08 February 2017

Why #AlwaysOn #HomeAutomation Needs an [OFF] Button: #IoT #Wiretapping #PrivacyPolicies #DataMining #DoNotTrack #Supercookies

As commercial entities rush to Internet-enable everything (can the smartflush toilet be far away?) consumers should hit the [PAUSE] button and examine the cost of all this "convenience". One should always remember that technology often outpaces legality (and unfortunately, ethics); if something can be achieved with technology, it likely will be, with or without license.

When the Internet first became the domain of commerce, online shopping early adopters were the first to test the waters and bear a share of the cost. As more and more people --- across various socio-economic strata --- went online, businesses realized that potential consumers could be drawn in by offering something for "free." There is no such thing as a free lunch; the exchange always consists of the consumer giving over some detail/s in order to obtain said freebie. Sometimes it's merely a name and address, but increasingly it's become a request for more and more extensive demographic information. (Fill out this survey, get a free pack of gum. Oh, did we forget to mention the gum is extra sticky and will track you for the rest of your life?)

Once businesses realized that consumers were willing to trade all sorts of data in exchange for a perceived "freebie," commercial exploitation of the Internet commenced in full measure. The Age of Freemium Enterprise was born. A entire global enterprise ecosystem has sprung up based upon the repackaging and selling of you (your data). Some of the biggest Internet tech companies make most of their money from advertising and advertising is lucrative for these companies because they take the Freemium Model to extremes: Offer a consumer a free service, get reams of personal information in return; tack on another free service, get more data; rinse and repeat. And because they realize that the average user is either too lazy or too ill-informed to bother to "unjoin" something included at signup, these companies use opt-in as the default --- you have to take action to opt-out --- automatically gaining access to tons of data, often from unwitting consumers.

The Freemium Model soon evolved into the Convenience Factor Model: Consumers were willing to pay for a service or gadget with perceived convenience for everyday life tasks and still give access to their data in return. (Yes, we literally buy into being spied upon with the advent of smart devices.) And the big boys took notice. Companies like Google, Apple, Facebook and Amazon have expanded into the home automation market because it's a most hallowed step, an open doorway into your most private space, granting access to information that previously might have been off limits. All via a consumer invitation to come on in.

Companies can now get real-time stats on your security setup (smart doorbells and smart cameras), your energy consumption (smart thermostats and smart meters), your entertainment choices (smart TVs, radios and gaming systems), your food consumption (smart refrigerators and smart crock pots) and even your linguistic patterns, random ruminations, shopping habits, and personal preferences (smart hubs or smart assistants) and much more --- all attached to location data and to a person or household. (There's a reason you're encouraged to sign-in with your often long-standing personal account to use all these new home automation tools and services offered by the behemoth tech firms.) Consumers are being quantified at every level and on every front.

Previously, much of this data could be intimated by tracking web search and online browsing habits, but it was an incomplete picture. IoT devices deployed in the home are allowing businesses to fill in those data gaps --- currently with little to no oversight as the arena is so new. For advertising and consumer sales dependent businesses, this is much better than the ill-advised supercookie Verizon used. (I'm paying you for what?) Better than stating "websites are not required to adhere to a Do Not Track request." Not only are many of these smart devices designed to be "Always On" but consumers are being sold on the idea that this is for the sake of our convenience, for our benefit, to help make our lives easier. Yes, it's a great boon for advertisers, vendors, and the data miners who feed them.

Think about it. Not only is an "Always On" smart device with an omnidirectional microphone and/or camera essentially an unhidden wiretap or voyeuristic eavesdropping box that can potentially record everything, but we're being told to think it's merely a cute toy or a dead helpful essential gadget. The convenience of getting on demand answers and actions, is supposed to blind us to the IoT connected home trade off. Namely, that "All Your Base Are Belong to Us." I would caution anyone to be aware to what data you are granting access when using any so-called smart device. (I've touched on this subject before, but the IoT consumer market is so new that the learning curve is still expanding.)

This can be difficult because some companies do not disclose how their device/s tracks your information or the disclosure is limited or buried in reams of other jargon. (Vizio is currently all over the news for surreptitiously tracking the viewing habits of its Smart TV users for years and selling the data, all without consumer consent. Samsung pulled a similar stunt several years ago with its early Smart TVs and so did LG to mention but a few cases.) Recall what I said earlier about technology often outpacing legality and ethics? It is apparently too tempting for a commercial entity to gain near unfettered access to you in the intimate setting of your home and not go overboard. Any web camera or Internet-connected Mic not only presents a potential security risk from hackers but also from the very purveyors of the devices. You would do well to never trust any device that is programmed to automatically phone home.

I'm not telling you to abstain. (Though certainly that is a choice, the ultimate opt-out. While it may keep you relatively safe at home, the outside world is now rife with Internet-connected devices. Cameras and microphones are everywhere in the public sphere. Short of moving to Mars, it helps to have an auxiliary plan.) I'm not saying these devices have no use. We all like convenience and the idea of tasks being accomplished for us effortlessly. I'm a techie, a tech geek and an engineer. I love my tech toys, too. I'm simply saying be aware, be educated, be proactive, especially when allowing any device with its own brain into your castle. (I'm an AI advocate, not a patsy.) As a consumer, the responsibility assuredly rests upon the individual to safeguard his own information. Do not count on a "business that depends on access to as much of your data as possible in order to insure its bottom line" being altruistic. Do not count on human decency. Better safe, than sorry.

You are the commodity. Realize this and act accordingly. Always check privacy policies and disclosures about how your information is collected and used (and if this isn't stated upfront contact the vendor), check the vendor reputation, keep abreast of the industry news and legislation that governs how companies can use your data (become active in lobbying for government regulations & consumer protections, if necessary), check device/s settings and controls (whether you're allowed to opt-out or limit data collection, turn off or limit device Internet access without affecting functionality), consider setting up a separate user account only for your device distinct from your personal account/s (I often do this) and if all else fails to stem the flow of your information remember to use the [OFF] button or simply unplug the thing when not in use.

Know that if a vendor, any vendor, tells you that having an "Always On" device in your home is not an invasion of your privacy, this vendor is full of it. It may not automatically be a nefarious intrusion, but it is still a third-party potentially gleaning access to things where previously the expectation of privacy was the default. Consumers should pause and come to terms with this before rushing head first into the coming dawn of data siphoning and purchasing the shop vac for it.

NOTE: I know that the popular refrain used by many folks whenever someone sounds an alarm regarding the potential for third-party observation in certain areas (police cameras in the streets, for instance) is "Doesn't bother me, I have nothing to hide" as if anyone concerned with personal privacy must be wanted by the law and on the lam. Instead, my concern is for the potential for misuse. Once your data is out there it's rather difficult to call it back, therefore any safeguard must occur prior. If you trust a third party with your data and later find out a fourth party hacked it, you may not have anything to hide per say, but you might still find yourself taken advantage of. But by all means, feel free to remain cavalier in your attitudes, it's what keeps unscrupulous businesses, identity thieves and other unsavory characters in the green. Just saying.

No comments:

Post a Comment