It's Privacy and Compliance week at @Cloudflare highlighting work that
- Enables customers to comply with privacy laws
- Upgrades core Internet protocols to be more privacy-preserving
- Reinforces that Cloudflare doesn't need personally identifiable data for its business

1/
In CEO @eastdakota's introduction to the week, he explains how privacy has always been part of Cloudflare's DNA and why helping customers find solutions that work in today's global privacy landscape is so important.

https://blog.cloudflare.com/welcome-to-privacy-and-compliance-week/

2/
Welcome to Privacy & Compliance Week: Reflecting Values at Cloudflare’s Core

Over the course of the week, we'll be announcing ways that our customers can use our service in order to ensure they are in compliance with an increasingly complicated set of rules and laws around...

https://blog.cloudflare.com/welcome-to-privacy-and-compliance-week/
CTO @jgrahamc explains the evolution of the Internet from rapid growth in connectivity to a focus on security. He makes the case that the next phase of the Internet should be about building privacy into the Internet.

https://blog.cloudflare.com/internet-privacy/

3/
Privacy needs to be built into the Internet

The Internet was not built for privacy. Welcome to Phase 3 of the Internet: always on, always secure, always private.

https://blog.cloudflare.com/internet-privacy/
There will also be segments on http://cloudflare.tv  (in multiple languages) with Privacy and Compliance experts and engineers from inside and outside Cloudflare, so stay tuned!

4/
Cloudflare TV | Cloudflare

A 24x7 live stream video channel focused on general and technical topics related to building a better Internet.

http://cloudflare.tv
Monday's announcement: The @Cloudflare Data Localization Suite. With this, customers can control which locations Cloudflare
- performs decryption and inspection
- keeps TLS private keys
- keeps/runs Workers durable objects
- delivers logs from

https://blog.cloudflare.com/introducing-the-cloudflare-data-localization-suite/

5/
Introducing the Cloudflare Data Localization Suite

The Data Localization Suite helps businesses get the performance and security benefits of Cloudflare’s global network while making it easy to set rules and controls at the edge about where their data...

https://blog.cloudflare.com/introducing-the-cloudflare-data-localization-suite/
Tuesday is all about privacy-preserving protocols.

@Cloudflare has always championed emerging Internet protocols. Today we're doing three deep dives into new protocols that improve the privacy of DNS, TLS, and even passwords.

https://blog.cloudflare.com/next-generation-privacy-protocols/

6/
Helping build the next generation of privacy-preserving protocols

Today, we’re making several announcements around improving Internet protocols with respect to something important to our customers and Internet users worldwide: privacy.

https://blog.cloudflare.com/next-generation-privacy-protocols/
Two years ago, @cloudflare launched trial support for ESNI, an extension to TLS that keeps hostnames private. Today, @cjpatton_ explains what we've learned and how the IETF specification has evolved to become ECH (Encrypted Client Hello).

https://blog.cloudflare.com/encrypted-client-hello/

7/
Good-bye ESNI, hello ECH!

A deep dive into the Encrypted Client Hello, a standard that encrypts privacy-sensitive parameters sent by the client, as part of the TLS handshake.

https://blog.cloudflare.com/encrypted-client-hello/
DNS privacy has improved lately with the adoption of protocols like DoH and DoT in DNS resolvers. One complaint about moving DNS to the cloud is that it places a lot of trust in these providers to handle this combination of user IP addresses and domain lookups safely.

8/
Resolvers like 1.1.1.1 have privacy policies, but wouldn't it be cool if DNS resolvers never learned your IP address? Enter Oblivious DoH.

Cloudflare and partners (PCCW, SURF, and Equinix) now support this emerging standard to help make DoH private!

9/ https://blog.cloudflare.com/oblivious-dns/ 
Improving DNS Privacy with Oblivious DoH in 1.1.1.1

Oblivious DoH (ODoH) makes secure DNS over HTTPS (DoH) queries into private queries which prevent the leakage of client IP addresses to resolvers. The new proposed ODoH standard addresses this...

https://blog.cloudflare.com/oblivious-dns/
Not only is ODoH live, but we also open-sourced code in Go and Rust for all parts of ODoH: proxy, server, and client.

This effort was led by Tanya Verma and intern @sudheesh001 with @vavrusam, @armfazh, @__caw__, @cjpatton_, @Lekensteyn and more.

https://github.com/cloudflare?q=odoh

10/
Finally, another hot privacy issue is passwords.

Today, we explore the emerging OPAQUE standard for password authentication. Research intern @tatianaebradley explains how OPAQUE lets users log without the server ever seeing a plaintext password.

https://blog.cloudflare.com/opaque-oblivious-passwords/

11/
OPAQUE: The Best Passwords Never Leave your Device

Imagine passwords for online services that never leave your device, encrypted or otherwise. OPAQUE is a new cryptographic protocol that makes this idea possible, giving you and only you full control...

https://blog.cloudflare.com/opaque-oblivious-passwords/
We have an interactive demo of OPAQUE to see how it works under the hood:

https://opaque.research.cloudflare.com/ 

The code behind it was developed by @claucece and @tatianaebradley with @armfazh, @thibmeu, @__caw__, and @marwanfayed. It is available on Github.

https://github.com/cloudflare/opaque-core

12/
cloudflare/opaque-core

Contribute to cloudflare/opaque-core development by creating an account on GitHub.

https://opaque.research.cloudflare.com/
If you're interested in building your own implementation of any of the protocols announced today or interoperating with our implementations, or just have any questions, reach out to us at ask-research at cloudflare dot com!

13/
Wednesday: deprecating the __cfduid cookie.

Years ago, @alxdavids and I helped add the "Secure" flag to this cookie to improve privacy for HTTPS-only sites. What's better for privacy than a secure cookie? No cookie at all. It's going away.

https://blog.cloudflare.com/deprecating-cfduid-cookie/

14/
Deprecating the __cfduid cookie

Cloudflare is deprecating the __cfduid cookie. While we have never tracked end-users across sites or sell their personal data, we don’t want any customer to think they need a cookie banner because of...

https://blog.cloudflare.com/deprecating-cfduid-cookie/
Cloudflare's business is based on helping make websites and web services faster and more secure, not on tracking and profiling users for advertising purposes.

Cloudflare Web Analytics: optimize for your users, not for advertisers.

https://blog.cloudflare.com/privacy-first-web-analytics/

15/
Cloudflare’s privacy-first Web Analytics is now available for everyone

Anyone can now sign up to use Cloudflare’s new privacy-first Web Analytics -- even without changing your DNS settings.

https://blog.cloudflare.com/privacy-first-web-analytics/
Thursday: Compliance

Privacy is a broad discipline that has legal, technological, and regulatory components and is inseparable from compliance. Cloudflare has many tools to help customers dealing with compliance issues.

https://blog.cloudflare.com/work-jurisdiction-records-for-teams/
https://blog.cloudflare.com/cloudflare-certifications/

16/
Cloudflare Certifications

We think trust is fundamental to building a better Internet. Cloudflare adheres to industry-standard security compliance certifications and regulations to help our customers earn their users’ trust.

https://blog.cloudflare.com/work-jurisdiction-records-for-teams/
You can follow @grittygrease.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.