Abstract
Some governments do not consider metadata as personal data, and so not in the scope of privacy regulations. However, often, metadata gives more relevant information than the actual content itself. Metadata can be very useful to identify, locate, understand and manage personal data, i.e., information that is eminently private in nature and under most privacy regulation should be anonymized or deleted if users have not give their consent. In voice calls, we are facing a critical situation in terms of privacy, as metadata can identify who calls to whom and the duration of the call, for example. In this work, we investigate privacy properties of voice calls metadata, in particular when using secure VoIP, giving evidence of the ability to extract sensitive information from its ("secure") metadata. We find that ZRTP metadata is freely available to any client on the network, and that users can be re-identified by any user with access to the network. Also, we propose a solution for this problem, suitable for all the ZRTP-based implementations.

Abstract
Cloud storage allows users to remotely store their data, giving access anywhere and to anyone with an Internet connection. The accessibility, lack of local data maintenance and absence of local storage hardware are the main advantages of this type of storage. The adoption of this type of storage is being driven by its accessibility. However, one of the main barriers to its widespread adoption is the sovereignty issues originated by lack of trust in storing private and sensitive information in such a medium. Recent attacks to cloud-based storage show that current solutions do not provide adequate levels of security and subsequently fail to protect users' privacy. Usually, users rely solely on the security supplied by the storage providers, which in the presence of a security breach will ultimate lead to data leakage. In this paper, we propose and implement a broker (ARGUS) that acts as a proxy to the existing public cloud infrastructures by performing all the necessary authentication, cryptography and erasure coding. ARGUS uses erasure code as a way to provide efficient redundancy (opposite to standard replication) while adding an extra layer to data protection in which data is broken into fragments, expanded and encoded with redundant data pieces that are stored across a set of different storage providers (public or private). The key characteristics of ARGUS are confidentiality, integrity and availability of data stored in public cloud systems.

Abstract
Economical benefits obtained by large Internet corporations from gathering and processing user information at a global scale led the European Union to legislate on behalf of individual rights and the privacy of personal information. Data collectors, in particular, must now obtain proof of the user’s consent for every single operation comprising their data. Considering the conflicting interests of all involved parties, we propose that consent should be stored in a blockchain. By being a distributed, immutable and verifiable ledger, the blockchain presents itself as an almost tailor-made solution to harmonize conflicting interests while enabling the regulators’ supervision. © Springer Nature Switzerland AG 2019.

Abstract
The benefits of blockchain go beyond its applicability in finance. Electronic Voting Systems (EVS) are considered as a way to achieve a more effective act of voting. EVS are expected to be verifiable and tamper resistant. The blockchain partially fulfills this requirements of EVS by being an immutable, verifiable and distributed record of transactions. The adoption of EVS has been hampered mainly by cultural and political issues rather than technological ones. The authors believe that blockchain is the technology that, due to the overall attention it has been receiving, is capable of fostering the adoption of EVS. In the current work we compare blockchain-based EVS, identifying their strengths and shortcomings. © Springer Nature Switzerland AG 2019.

Abstract
The digital economy, online presence and the increasing number of phishing attacks, are common realities in today's operations of a significant number of companies. Some of these attacks resulted in significant financial losses and reputational damage. Companies do not address the problem before- hand. The first step should be the assessment of the exposure of the company to phishing attacks. An assessment methodology is proposed, evaluated and tested using two complete, and real, runs of the methodology.

Abstract
Road pavement conditions influence the daily lives of both drivers and passengers. Anomalies in road pavement can cause discomfort, increase stress, cause mechanical failures in vehicles and compromise safety of road users. Detecting and surveying road condition/anomalies requires expensive and specially designed equipment and vehicles, that cost considerable amounts of money, and require specialized workers to operate them. As an alternative, an emergent sensing paradigm is being discussed as a promising mechanism for collecting large-scale real-world data. In this paper we describe our experience on the design, implementation and deployment of a cloud based road anomaly information management service, that combines Collaborative Mobile Sensing and data-mining approaches, to provide a practical solution for detecting, identifying and managing road anomaly information. Additionally, we identify technical challenges and propose guidelines that may help to improve this type of services and applications. © 2018 IEEE.