Have you ever had the uneasy feeling that someone is monitoring you? When you turn around, there’s nothing unusual about what you see. However, depending on where you were, you might not have been fully hallucinating. Every day, billions of objects are detecting you. They’re hiding in plain sight in your television, refrigerator, vehicle, and office. These objects know a lot more about you than you would think, and many of them share that information with the rest of the world via the internet.
Back in 2007, it would have been hard to imagine the revolution of useful apps and services that smartphones ushered in. But they came with a cost in terms of intrusiveness and loss of privacy. As computer scientists who study data management and privacy, we find that with internet connectivity extended to devices in homes, offices, and cities, privacy is in more danger than ever.
Internet of Things
Your appliances, car, and home are all designed to make your life easier by automating tasks you do on a daily basis, such as turning lights on and off when you enter and exit a room, reminding you when your tomatoes are about to go bad, and customizing the temperature of the house based on the weather and the preferences of each family member.
They require the internet to seek out support and correlate data in order to work their magic. Your smart thermostat can gather data about you without internet connectivity, but it has no idea what the weather prediction is, and it isn’t strong enough to analyze all of the data to decide what to do.
But it’s not just the things in your home that are communicating over the internet. Workplaces, malls, and cities are also becoming smarter, and the smart devices in those places have similar requirements. In fact, the Internet of Things (IoT) is already widely used in transport and logistics, agriculture and farming, and industrial automation. There were around 22 billion internet-connected devices in use around the world in 2018, and the number is projected to grow to over 50 billion by 2030.
What information these things have about you
Smart devices collect a wide range of data about their users. Smart security cameras and smart assistants are, in the end, cameras and microphones in your home that collect video and audio information about your presence and activities. On the less obvious end of the spectrum, things like smart TVs use cameras and microphones to spy on users, smart lightbulbs track your sleep and heart rate, and smart vacuum cleaners recognize objects in your home and map every inch of it.
Surveillance is sometimes promoted as a feature. Some Wi-Fi routers, for example, can gather information on users’ whereabouts in the house and even work with other smart gadgets to detect motion.
Only automated decision-making systems, not humans, will have access to your data, according to manufacturers. This isn’t always the case, though. Amazon employees, for example, listen to Alexa talks, transcribe and comment them, and then input them into automated decision-making systems.
But even limiting access to personal data to automated decision making systems can have unwanted consequences. Any private data that is shared over the internet could be vulnerable to hackers anywhere in the world, and few consumer internet-connected devices are very secure.
Recognize your weak points.
Users can switch off some devices, such as smart speakers or webcams, for privacy reasons. Disconnecting the gadgets from the internet, even if this is a possibility, might drastically reduce their utility. You also don’t have that option whether you’re at a workplace, a mall, or a smart city, so even if you don’t possess a smart device, you might be susceptible.
Therefore, as a user, it is important to make an informed decision by understanding the trade-offs between privacy and comfort when buying, installing, and using an internet-connected device. This is not always easy. Studies have shown that, for example, owners of smart home personal assistants have an incomplete understanding of what data the devices collect, where the data is stored, and who can access it.
Governments all over the world have introduced laws to protect the privacy and give people more control over their data. Some examples are the European General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Thanks to this, for instance, you can submit a Data Subject Access Request (DSAR) to the organization that collects your data from an internet-connected device. The organizations are required to respond to requests within those jurisdictions within a month explaining what data is collected, how it is used within the organization, and whether it is shared with any third parties.
Limit the threat to your privacy.
Regulations are a vital first step, but enforcing them will take some time to catch up with the growing number of internet-connected gadgets. Meanwhile, there are things you can do to make use of some of the advantages of being connected to the internet without disclosing an excessive quantity of personal information.
If you have a smart device, there are actions you can do to safeguard it and reduce the dangers to your privacy. The Federal Trade Commission has some advice on how to keep your internet-connected gadgets safe. Regularly upgrading the gadget’s software and going through its settings and deactivating any data collecting that isn’t connected to what you want the device to accomplish are two important actions to take. Consumers may utilize the Online Trust Alliance’s extra guidelines and checklist to verify that their internet-connected gadgets are safe and private.
If you’re on the fence about buying an internet-connected gadget, check out independent sites like Mozilla’s Privacy Not Included to see what data it collects and what the manufacturer’s data management practices are. You may choose a version of the smart gadget you desire from a company that values its users’ privacy by utilizing this information.
This article is republished from The Conversation, a nonprofit news site dedicated to sharing ideas from academic experts. It was written by: Roberto Yus, University of Maryland, Baltimore County and Primal Pappachan, Penn State.