Will Your Internet of Things Device Testify Against You?

158shares

Will Your Internet of Things Device Testify

Imagine this: Your wearable device is subpoenaed to testify against you. You were driving when you were over the legal alcohol limit and data from a smart Breathalyzer device is used against you. Some might argue that such a use case could potentially safeguard society. However, it poses a bigger concern about how data from the broader spectrum of Internet of Things (IoT) devices could be used against you. Doesn’t it seem reminiscent of George Orwell’s dystopian universe, Nineteen Eighty Four where children were indoctrinated to inform on suspicious activity, only now it’s an IoT device? But, this time it’s you who chose to use the device or network of devices that could start working in concert against you.

IoT devices range from wearables such as wristbands, shirts, and goggles to a range of household and other real-world objects that are increasingly being connected to the Internet using RFID chips, barcodes, sensors, bots via mobile applications. And as the technology has become cheaper and more efficient these devices have become enmeshed in our daily lives. Runners like myself regularly slip sensors into our shoes to track our distance and times. Many people wear fitness bands with the goal of optimizing their sleep, diet and lifestyle patterns. There is also a certain coolness and addictive factor associated with these devices and many rush to have the latest and greatest in these devices.

Data Brokers Are Waiting

What most people don’t think about is most if not all of the analysis of the data is not carried out on the device and is analyzed and often shared with third party data brokers via a cloud backend depending on the privacy policies in place. These third parties may share information and the aggregated data used to create profiles, which at best case may be use for marketing purposes but over time what’s to stop insurers and law enforcement gaining access to this information?

Earlier this year Federal Trade Commission (FTC) Chair Edith Ramirez warned of the privacy risks when at the CES tradeshow, she posed the question ”Or will the information flowing in from our smart cars, smart devices, smart cities just swell the ocean of “big data,” which could allow information to be used in ways that are inconsistent with consumers’ expectations or relationship with a company?” The Electronic Privacy Information Center has also written at length on the risks of the “hidden collection” of sensitive data from IoT devices. In Accenture’s survey report on the “Internet of Things” many of the 2000 respondents polled in the United States indicated they would be willing to share personal data in return for discounts and coupons.

Transparency, Standards And Data Confidentiality

I am a fan of IoT and the potential a great many of these devices offer for improved quality of living and safety, health, greater home and environmental efficiencies. However, consumers need clear standards for secure connections from the devices to a backend cloud and standards around data confidentiality, and transparency of that data stored and processed in the backend cloud. Until these standards are in place, I encourage users to be vigilant and to press manufacturers for clear answers on the following at minimum:

Will your data shared with third parties? This is particularly important for any device that collects sensitive data about you. It may be challenging given the volume and legalese of privacy policies but well worth the time investment given it’s your private data.
Understand how your information is transmitted. And, once in storage, who has access to the information? Is the information stored on a third party’s cloud? When you stop using the device, what happens to your data?
Take time to understand your device’s privacy settings. Have you configured the device’s settings maximum privacy? Are you only sharing what you are comfortable sharing publicly?

The tension between convenience and privacy is at it’s most strained and hopefully that will accelerate the move towards much needed digital safeguards. But in the interim, a more cautious and defensive approach will help you preserve your privacy.

By Evelyn de Souza

Evelyn de Souza

Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW’s Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry’s first blueprint for making data protection “business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.

THOUGHT LEADERS

The Need for Experts Goes Beyond AI

The Need for Experts The explosion in AI technologies has brought with it clear concern that easy answers and intelligent copywriting are now the domain of machines. This has led to the question of whether ...

3 ways AI can create a more equitable future for food distribution

More equitable future for food distribution with AI At best, only 70% of food gets used in the United States. The rest goes to waste. Although devastating, the good news is this massive waste of ...

Accelerating the AI Pipeline with Optimized Software

In 2030, AI will likely contribute around $15.7 trillion to the global economy. Organizations that invest significantly in AI and leverage practices that accelerate and scale AI development have been shown to gain the highest ROI from AI ...

AI-powered identity verification: what businesses need to know in 2023

AI-powered identity verification Even if you don’t want to admit it, doing business online in today’s environment poses a greater risk. Criminals are constantly on the lookout for vulnerabilities to exploit, including hacking, data breaches, ...

Ditching the Third Party: Enabling Privacy and Personalization with AI-ready Data

Enabling Privacy and Personalization Most businesses today rely on data collected online to better understand their customers and deliver more personalized products, services and experiences. These insights can be transformative for an organization, especially when ...

The Future of Enrollment Systems: Predictive Analytics and Artificial Intelligence

The Future of Enrollment Systems Enrollment systems play a crucial role in various industries, from higher education institutions to online courses and professional certifications. These systems streamline the enrollment process, manage student data, and contribute ...