The major aim of most consumer technologies on this list is to make our lives simpler in many ways. They save our time and deal with the tasks we’d rather not have to. At best, this improves our quality of life by allowing us to spend more time doing what we really want.
Still, the potential drawbacks and risks are too often dismissed and ignored, likely due to sheer excitement these novelties generate. But when the hype draws down, the issues become all the more glaring. Among those are often overlooked privacy issues, which we expect to become even more important as time goes on. We are, after all, sharing huge amounts of data with various services and inter-connected devices, and there are no signs of this trend reversing any time soon. These services will also affect companies, especially smaller ones, who could find their data compromised in ways they haven’t predicted.
Without further ado, let’s explore the potential privacy impacts and disconcerting scenarios of these five new exciting technologies:
1. Unmanned Vehicles
Some eagerly await the advent of self-driving cars. Others pray it doesn’t happen.
Self-driving vehicles are all the rage these days. Aptly coinciding with the development of electric cars, unmanned vehicles are seen as a boon for all safe and responsible driving advocates. Properly made, a self-driving car is the example of an exemplary driver: the computer doesn’t drink, it doesn’t check messages on their phone, and it’s never sleepy. These factors contribute to most fatal accidents, and humans are prone to these glaring errors in judgement. In fact, proponents would argue that humans are in fact lousy drivers compared to proper artificial intelligence.
However aside from moral dilemmas concerning physical safety that the cars may experience while driving (should they protect the driver at all costs?), there are certain privacy issues that should concern aspiring passengers as well.
Where to? No Need to Tell Me…
The most obvious impact is simple: the car knows where you’re going, it knows where you are, and it knows where you’ve been. It has to – it’s the driver, after all. This is very practical, in a way: say you sit in the car each workday at 7 a.m. – the car can determine you’re going to work and drive you there without you having to fiddle with the controls and input your address each time. Now, aside from the obvious risks of getting your data stolen by thieves who’ll know you’re not home, it gets more insidious than that.
Say the company you’ve bought the car from uses Google navigation. What if you want to get to a café or a restaurant – you’d like the car to suggest something without your constant intervention. A car can do that, but it could drive you to sponsored places instead. Also, most cars can recognise when a child passenger is in the car – if this data is sold, as it is usually, the marketers could suggest the driver stop for some ice-cream, for example.
Company cars could get compromised, in a way. Google might easily understand who your new business partner could be, based on where you drove the car to. Or perhaps, such cars should not even be used for certain sensitive tasks as the act of driving alone could be in breach of an NDA.
The sheer amount of information these cars will gather about you or your employees is incredible. Driving habits, Favourite places, the amount you drive and when you do so, who you drive with, etc. can all be gleaned from the information. It is very improbable that such low-hanging fruit will go unpicked.
You also run the risk of government eavesdropping and surveillance. Malicious attackers could remotely disable your vehicle altogether.
Shady Practices
The major automakers, along with Google and Lyft, avoided answering the question of how the drivers’ data will be used. Adding insult to injury, no one could rule out the use of such data for purposes other than driving (read: marketing). It’s not exactly clear how the opt-ins and opt-outs to use this data would look like. Perhaps the purchase of the vehicle itself could be interpreted as acceptance of their rights to sell and use your data.
In any case, while the future for self-driving cars looks promising, the privacy implications are very disturbing, especially considering the attitudes of the major players in the field. Still, the technology is in its infancy and by then we might see an amendment to the privacy laws that will put the interests of the common man in the spotlight.
2. Biometrics
Your identity – literally at your fingertips.
The key issue with biometric data is that it concerns the individual themselves. Unlike passwords, which are sensitive information, but do not usually contain any information about the person, biometric data is inherently risky and very particular.
Information such as race, age, sex, even certain illnesses, can be recovered from biometric data, if it is used for purposes not originally meant for. Advanced biometrics could even recover the person’s behavioural and emotional characteristics.
That is why regulation of this most private and most sensitive data should be extremely tight. The new European privacy legislation, the General Data Protection Regulation (GDPR), recognises this. In the GDPR, biometric data is categorised as a special category of personal data, whose processing requires explicit and conditional consent of the individual. Individual Member States can further limit the scope of processing for such data.
With more and more companies starting to adopt biometric solutions for identification, and plenty of governments opting for biometric identification documents, the issue of fair and proportional use of biometric technology will become even more important.
Companies should take extra care to secure the biometric data of its employees, both for their employees’ and their own sake.
Fortunately, at least in the EU, the lawmakers have recognised that and afforded special protection to such data with the threat of huge fines for misconduct. It remains to be seen how effective that will be against unscrupulous companies and individuals.
This means you should take extreme care if you process biometric data of your employees, since penalties can be severe.
3. Smart Homes
It’s hoovering up more than you think.
Smart homes aim to make our lives simpler and easier by automating the control of ventilation, heating, lighting, and various other appliances. Together these interconnected devices comprise the ‘internet of things’ that we can manage from a single central hub.
The smart home market is growing and the technology has gotten relatively affordable lately, which even further speeds up its adoption. However, smart home platforms are subject to certain security and privacy vulnerabilities.
Think offices aren’t affected? Think again. Most of these sensors and gadgets are soon to be office mainstays, with much the same potential risks.
A Spy From Within
All these interconnected devices and sensors collect large amounts of information about the place they are installed in. These devices come to understand our behavioural patterns and the way we use our devices. They can know whether we’re at home or not. Hackers can easily compromise these systems that often contain vulnerabilities and easily burglarise a home.
A study conducted by HP found out that the average internet of things device had 25 security flaws. Imagine your office fridge being a conduit for corporate espionage! It may sound like it’s straight out of a James Bond film, but the threat is very real.
Additionally, since plenty of the devices connect to the Internet, some of the information can easily be shared with third parties. Smart fridges can learn of your shopping habits. When this data is harvested and sold to health insurers, it can be employed to raise your employees’ health care premiums or car insurance premiums, all under the guise of risk assessment.
As a proof in point we have the recent scandal with iRobot. Along with hoovering, Roombas have been busy mapping homes and offices. Your home or office plans and layouts have subsequently been sold to various marketers and advertisers.
Also, hackers have demonstrated the ability to seamlessly break digital locks and change the PIN with the aid of a computer. It seems that smart homes can be smart, but not in the way you’d like it.
4. Wearables
The sweet escape.
The so-called augmented reality technology is great fun, as demonstrated by the recent prototypes. The most popular examples are Google Glass and Microsoft HoloLens. While their applications are wide-ranging – from healthcare, media to military – the devices have been sharply criticised for their potential privacy threat. What is the uproar all about?
Your Personal Secret Agent
To start with, these devices look and behave like a tiny phone with their screen and camera embedded onto a regular-looking pair of glasses – except the camera is on most of the time. That means you could record people without their knowledge since the device is so inconspicuous, which many consider a huge breach of etiquette. Whatever you see – the Google Glass also sees.
The same principle can be used to obtain others’ passwords. In fact several software solutions have been developed that help the attacker steal the password from shadows created by the victim’s fingers typing and swiping on the screen.
Imagine a potential client walking into your office with a pair of regular-looking glasses. Unbeknownst to you, while you were ‘talking business’, the glasses recorded all they could – and, if you weren’t careful, much more than you wanted to. It’s best to try and get such gadgets away from your office.
In some post-Soviet countries, these gadgets are in fact considered illegal and classified as spy tools, as they allow for inconspicuous recording of video and pictures. Casinos in Las Vegas have also been quick to ban them.
Google eventually pulled the device and reintroduced it again, this time for enterprise users in factories. Other producers, however, are still optimistic about such technology. Apple is reportedly working on AR Glasses, set to be released in 2018. We cannot wait to see the impact of such a launch.
5. Personal Assistants
A good Samaritan – or something more insidious?
Who am I, Alexa? The real answer to that question would probably shock you. Personal assistants can be a fantastic aid to doing your household chores. Out of rice? Just tell it to order some more (and get a discount). Want to check the weather? Don’t bother reaching for the smartphone: just ask away.
While that’s all nice, and saves time, privacy concerns cannot be glossed over. See, the device listens to you all the time. It listens to everything you say – it has to, in order to know when you’re calling it. Technically, it doesn’t record what you say and upload the data until you yell out ‘Alexa’. (Or OK Google, whichever device you own).
Eavesdropping at Its Finest
Who am I, Alexa? The real answer to that question would probably shock you. Personal assistants can be a fantastic aid to doing your chores and tasks. Scheduled a new meeting? Just tell it to free up a 5 pm slot. Want to check the weather? Don’t bother reaching for the smartphone: just ask away.
While that’s all nice, and saves time, privacy concerns cannot be glossed over. See, the device listens to you all the time. It listens to everything you say – it has to, in order to know when you’re calling it. Technically, it doesn’t record what you say and upload the data until you yell out ‘Alexa’. (Or OK Google, whichever device you own).
Eavesdropping at Its Finest
The use of smart assistants has proven controversial in police investigations. Amazon has at one point reluctant to give out the recordings that could help solve a crime. Still, don’t take it as a fierce defence of your privacy rights. They do have the right to sell your data to third parties after all. Your speech is analysed by the servers and then, likely, used to serve targeted ads to your employees.
What if Google gets wind of your confidential business meetings and discussions? There’s always a risk these could get leaked (somewhat likely), if not maliciously used by Google itself (highly unlikely). The risks are small, but very much real.
The technology is secure enough; all messages sent to the servers are encrypted. It’s only a matter of how much you trust Google or Amazon with your data. The ugly truth is that the more information you share, the better the device will behave. It’s up to you to decide how much you value your and your company’s privacy.
