Related papers: Security Is Not Enough: Privacy in Encryption Regulation and Lawful-Surveillance Protocols

Security Is Not Enough: Privacy in Encryption Regulation and Lawful-Surveillance Protocols

URL: http://arxiv.org/abs/2603.00841v1
Date: Sat, 28 Feb 2026 23:41:22 GMT
Title: Security Is Not Enough: Privacy in Encryption Regulation and Lawful-Surveillance Protocols
Authors: Artur Pericles L. Monteiro,
Abstract summary: This article argues that security is not enough to fully capture what is at stake in government exceptional access to encrypted data.<n>A richer understanding is needed both to assess policy and to guide research on lawful-surveillance protocols.
Score: 0.0
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: This article argues that security is not enough to fully capture what is at stake in government exceptional access to encrypted data. A conception of privacy as security has little to say about ``lawful-surveillance protocols'' -- an active research agenda in cryptography that aims to enable government exceptional access without compromising systemic security. But the limitations are not contingent on the success of this agenda. The normative landscape today cannot be explained if security is all there is to privacy. And fundamental objections to Apple's abandoned client-side scanning system gesture beyond security. This article's contribution is modest: to show that there must be more to privacy than the security mold it has taken. A richer understanding is needed both to assess policy and to guide research on lawful-surveillance protocols.

Related papers

AgentCrypt: Advancing Privacy and (Secure) Computation in AI Agent Collaboration [23.22266919684932]
AgentCrypt is a framework for fine-grained, encrypted agent communication.<n>It ensures privacy across diverse interactions and enables computation on otherwise inaccessible data.<n>We implemented and tested it with Langgraph and Google ADK, demonstrating versatility across platforms.
arXiv Detail & Related papers (2025-12-08T23:20:20Z)
Privacy-preserving server-supported decryption [2.2530496464901106]
We consider encryption systems with two-out-of-two threshold decryption, where one of the parties initiates the decryption and the other one assists. Existing threshold decryption schemes disclose to the server the ciphertext that is being decrypted. We give a construction, where the identity of the ciphertext is not leaked to the server, and the client's privacy is preserved.
arXiv Detail & Related papers (2024-10-25T06:47:53Z)
Privacy Checklist: Privacy Violation Detection Grounding on Contextual Integrity Theory [43.12744258781724]
We formulate the privacy issue as a reasoning problem rather than simple pattern matching.<n>We develop the first comprehensive checklist that covers social identities, private attributes, and existing privacy regulations.
arXiv Detail & Related papers (2024-08-19T14:48:04Z)
Privacy Risks of General-Purpose AI Systems: A Foundation for Investigating Practitioner Perspectives [47.17703009473386]
Powerful AI models have led to impressive leaps in performance across a wide range of tasks. Privacy concerns have led to a wealth of literature covering various privacy risks and vulnerabilities of AI models. We conduct a systematic review of these survey papers to provide a concise and usable overview of privacy risks in GPAIS.
arXiv Detail & Related papers (2024-07-02T07:49:48Z)
Perils of current DAO governance [0.21485350418225244]
Vote buying, vote selling and coercion are easy. The wealthy rule, decentralisation is a myth. Hostile take-overs are incentivised. Ballot secrecy is non-existent or short lived, despite being a human right.
arXiv Detail & Related papers (2024-06-12T19:21:23Z)
A Secure and Privacy-Friendly Logging Scheme [4.833749568903534]
We seek to resolve this issue through the use of an encrypted audit trail process that saves encrypted records to a true immutable database. This ensures compliance with the General Data Protection Regulation can be achieved.
arXiv Detail & Related papers (2024-05-18T17:10:48Z)
A Survey of Privacy-Preserving Model Explanations: Privacy Risks, Attacks, and Countermeasures [50.987594546912725]
Despite a growing corpus of research in AI privacy and explainability, there is little attention on privacy-preserving model explanations. This article presents the first thorough survey about privacy attacks on model explanations and their countermeasures.
arXiv Detail & Related papers (2024-03-31T12:44:48Z)
Secure Aggregation is Not Private Against Membership Inference Attacks [66.59892736942953]
We investigate the privacy implications of SecAgg in federated learning. We show that SecAgg offers weak privacy against membership inference attacks even in a single training round. Our findings underscore the imperative for additional privacy-enhancing mechanisms, such as noise injection.
arXiv Detail & Related papers (2024-03-26T15:07:58Z)
Tamper-Evident Pairing [55.2480439325792]
Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard. TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent. This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
arXiv Detail & Related papers (2023-11-24T18:54:00Z)
Privacy Explanations - A Means to End-User Trust [64.7066037969487]
We looked into how explainability might help to tackle this problem. We created privacy explanations that aim to help to clarify to end users why and for what purposes specific data is required. Our findings reveal that privacy explanations can be an important step towards increasing trust in software systems.
arXiv Detail & Related papers (2022-10-18T09:30:37Z)
Bugs in our Pockets: The Risks of Client-Side Scanning [8.963278092315946]
We argue that client-side scanning (CSS) neither guarantees efficacious crime prevention nor prevents surveillance. CSS by its nature creates serious security and privacy risks for all society. There are multiple ways in which client-side scanning can fail, can be evaded, and can be abused.
arXiv Detail & Related papers (2021-10-14T15:18:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.