreflang="en">Surveillance</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> <div class="field__item"><a href="/news/tags/ischool" hreflang="en">iSchool</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Thomas Drake, whistleblower and former senior National Security Agency (NSA) official, began his talk at the University of Toronto by telling the audience that he was&nbsp;told at the airport that&nbsp;his American passport was not enough to get into the country.</p> <p>He had to&nbsp;provide papers showing he was invited to give a lecture at U of T's&nbsp;Faculty of Information (iSchool).</p> <p>Drake cited this&nbsp;as an example of what’s at stake for democracy and liberty as he began his talk, "Secret NSA/CSEC Surveillance versus Democracy: What's at Stake for the US &amp; Canada?"</p> <p>With interested followers from around the world watching a live feed,&nbsp;Drake explained how, after working at the NSA for six-and-a-half years, he was investigated and charged with espionage for allegedly disclosing secret information. The charges were dropped and since then&nbsp;Drake has devoted his life to helping citizens become more aware.</p> <p>“When you see what I went through for five plus years, at the receiving end of a surveillance state in the US, you gain a better appreciation for what truly is at stake," Drake said. "I’ve already lived in a surveillance state. And I don’t want anyone else to live it with me, and don’t want the future to be owned by a surveillance state.</p> <p>"We are individuals, human beings, we have rights. That makes us sovereign."</p> <p>Professor <strong>Andrew Clement </strong>invited Mr. Drake to speak after recent explosive disclosures made by another former NSA contractor, Edward Snowden, that have challenged notions of privacy and democracy.</p> <p>“The little we know about these surveillance agencies comes not through our usual institutions of democratic oversight, but because of a few very brave whistle blowers who have worked on the inside, and who have not been able to tolerate what they see, and who at great personal risk, expose the information to let us, the public, be much better informed, to what we have a right to,” Clement said in his introduction.</p> <p>As listeners expected, Drake didn’t hold back, discussing how in a post-911 era, he feels the government has gone far beyond investigating legitimate threats.</p> <p><iframe allowfullscreen frameborder="0" height="315" src="//www.youtube.com/embed/xgg8K26dcXs" width="560"></iframe></p> <p>“National security, an extremely overloaded phrase, is now the state religion in many democracies, including in the US, now increasingly in Canada. When you invoke the label of national security, you are exempt from all inquiries, from all queries, from oversight, and you do not question the high priests of secrecy,”&nbsp;Drake said.</p> <p>Master of Information student <strong>Greg Hughes</strong> said he thought the December 5&nbsp;talk was riveting. “It was like hearing all the thoughts you've buried or put to the back of your mind about the truth of the surveillance state come to light."</p> <p>Drake urged the crowd to stand up for the truth, and support their right to freedom.</p> <p>"I will never forsake my sovereignty for the sake of the State."</p> <p>iSchool alumna <strong>Christina Darvasi</strong> watched the lecture from Mexico City and tweeted, “So jealous I'm no longer at the iSchool to see it live.”</p> <p><em>Kathleen O'Brien is a writer with the iSchool at the University of Toronto.</em></p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> <div class="field field--name-field-picpath field--type-string field--label-above"> <div class="field__label">picpath</div> <div class="field__item">sites/default/files/2013-12-05-Thomas-Drake.jpg</div> </div> Mon, 09 Dec 2013 09:49:09 +0000 sgupta 5770 at New algorithm finds you, even in an untagged photo /news/new-algorithm-finds-you-even-untagged-photo <span class="field field--name-title field--type-string field--label-hidden">New algorithm finds you, even in an untagged photo</span> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>sgupta</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2013-12-03T07:35:52-05:00" title="Tuesday, December 3, 2013 - 07:35" class="datetime">Tue, 12/03/2013 - 07:35</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item">Working with his student, Professor Parham Aarabi developed a search tool that quantifies relationships between people even when they are not tagged in a photo (photo by Johnny Guatto)</div> </div> <div class="field field--name-field-author-reporters field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/authors-reporters/marit-mitchell" hreflang="en">Marit Mitchell</a></div> </div> <div class="field field--name-field-author-legacy field--type-string field--label-above"> <div class="field__label">Author legacy</div> <div class="field__item">Marit Mitchell</div> </div> <div class="field field--name-field-topic field--type-entity-reference field--label-above"> <div class="field__label">Topic</div> <div class="field__item"><a href="/news/topics/breaking-research" hreflang="en">Breaking Research</a></div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/top-stories" hreflang="en">Top Stories</a></div> <div class="field__item"><a href="/news/tags/social-media" hreflang="en">Social Media</a></div> <div class="field__item"><a href="/news/tags/privacy" hreflang="en">Privacy</a></div> <div class="field__item"><a href="/news/tags/nserc" hreflang="en">NSERC</a></div> <div class="field__item"><a href="/news/tags/engineering" hreflang="en">Engineering</a></div> <div class="field__item"><a href="/news/tags/research" hreflang="en">Research</a></div> <div class="field__item"><a href="/news/tags/global" hreflang="en">Global</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>A new algorithm designed at the University of Toronto has the power to profoundly change the way we find photos among the billions on social media sites such as Facebook and Flickr.&nbsp;</p> <p>And, this month, the United States Patent and Trademark Office will issue a patent on this technology.</p> <p>Developed by <strong>Parham Aarabi</strong>, a professor in The Edward S. Rogers Sr. Department of Electrical &amp; Computer Engineering, and his former master’s student <strong>Ron Appel</strong>, the search tool uses tag locations to quantify relationships between individuals, even those not tagged in any given photo.</p> <p>Imagine you and your mother are pictured together, building a sandcastle at the beach. You’re both tagged in the photo quite close together. In the next photo, you and your father are eating watermelon. You’re both tagged.</p> <p>Thanks to your close ‘tagging’ relationship with both your mother in the first picture and your father in the second, the algorithm can determine that a relationship exists between those two and quantify how strong it may be. In a third photo, you fly a kite with both parents, but only your mother is tagged. Given the strength of your ‘tagging’ relationship with your parents, when you search for photos of your father the algorithm can return the untagged photo because of the very high likelihood he’s pictured.</p> <p>“Two things are happening: we understand relationships, and we can search images better,” says Professor Aarabi.</p> <p>The nimble algorithm, called relational social image search, achieves high reliability without using computationally-intensive object-recognition or facial-recognition software.</p> <p><img alt src="/sites/default/files/algorithm-infographic-13-12-03.jpg" style="margin: 15px 10px; width: 655px; height: 491px">“If you want to search a trillion photos, normally that takes at least a trillion operations. It’s based on the number of photos you have,” says Aarabi. “Facebook has almost half a trillion photos, but a billion users — it’s almost a 500 order of magnitude difference. Our algorithm is simply based on the number of tags, not on the number of photos, which makes it more efficient to search than standard approaches.”</p> <p>Work on this project began in 2005 in Aarabi’s Mobile Applications Lab, Canada’s first lab space for mobile application development.</p> <p>Currently the algorithm’s interface is primarily for research, but Aarabi aims to see it incorporated on the back end of large image databases or social networks.</p> <p>“I envision the interface would be exactly like you use Facebook search — for users, nothing would change. They would just get better results,” says Aarabi.</p> <p>While testing the algorithm, Aarabi and Appel discovered an unforeseen application: a new way to generate maps. They tagged a few photographs of buildings around the University of Toronto and ran them through the system with a bunch of untagged campus photos.</p> <p>“The result we got was of almost a pseudo-map of the campus from all these photos we had taken, which was very interesting,” says Aarabi.</p> <p>This work received support from the National Science and Engineering Research Council of Canada. It will be presented at the IEEE International Symposium on Multimedia December 10.</p> <p><em>Marit Mitchell is a writer with the Faculty of Applied Science &amp; Engineering</em></p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> <div class="field field--name-field-picpath field--type-string field--label-above"> <div class="field__label">picpath</div> <div class="field__item">sites/default/files/2013-11-29--Parham-Aarabi-(10).jpg</div> </div> Tue, 03 Dec 2013 12:35:52 +0000 sgupta 5756 at