I welcome opportunities to supervise undergraduate and graduate students, post-doctoral fellows, and other training fellows on projects that focus on the current research priorities of the Citizen Lab, which are listed below.

• Comparative analysis of national-level information controls (network monitoring)

• Targeted espionage against civil society

• Privacy and security of mobile apps and social media

• Corporate and public transparency

• Disinformation and digital technologies

Due to the volume of requests I receive, I cannot evaluate proposals or discuss research topics with individual students until they are accepted into one of the programs / opportunities outlined below. Please read the following carefully before reaching out to me.

Graduate Students (Masters and Doctoral)

I primarily supervise graduate students interested in some aspect of information and communication technologies who are enrolled in the following programs:

• Masters in Global Affairs (MGA) Program at the Munk School of Global Affairs & Public Policy
• One of the graduate programs offered by the Department of Political Science at the University of Toronto

Given the unorthodox nature of my research, I also co-supervise and serve on the committees of doctoral students outside of political science, including computer science, law, and engineering.

On occasion, I host visiting doctoral students from outside universities who have their own funds for short-term stays and are doing work related to one of the research priority areas of the Citizen Lab described above.

Undergraduate Students

On occasion, no more than once a semester, I supervise undergraduate senior theses and independent reading courses.

The Citizen Lab does not offer volunteer positions for undergraduate students, but occasionally hires undergraduate research assistant positions which are advertised on the Citizen Lab website.

Post-doctoral Fellows

Post-doctoral fellows are expected to pursue research interests that fall within one of the Citizen Lab’s main research priorities (listed at the top of the page), as well as to provide leadership and guidance to junior scholars and researchers.

Post-doctoral opportunities are posted on the Citizen Lab website as they come available. I also welcome requests to host and supervise post-doctoral fellows from computer science, law, engineering sciences, and political science who have secured their own funds (e.g., a SSHRC or NSERC postdoctoral fellowship). The Faculty of Arts and Sciences at the University of Toronto also has an advertised post doctoral fellowship program.

Other Fellowships

Interested students and others should check the Citizen Lab website for fellowship opportunities and application deadlines.

Main Thematic Areas

Comparative Analysis of National-Level Information Controls (Network Monitoring)

This area is primarily about information controls at a national level — e.g., Internet censorship and surveillance. Citizen Lab work includes developing new tools and methods for network measurement, analyzing Internet filtering systems, and correlating network interference with political events (e.g., elections, protests, conflicts, etc). We were part of the OpenNet Initiative for over ten years, and as part of that research undertook comparative analyses of information controls in more than 70 countries. A byproduct of this research is the use of network measurement and scanning techniques to fingerprint the vendors of commercial surveillance, content filtering, deep-packet inspection, and other products and services. We also evaluate laws, policies, and norms related to the topics outlined above, on national and comparative bases. Students who are interested in understanding practices, norms, laws, and technologies around information controls at a national level would find a lot to build upon in this area. Citizen Lab works with a network of researchers in the global South, which means that we have good partnerships with groups in those regions and good insight into the situations in the developing world. I am very interested in students working in comparative developing politics who are interested in better understanding practices and policies around cyber security in the global South, in failed and fragile states, and among authoritarian regimes or countries transitioning in and out of democracy.

Examples:

Bill Marczak, Jakub Dalek, Sarah McKune, Adam Senft, John Scott-Railton, and Ron Deibert. “Bad Traffic: Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?,” Citizen Lab Research Report No. 107, University of Toronto, March 2018.

Jakub Dalek, Lex Gill, Bill Marczak, Sarah McKune, Naser Noor, Joshua Oliver, Jon Penney, Adam Senft, and Ron Deibert. “Planet Netsweeper,” Citizen Lab Research Report No. 108, University of Toronto, April 2018.

Bill Marczak (Lead), Nicholas Weaver (Lead), Jakub Dalek, Roya Ensafi, David Fifield, Sarah McKune, Arn Rey, John Scott-Railton, Ronald Deibert, Vern Paxson,

“China’s Great Cannon,” Citizen Lab Research Brief No. 52, April 2015. [Download PDF]

Targeted espionage against civil society

This research area focuses on investigating politically motivated targeted malware and other digital attack campaigns against civil society. This area of research includes reverse engineering malware, mapping attack infrastructure, tracking malware development, and linking contextual information to technical data through investigative research techniques and structured focused interviews. We are interested in better understanding the threat environment facing civil society organizations in the digital arena, especially as their adversaries become better equipped with surveillance and spyware tools. This area can involve exceptionally rigorous technical work (e.g., reverse engineering malware and mapping command and control infrastructure) but can also lend itself well to research that examines the political context around such attacks, the legal and regulatory environment around the control of surveillance technologies, structured focused interviews around specific targeted communities and their responses or defences to attacks, risk mitigation, and evidence of psycho-social harms.

Examples:

John Scott-Railton, Adam Hulcoop, Bahr Abdul Razzak, Bill Marczak, Siena Anstis, and Ron Deibert. “Dark Basin: Uncovering a Massive Hack-For-Hire Operation,” Citizen Lab Research Report No. 128, University of Toronto, June 2020.

Bill Marczak, Adam Hulcoop, Etienne Maynier, Bahr Abdul Razzak, Masashi Crete-Nishihata, John Scott-Railton, and Ron Deibert. “Missing Link: Tibetan Groups Targeted with 1-Click Mobile Exploits,” Citizen Lab Research Report No. 123, University of Toronto, September 2019.

John Scott-Railton, Bill Marczak, Siena Anstis, Bahr Abdul Razzak, Masashi Crete-Nishihata, and Ron Deibert. “Reckless VII: Wife of Journalist Slain in Cartel-Linked Killing Targeted with NSO Group’s Spyware,” Citizen Lab Research Report No. 117, University of Toronto, March 2019.

Bill Marczak, John Scott-Railton, Adam Senft , Bahr Abdul Razzak, and Ron Deibert. “The Kingdom Came to Canada: How Saudi-Linked Digital Espionage Reached Canadian Soil,” Citizen Lab Research Report No. 115, University of Toronto, October 2018.

Privacy and security of mobile apps and social media

Projects in this area include uncovering censorship and surveillance in popular applications and social media platforms (e.g, chat apps, microblogs, etc), and evaluating the privacy and security of popular consumer apps (e.g., browsers, fitness trackers, etc). We are particularly interested in widely used apps and platforms that are understudied by security researchers. The goal of this work is to help users make more informed decision about the technologies they use and better understand the way threat actors might exploit privacy and security flaws to track high risk users. Students who are interested in researching how Internet intermediaries (e.g., mobile carriers, applications) affect information controls would find a lot to work with in this area. This area also lends itself well to national comparative analyses of Internet censorship and surveillance in the mobile arena.

Examples:

Jeffrey Knockel, Christopher Parsons, Lotus Ruan, Ruohan Xiong, Jedidiah Crandall, and Ron Deibert. “We Chat, They Watch: How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus,” Citizen Lab Research Report No. 127, University of Toronto, May 2020.

Bill Marczak and John Scott-Railton. “Move Fast and Roll Your Own Crypto: A Quick Look at the Confidentiality of Zoom Meetings,” Citizen Lab Research Report No. 126, University of Toronto, April 2020.

Jeffrey Knockel and Ruohan Xiong. “(Can’t) Picture This 2: An Analysis of WeChat’s Realtime Image Filtering in Chats,” Citizen Lab Research Report No. 122, University of Toronto, July 2019.

Christopher Parsons, Adam Molnar, Jakub Dalek, Jeffrey Knockel, Miles Kenyon, Bennett Haselton, Cynthia Khoo, and Ron Deibert. “The Predator in Your Pocket: A Multidisciplinary Assessment of the Stalkerware Application Industry,” Citizen Lab Research Report No. 120, University of Toronto, June 2019.

Corporate and public transparency

Projects in this area include developing software platforms for empowering citizens to exercise their rights to data protection and access requests, and analyzing the systems, policies, and practices of telecommunication and Internet companies as it pertains to the handling and sharing of customer data. We are especially interested in tracking state SIGINT practices, in Canada and abroad, as revealed by the Snowden disclosures and other sources of information. I am presently supervising PhD students in political science who are exploring the impact of the Snowden disclosures on SIGINT practices, and the norms governing intelligence sharing among the FVEYs. We are also presently developing out and expanding research on the Access My Info project to several jurisdictions outside North America, offering the first opportunity to analyze primary data on corporate data handling and sharing practices that arises from user requests.

Examples:

Petra Molnar and Lex Gill. “Bots at the Gate: A Human Rights Analysis of Automated Decision-Making in Canada’s Immigration and Refugee System,” Citizen Lab and International Human Rights Program (Faculty of Law, University of Toronto) Research Report No. 114, University of Toronto, September 2018.

Lex Gill, Tamir Israel, and Christopher Parsons. “Shining a Light on the Encryption Debate: A Canadian Field Guide,” Citizen Lab Research Report No. 109, University of Toronto, May 2018.

Andrew Hilts, Christopher Parsons, and Masashi Crete-Nishihata. “Approaching Access: A Look at Consumer Personal Data Requests in Canada,” Citizen Lab Research Report No. 106, University of Toronto, February 2018.

Lex Gill, Tamir Israel, and Christopher Parsons. “Government’s Defence of Proposed CSE Act Falls Short,” Citizen Lab Research Report No. 105, University of Toronto, January 2018.

Disinformation and Digital Technologies

Disinformation and digital technologies is a relatively new topic of interest for us at the Citizen Lab. We typically undertake research on disinformation that intersects with one of our other main thematic areas of interest.

Examples:

Gabrielle Lim, Etienne Maynier, John Scott-Railton, Alberto Fittarelli, Ned Moran, and Ron Deibert. “Burned After Reading: Endless Mayfly’s Ephemeral Disinformation Campaign,” Citizen Lab Research Report No. 118, University of Toronto, May 2019.

Adam Hulcoop, John Scott-Railton, Peter Tanchak, Matt Brooks, and Ron Deibert. “Tainted Leaks: Disinformation and Phishing with a Russian Nexus,” Citizen Lab Research Report No. 92, University of Toronto, May 2017.