key: cord-0477985-rfyeg011
authors: Renaud, Karen; Schaik, Paul van; Irons, Alastair; Wilford, Sara
title: 2020 UK Lockdown Cyber Narratives: the Secure, the Insecure and the Worrying
date: 2020-06-11
journal: nan
DOI: nan
sha: 76c9a7a04b36af8e959d641a7fb2891838705a87
doc_id: 477985
cord_uid: rfyeg011

On the 23rd March 2020, the UK entered a period of lockdown in the face of a deadly pandemic. While some were unable to work from home, many organisations were forced to move their activities online. Here, we discuss the technologies they used, from a privacy and security perspective. We also mention the communication failures that have exacerbated uncertainty and anxiety during the crisis. An organisation could be driven to move their activities online by a range of disasters, of which a global pandemic is only one. We seek, in this paper, to highlight the need for organisations to have contingency plans in place for this kind of eventuality. The insecure usages and poor communications we highlight are a symptom of a lack of advance pre-pandemic planning. We hope that this paper will help organisations to plan more effectively for the future.

The pandemic of 2020 led countries to impose lockdowns, which closed schools, universities and a host of other workplaces. This forced organisations to move their activities online, and employees were often left to find the best technologies to carry out their core activities. Many grasped at the most familiar or popular technologies to satisfy their needs. In some cases, the technologies they used, or the way they used them, exposed them to the actions of hackers, or violated their privacy. We explore these issues in Section 3.

On the other hand, the 2018 GDPR regulation made organisations consider and manage the way they stored personal and sensitive data. The fact that organisations had gone through this process stood them in good stead when the lockdown was imposed. This demonstrates the immense value of planning and putting measures in place. We discuss secure measures in Section 2.

There were also some worrying developments, in terms of privacy and human rights violations. We discuss these in Section 4.

Finally, in Section 5, we present guidelines for measures organisations could implement to prepare for future lockdowns. These will minimise the security and privacy violations that are occurring during the current lockdown, as revealed by our narratives. Section 6 concludes. Figure 1 provides an overview of the paper.

The research methodology used in this paper is desk research. In other words, we gathered facts and news reports that helped us to construct the emergent security and privacy focused narrative around the UK's 2020 pandemic lockdown.

By so doing, we have been able to highlight the need for organisations to support their employees more effectively so that they can achieve private and secure at-home working. Bill Gates predicts that pandemics will occur every 20 years [15] , and other disasters, such as fires, occur unpredictably and also send workers home.A lockdown could happen again. We thus build on the research literature to propose guidelines for working securely and privately at home, as our main contribution.

As academics, we are in a good position to write about the plans our Universities made before the introduction of GDPR in 2018. Universities across Europe engaged in activities to ensure that their employees knew exactly how to secure their data.

Our institutions implemented measures that are likely to be typical of the industry at large. They published policies and provided secure storage in some cases. Whatever their individual arrangements, this preparation for GDPR meant they were well prepared for the lockdown, when it came to data storage.

A brief review of the authors' institutions' policies evidences this. One author's institution has a GDPR policy that lays down "good practice" principles for storing and managing research data. Guidance is also provided with respect to where data should be stored (i.e. on University sanctioned storage drives). Another author's institution's information security policy devotes two pages to explaining how research data ought to be secured. A third author's institution has a five page Data Protection Policy laying out guidelines for securing data. A fourth author's institution publishes an 9-page policy to guide data protection activities.

One policy specifies that OneDrive be used to store data, but the others do not do this. Two forbid the use of Dropbox for research data.

As well as policies that address GDPR needs, there is also a need to consider the security of the architecture that enables home working. For example, considering Wifi routers: whether or not these are password-protected and the age of the routers is relevant (more recent routers have more inbuilt security). Moreover, others in the household may have access to the computers used for remote working and the separation of work and personal technology usage becomes challenging.

In none of the policies we reviewed was video conferencing software mentioned. Nor were any recommendations made about protocols for home working or secure software to use, nor were there any guidelines for hardware configurations that would help improve home working security.

Finally, there was no mention of the use of VPNs to preserve privacy.

The move to home working, and the use of online conferencing software, has increased exponentially [41] as society embraces social distancing and heeds isolation instructions from the government. Quarantined employees naturally sought a way to stay in touch with their loved ones, and maintain relationships with colleagues, whilst also conducting their work activities from home.

There are a range of tools on that enable colleagues and collaborators to work together in a virtual "face to face" environment whilst maintaining social distancing. Many turned to Google to find the tools they needed. Figures 2 and 3 depict the spike in searches for video conferencing technologies since the beginning of the lockdown. As these graphs demonstrate, many found Zoom and looked for more information. The rush to adopt video conferencing technologies ushered in a number of interesting and concerning aspects, in terms of user behaviour.

Because of the speed in implementing video conferencing technologies, very few organisations had the time to put policies or protocols in place regarding remote working practices. This means employees are figuring out their practices for themselves. They might be well informed, and do so securely, but they might also put themselves and their employers' devices at risk.

One the one hand, there is a need to be included and to ensure that users have the appropriate hardware to enable the software to be utilised. Users may have been given admin rights to enable them to install software because their corporate IT support do not have the capacity to support a multitude of users trying to install software. This may lead to advised checking and testing not being completed. It also potentially causes stress when things do not work or users cannot connect to the technology that their peers are using.

On the other hand, the need to connect with others can lead to unwise installation of technologies and this may mean that the usual security checks are not in place. The adoption of workable solutions in the short term could well obscure underlying problems, for example with user privacy, data and information sharing, and possible unwitting GDPR violations.

Furthermore, once the pandemic period is over, the extent of privacy, security and data protection violations will be discovered. The subsequent fall-out in terms of managing the administration of both criminal and civil regulations, could prove to be overwhelming to institutions, regulators and individuals, if the use of these emergency tools can be shown to have been used uncritically and without informed consent or sufficient care for personal data.

This particular tool has become very popular. As its popularity has risen, so have concerns about its security and potential privacy violating practices [27] . A number of security experts have raised concerns about vulnerabilities within Zoom [36, 72] • Potential privacy violations. Research by Citizen Lab found that cryptographic operations were delivered to participants via servers in China [39, 40] .

• "Zoomboming". This is where trolls take advantage of open or unprotected meetings and poor default configurations to broadcast porn or other explicit material. In response, Zoom enabled the Waiting Room feature which allows a meeting host to control when a participant joins the meeting and enforces passwords. On the 8th April researchers revealed a security vulnerability in the waiting room [44] .

• Security vulnerabilities. Researchers discovered a flaw in Zoom's Windows application which allowed remote attackers to steal victims' Windows login credentials and execute arbitrary commands on their systems. A patch was issued on April 2, 2020, to address this flaw. Other researchers created a new tool called "zWarDial" that searches for open Zoom meeting IDs, finding around 100 meetings per hour that aren't protected by any password. There is also evidence that Zoom IDs and passwords are being sold on the dark web [7] .

As we write, some countries [59] have suspended the use of Zoom by teachers due to abuse by hackers. Zoom has been particularly responsive to these criticisms, patching them as quickly as they can [51] . However, as Mudge [51] points out, whilst the Zoom developers should have addressed security issues in the initial design, 5 years ago, they are trying to "fix" vulnerabilities as the Zoom user community grows. Mudge also indicates that there is a responsibility on the user to ensure security of any application that they are using, including Zoom. Making sure that routers are robust (and up to date), making sure tools are up to date and ensuring the patches and updates are put in place as soon as they become available will all contribute to safer Video Conferencing environments. The Zoom developers will also see this as an opportunity to improve their product.

The Zoom scenario seems to be a classic trade off between usability and security, highlighted by Cranor and Garfinkel [14] . The rush to ensure that colleagues could stay connected, at very short notice meant that easy to install and use applications, such as Zoom, are being used without people thinking about security or even knowing what steps to take to assure secure usage.

We have discussed Zoom, which has attracted a great deal of attention due to its escalating user numbers. It is likely that many of the other video conferencing offerings also have vulnerabilities which are, even now, being exploited by hackers.

Our argument is not Zoom-specific. We are making the point that many are using a variety of video conferencing technologies with serious vulnerabilities, and they are doing so because they either do not have any alternatives, because they feel impelled by the critical mass usage to use them, or because they are simply unaware of the vulnerabilities.

School teachers are perhaps most unprepared to move their activities online. The bulk of their work is face to face with the children, in and out of classrooms. Now suddenly they have had to find other ways to engage. There is some evidence that they are woefully uninformed about privacy [2] and security [58] .

The advice from Human Rights Watch [46] is to focus on the most accessible technologies and methods. There is no mention of privacy or security considerations in this article. Yet privacy, too, is a human right (United Nations Declaration of Human Rights (UDHR) 1948, Article 12) and in Europe the new GDPR regulations have stringent rules requiring that children's data be kept private [45] . We now provide two examples of teachers maximising accessibility with security and privacy pitfalls.

Gym teachers would like their pupils to provide evidence that they are doing their exercises. How do they do this while all their pupils are quarantined?

Anonymous [2] posted a comment to a Reddit group, saying that a teacher wanted children to post videos to YouTube.

The first comment is from a teacher, defending the practice: "I think the mindset is trying to prevent students from just faking it by having them show evidence, but an email to the teacher asking for an alternative assignment should work." Another teacher explains: "My district wants me to document everything I am doing daily that is focused on my degree. 3 to 5 hours a day M-F. How the hell can I come up with 3 to 5 hrs of stuff 5 days a week?! We have to document it and turn in a log sheet every Monday."

One commenter doesn't understand what the fuss is about: "Maybe not social media but why not? Meet them where they are at and remove barriers." Some suggest alternatives: "I friend of mine made a private Facebook group for his classes and that's how they're going everything. " However, Facebook and privacy are diametrically opposed [1] .

Another offered advice: "YouTube videos can be privateaccessed only with a link. If this must happen, that could be an option -then delete the video after the grade is marked."

The question that has to be asked, in this case, is how the password will be communicated to the teacher? If email is used, the YouTube video is not private.

Others express more concerns about privacy violations: "Nothing is truly private on the internet and there are a bunch of bored perverts home with nothing else to do. "

The upshot is that children's privacy is being lost.

One of the final comments expresses the unreadiness of this demographic. "Teachers are working their asses off to put a plan in motion that hasn't even been finished yet. The nation, state and district haven't planned ahead for this, it's all being crafted on the spot and teachers are the ones doing the brunt of the work to make sure your nephew, niece, child, loved one is still being educated, still given a routine, still knows they have someone checking in on them and supporting them. Get off your reddit high horse and thank a [snip] teacher who has been sourcing every ounce of "creativity" to meet the demands of the education system with minimal support and with educ." Certainly, many parents are expressing their support for the huge efforts teachers are making [18] . We are not blaming teachers; we are pointing the finger at those who are responsible for providing teachers with the technologies they need to carry out their activities during the pandemic. Based on the evidence we have gathered, it certainly seems as if they have been left to find their own way. That they make mistakes when their employers fail to support them is understandable.

Higher education institutions have also been forced to provide teaching, resources and support activities online. The concerns about privacy, data protection, verification, collusion, cheating, and how to conduct online assessment, are similar to those experienced by school teachers. Higher education institutions however, have access to vastly more resources than schools, including an existing distance learning infrastructure, and a relatively high proportion of staff able to work from home.

In responding to the crisis, Universities offered access to multiple online tools, often without due diligence of privacy and security issues, or guidance for staff. There did not seem to be time to think about this in the rush to go online, with the focus being on delivery, staff/student support and promoting key public health advice [66] .

Whilst this is understandable, the lack of oversight may result in significant problems in the future, as video conferencing apps, and an eclectic mix of online tools are used without a second thought (the Zoom app is integrated into Microsoft teams [47] ). The result is that confidential discussions are open to interception, student work may be accessed, exams compromised and sensitive data inadvertently leaked.

However, there is some awareness of the issues, and academic institutions worldwide are working to understand and make sense of this new way of working [42] . Meanwhile, the technology companies are under pressure to address concerns and to secure their systems [33] , but it is likely to be too little, too late.

Governments are doing everything they can to prevent deaths during the COVID-19 pandemic. Some governments have used contact tracing tools, either by mobile phone apps or using cell tower triangulation [35, 56, 63, 68] . These can trace all the people an infected person has been in contact with to provide warning of possible infection. Contact tracing is a mature technique, which has been used to track tuberculosis [54] , SARS [26] or STDs [5] contacts.

Yet these apps, even if initially justified during the pandemic, can very quickly violate privacy and other human rights after the pandemic has abated [11] . Some countries have used contact tracing in an authoritarian and privacy violating fashion [9, 37, 73] . An Israeli company has published an app [12] which claims to respect the privacy of citizens, as follows (direct quote from Cluley):

• Use of the app is optional, not compulsory. Any location data collected by the app does not leave the phone, and is not uploaded to the Israeli government. All processing happens on the phone itself.

• Those diagnosed with Coronavirus have to volunteer their location history for use by the app, which is driven by a JSON file that is updated with new data on an hourly basis.

• Even if a match is made, the app does not inform the Israeli Ministry of Health. It's up to the user to get in touch if the app alerts that there might have been an encounter with a Coronavirus case.

• To reassure users about the behaviour of the app, it has been released as open source and its code published on Github.

• The app's code has been examined by security experts at Profero.

All of these efforts, and the motivation to use an app, are based on the assumption that infection can only occur within 6 feet of an infected person. Yet MIT recently published research that showed that the droplets from a cough or sneeze could travel up to 27 feet [16] .

The immediate justifications for extending surveillance of the public, uses the rhetoric of war to 'battle the virus' and to reinforce its citizen's sense that 'we are all in this together' [64] . but the expectation that all good citizens should be happy to utilise the app, and therefore give up some of their liberties for the benefit of society [25] . This then helps to create a moral imperative to comply with requests for quite draconian restrictions on civil liberties. By using 'nudge' tactics [52] , they attempt to habituate the population into acceptance of increased electronic surveillance. This means that those not engaging can be presented as having a moral failing or a lack of civic awareness. In terms of the 'battle' against COVID-19, the expectation is that everyone will do their utmost to prevent its spread, and dire warnings, accompanied by daily death rates, will serve to sustain pressure to submit to increased surveillance. Social shaming regarding the lock-down conditions is already evident, encouraged and actively promoted by the media [32] . Social media is further increasing the pressure, and includes trolling, and other forms of online abuse, aimed at those perceived to question government requests.

This approach is not dissimilar to an oft-repeated statement used to shut down concerns about the use of surveillance, particularly post 9/11: "if you've got nothing to hide, you've got nothing to fear" [61] . The message here is that surveillance that enhances national security and protects against terrorism should take precedence over personal liberty. It can be surmised that it is only a matter of time before such rhetoric is resurgent in the public dialogue. In a crisis, most people are eager to help their fellow citizens [70] and compliance with rules is consistent with this stance. However, a few dissenting voices are expressing concerns about the potential future use of these technologies [53] .

The acceptance of increased surveillance may not be encouraged just through the impact of a global emergency, social shaming and nudge tactics. In many countries, both authoritarian and democratic, people have become habituated to living under surveillance via CCTV, GPS, Smart Phones and during Internet usage, whether that is by the government [21, 69] or by businesses [74] . Many have become so accustomed to being under surveillance, that the Panopticon, a prison system of total surveillance and a 'new mode of obtaining power of mind over mind' devised by Jeremy Bentham [6] has become the reality of our modern, surveillance society [28, 43] .

As the current situation begins to resolve, questions about an end to the increased surveillance will be raised. It is likely that arguments will then be made to retain these technologies in the fight against crime or terrorism and above all, to ensure that "We are ready next time". In response, parliaments have an important role to hold the government to account. The UK Labour opposition leader has stated that he will scrutinise the UK government's actions and point out any failures that need to be addressed [4] . However, the key to the success or failure of current and future responses to such a crisis lies in how and what information is communicated to the public.

The UK government passed coronavirus legislation, which gave police new powers [65] . Very soon after the country was put into lockdown, reports of police men and women exceeding their remit began to emerge.

For example, Derbyshire Police used drones to film people walking in the hills, on their own, to name and shame them online [19] and dyed the local pool black so that people would not want to take a swim [49] . This police force is not the only one to overstep the mark.

Warrington police posted to Twitter that 'six people had been summonsed for offences relating to the new coronavirus legislation to protect the public' [71]. The violations include going 'out for a drive due to boredom' and 'multiple people from the same household going to the shops for non-essential items'. The legislation does not specify what essential items are, so the police are clearly deciding for themselves. For example, a news report on the 30th March reported that police had ruled Easter eggs "non-essential" [23] (in the week before Easter). Wine and crisps too, were ruled non-essential [50] . Given that the government requires that citizens do not do non-essential shopping, would it be the shops that are responsible to ensure that non-essential items are not offered for sale?

Slater [60] argues that: "The thing is when you give police -or in the case of these new regulations, police, community support officers and other people 'designated' by local authorities -the power and moral authority to throw their weight around, many of them are bound to overinterpret their responsibilities and overstep the mark. " This sentiment is echoed by Campbell [10] .

Indeed, police chiefs have now become concerned enough to issue a statement saying they will be drawing up new guidelines so that their police forces [48] do not overreach their authority. This was in response to former Supreme Court Justice Lord Sumption saying that Britain risked turning into a "police state" [55] . The Home Secretary Priti Patel was moved by comments issued by Northamptonshire Police Chief Constable Nick Adderley to issue a warning to police on the 10th April saying that road blocks and checking of supermarket trolleys were "not appropriate" [62] .

We believe many of these issues can be traced back to poor communication from the UK government about what actions the police should be taking. In the absence of clarity, some people will naturally overreach, as indeed they have.

Grater [30] reports on Emily Maitlis calling the UK government's language 'trite' and 'misleading', when they were discussing the COVID-19 virus. She said that UK Cabinet member Dominic Raab erroneously suggested that people could survive the illness through fortitude and strength of character. She also pointed out that the virus and the lockdown was much harder on the poor, than on the wealthy.

During the week of the 6th April 2020, every household in the United Kingdom received a letter from the Prime Minister.

With the letter was a leaflet which included the diagram in Figure 5 . This graph was rather puzzling and seemed inaccurate since the letter came from the Prime Minister, who himself had just been admitted to hospital 10 days after falling ill with the virus. This diagram conflicts with the text in the leaflet, which suggests that Person C should isolate for an extra 7 days, now that Person D has started exhibiting symptoms.

From the very beginning, when the coronavirus emerged in Wuhan, the one consistent message has been to wash hands. On the other hand, the communication around face masks has been confusing and inconsistent. The Google Trends graph in Figure 6 demonstrates the uncertainty around face masks, as evidenced by increased numbers of Google searches. People were initially told that face masks were ineffective [34] . Then, on the 1st April, the World Health Organisation (WHO) announced that it was considering changing its guidance on face masks [20] . On the 7th April, the Centre for Disease Control (CDC) recommended wearing face masks in public [22] . On 8th April, the WHO announced that there was no evidence to suggest wearing a face mask would prevent healthy people from catching Covid-19 [29] . These kinds of conflicting messages have led to a great deal of uncertainty.

Organisations should have contingency plans to support home working. This ought to include a suite of technologies that people are given to ensure that their online activities are carried out securely. Moreover, these ought to be tested to ensure that employee privacy is preserved. If people are under pressure to do their jobs, without being given the necessary tools, they are likely to find a way. Humans are endlessly innovative in overcoming obstacles and finding a way to fulfil their commitments.

Here, we present some guidelines and recommendations regarding security and privacy for private companies, public organisations and third-sector organisations in response to the COVID-19 crisis.

Organisations should build on their existing information security and privacy policies by updating these to ensure they cover unforeseen problems that have now been exposed by the pandemic lockdown. Issues to be addressed include video-conferencing and other tools used to support remote working, teaching or learning from home and the management of signing up to applications or websites.

As it is unlikely that staff will fully read and/or understand the complete policy, organisations should consider creating a summary of topics that are specifically relevant to the crisis, Based on existing research evidence [31] , this could be an effective way of positively influencing staff behaviour to reduce security and privacy problems. Similarly, governments should build on existing guidance by updating this for their citizens in terms of information security and privacy, and communicate the main points in a straightforward manner, with a link to full details. This will alleviate the problems highlighted in Section 4.2.2.

Technology Choice: A co-ordinated approach is needed to analyse and identify the security and privacy strengths and weaknesses of video-conferencing and other networked tools (Section 3), and then to publicise the results with straightforward guidance to the general public. This is important to ensure that users use appropriately secure and privacyprotecting tools and appropriate tool configurations to protect their information and preserve their privacy.

WiFi: Consider the use of WiFi. Employees should avoid the use of public WiFi and make sure that home WiFi is as secure as possible. Attempts should be made to ensure that routers in the home are password-protected and, where possible, those working at home should have as up to date a router as possible. More recent routers, those less than 5 years old, have more built-in security.

Authentication: Those working from home should follow the advice given by their organisations' IT services and use approved (and supported) software. It is good practice to make use of strong passwords and ensure that, where possible, multi-factor authentication is utilised. Make sure there is up to date antivirus software in place and install updates and patches as soon as they become available, as long as these are from official sources.

Access Control: In addition, every attempt should be made to separate work and personal devices and people should be advised not to share work technologies with family members.

In this co-ordinated approach, there may be roles for thirdsector organisations that specialise in information security and/or privacy and for government security organisations. It is important that the communication of the guidance be clear and available from a single access point. This will allow users to more easily locate, assimilate and apply the guidance [67] .

The development of a wide variety of contact-tracing apps (Section 4.1) could be useful in terms of promoting competition and innovation to improve the quality of app support for combatting the virus. However, given the crisis at this time, collaboration can be more beneficial than competition [8] , as the latter:

(1) may be too slow to improve quality on time, as the virus does not follow the competition's timetable,

(2) may prioritise the app's 'virus-combat effectiveness' at the cost of information security, privacy and other considerations, and

(3) may be too slow in terms of take-up for people to choose the best possible app because of information overload (too many apps on offer with too many choice attributes to consider) [38] and choice inertia (people are slow or reluctant to change to another product even if it is better) [3] .

Therefore, in crisis times such as this, instead a collaborative multidisciplinary approach should be followed to ensure that effectiveness, security, privacy, usability and other considerations are taking into account.

In addition, iterative design and testing is necessary to ensure quality improves during development, but also after deployment to continually improve the app [13, 24] .

A single app per country or coalition of countries (for example, the EU) would provide a single access point. This will allow users to more easily locate, assimilate and apply the information. An example of a pan-European approach to develop a GDPR-compliant app is currently in operation under the name Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT2020) 1 .

More generally, from the perspective of privacy, several evaluation criteria have been identified that specifically contacttracing apps should meet [17] . These are: • limiting the personal data gathered by the authority;

• protecting the anonymity of every user;

• not revealing to the authority the identity of users who are at risk; preventing the system can be used by users to learn who is infected or at risk, even in their social circle;

• preventing users from learning any personal information about other users;

• preventing external parties from exploiting the system to track users or infer whether they are infected;

• putting in place additional measures to protect the personal data of infected and at risk users • providing support for people to verify that the system does what it says.

Contact-tracing apps will vary in the extent to which they support privacy. For example, the Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) app [57] aims to preserve privacy and maintain security, but does not explicitly address all these criteria.

Regarding communication weaknesses (Section 4.2.2), any measures and the communication of these measures need first to be thought through thoroughly and they should be based on the nationally and/or internationally available relevant expertise. Therefore, the recommendation is to make good use of academic and other experts in relation to the content and communication of measures.

In addition, the communication and measures should be thoroughly evaluated before they are released within the time constraints. This is because poor communication can have adverse consequences in terms of potentially lengthening the pandemic, as our analysis of government communication shows. It should be possible to do the required evaluation relatively quickly by drafting in academic and other experts to help combat the crisis. Whether their contribution is made mandatory or not, many of them will be keen to help contribute to solving the crisis, in any case, when given the opportunity.

These are unprecedented times and the move to home working has been implemented in a necessarily speedy way. However, as the initial implementation settles and people begin to get used to the "new norm", there is a need to reflect on the efficacy and viability of thereof. The stresses of needing to participate in organisational activities mean that the ability to engage could lead to usual security measures and non-compliance with organisational policies. Cyber criminals will likely exploit weaknesses and vulnerabilities in the home working environment.

As has been illustrated by our narratives, the vulnerabilities can result from the lack of specific policies, consequent "needs must work-arounds", insecure hardware and/or nonrobust software applications. These, combined with an increase in malicious attacks, mean that the home working environment is replete with potential digital threats.

We do not seek to criticise anyone for the technologies they make use of in an emergency. We wrote this paper to highlight the difficulties employees faced and the security risks quarantined citizens unwittingly exposed themselves to. We suggest a better way forward as the main contribution of this paper.

No, Facebook is not "Private". Their Censorship Arm is Government Funded

My HS nephew's gym teacher wants them to post a video of themselves dancing on YouTube or tiktok. Teachers need to STOP with this nonsense! Children's privacy is more important than your "creativity

The effect of switching costs on choice-inertia and its consequences

Coronavirus: Labour leader Keir Starmer says 'scrutiny is important

Partner notification for sexually transmitted infections in the modern world: a practitioner perspective on challenges and opportunities

The panopticon writings. Verso Trade

Stolen Zoom passwords and meeting IDs are already being shared on the dark web

Walking parallel paths or taking the same road? The effect of collaborative incentives in innovation contests. Managing Innovation: Understanding and Motivating Crowds

The senseless brutality of South Africa's lockdown

Becoming exercised

Kushner's team seeks national coronavirus surveillance system

The Shield: the open source Israeli Government app which warns of Coronavirus exposure

Putting Privacy Notices to the Test

Security and usability: designing secure systems that people can use

Bill Gates warns viral pandemic could happen every 20 years

Is 6 feet enough for social distancing? MIT researcher says droplets carrying coronavirus can travel up to 27 feet

Evaluating COVID-19 contact tracing apps? Here are 8 privacy questions we think you should ask

Parents praise teachers, say they deserve 'billion dollars' while homeschooling kids amid coronavirus outbreak

DerbysPolice/status/1243168931503882241 Accessed 5

WHO considers changing guidance on wearing face masks

Internet privacy concerns and beliefs about government surveillance-An empirical investigation

Homemade face masks, coronavirus prevention, CDC: Here's what you should know

Easter eggs aren't essential items, small shops told

Lorrie Faith Cranor, and Hanan Hibshi. 2020. Ask the Experts: What Should Be on an IoT Privacy and Security Label? arXiv preprint

The communitarian reader: Beyond the essentials

Quantifying SARS-CoV-2 transmission suggests epidemic control with digital contact tracing

Zoom hit by investor lawsuit as security, privacy concerns mount

Discipline and punish. Penguin

Coronavirus: Can Face Masks Protect you from Catching Deadly Virus?

BBC Newsnight's Emily Maitlis Swipes At "Misleading" COVID-19 Language In Powerful Speech

Living Up to the Spirit of Narrative Reporting Guidance

Neighbourhood Watch: Coronavirus lockdown Brits shame neighbours not following strict government rules as police 101 line inundated

Zoom says engineers will focus on security and safety issues

To protect yourself against coronavirus DON'T wear face masks

Coronavirus: UK confirms plan for its own contact tracing app

Zoom Caught in Cybersecurity Debate -Here's Everything You Need To Know

Location Surveillance to Counter COVID-19: Efficacy Is What Matters

Information and communication technology overload and social networking service fatigue: A stress perspective

Zoom's Encryption is "not suited for secrets" and has surprising links to China

zooms-encryption-is-not-suited-forsecrets-and-has-surprising-links-to-china-researchers-discover/ Accessed

Zoom Meetings Aren't End-to-End Encrypted, Despite Misleading Marketing

Zoom Video Users Soar to 200 Million as Privacy Concern Mounts

Educating despite the COVID-19 outbreak: Lessons from Singapore

Bentham's Panopticon: From moral architecture to electronic surveillance

Zoom's Waiting Room Vulnerability

General Data Protection Regulation -GDPR

Pandemic shakes up world's education systems

Microsoft. 2020. Zoom for Teams

Police chiefs to warn forces against coronavirus crackdown after claims of 'police state

Coronavirus: Derbyshire police dye Buxton 'Blue Lagoon' black to deter gatherings

Shoppers claim police are fining them for buying 'non-essentials' like wine and crisps

Multimodal strategies of emotional governance: a critical analysis of 'nudge'tactics in health policy

Coronavirus Bill: the greatest loss of liberty in our history

Tuberculosis: contact tracing and testing

Covid-19: Ex-supreme court judge lambasts 'disgraceful' policing

Special Report: Italy and South Korea virus outbreaks reveal disparity in deaths and tactics

PEPP-PT -Overview: how we preserve privacy and maintain security

Cyberethics, cybersafety, and cybersecurity: Preservice teacher knowledge, preparedness, and the need for teacher education to make a difference

Coronavirus: Teachers stopped from using Zoom after 'very serious incidents

The corona cops need to wind their necks in

Nothing to hide: The false tradeoff between privacy and security

Priti Patel shuts down police threats of harsher lockdown measures like road blocks and checking supermarket trollies

The importance of contact tracing in Singapore and the role technology plays

War rhetoric and disaster transparency

The Health Protection (Coronavirus) Regulations 2020

Actions being taken by Universities in response to coronavirus

About Being Accessible: Your Communication from a Universal Design Perspective

The NHS coronavirus app could track how long you spend outside

China's golden shield: corporations and the development of surveillance technology in the People's Republic of China. International Centre for Human Rights and Democratic Development

Community support groups spring up during coronavirus pandemic

Ex-NSA hacker drops new zero-day doom for Zoom

South Korea is reporting intimate details of COVID-19 cases: has it helped?

The age of surveillance capitalism: The fight for a human future at the new frontier of power