Internet of Things (IoT) products are this year’s coolest Christmas presents. For unsuspecting people - who don’t pay much attention to the privacy concerns involved - purchasing an Amazon Echo, a Google Home, or an Apple HomePod, may seem like an easy way to please.
For the excited (and uninformed) recipient, the offering will no doubt seem a grand reason to rejoice. However, what family and friends may not realize when they hand over their present, is that they are inadvertently setting their loved one up for a fall.
These kinds of smart speaker devices have radically dropped in price just in time for the holiday season. When it was first released back in June of 2014, the Echo was US$179.99. By the time the second generation was released in October, that price had been slashed to just $99.99.
Now, just a few months later, Christmas shoppers can grab one of the prized possessions for just $30 for an Echo Dot or $80 for a full-size Amazon Echo. That's pretty darn cheap!
Unfortunately, it isn’t good to have a smart speaker with a microphone hanging about in your house. In fact, there's plenty of evidence to prove that these connected devices - which listen all of the time - are performing corporate surveillance on their owners. That means that the $80 you spend buying an Amazon Echo (or any other smart speaker) is nothing short of a guarantee that privacy within the receiver’s home is going to be completely sacrificed.
The same goes for Samsung TVs with passive listening, or IoT smart fridges that send data about their owners back to a central database. These products are creating databases about their owners, which companies then harvest for data about them. In fact, data is so valuable that it is now considered an asset, or even a form of currency.
People’s data tells a detailed story. Advertisers can convert this into a revenue stream, targeting device owners' IP addresses. Targeted adverts are just the beginning. The information that passive listening devices gather could, in theory, pick up on health problems, social traits, race, and even sexual preferences. These are private details that could, in theory, be used when making decisions about lending money or deciding insurance rates.
This may seem unlikely at first glance, yet evidence is stacking up to prove that this is the case. A Privacy International study of the 'fintech' industry recently revealed that financial institutions are using big data to make ever more sensitive decisions. Privacy International Research Officer and report author Dr Tom Fisher said:
“Technology is bringing an unprecedented level of change to financial services. But it seems the privacy implications of these changes have not been acknowledged by industry, funders, governments, or regulators. The fintech sector is using vast sources of our personal information to create our financial identity – data from our spending, our social networks, our phones. The sector must begin to recognise the risks and harms are emerging from its work, particularly in parts of the world with limited or non-existent data protection legislation. We need governments and regulators to ensure that advancements in fintech do not violate privacy.”
Sadly, it is not just countries like India and Kenya (which are among the places where the study found evidence of abuse) that are using private data against their citizens. The problem is also growing in the West. If left unchecked, data harvested by corporations such as Google, Amazon, and Internet Service Providers (ISPs), will begin to make its way into the hands of firms that make sensitive fiscal decisions about people’s lives.
Hackers and Alphabet Agencies
When you buy a connected device that can listen in on your home, remember that it's not just corporations that might end up listening in. IoT devices are prone to being hacked, which means that third parties such as cybercriminals can end up listening in on them. This fear came home to roost in August, when a security researcher revealed that hackers can install malware onto an Amazon Echo to turn it into a wiretap.
Just as frightening, Wikileaks published evidence in April that the CIA had been using an exploit called Weeping Angel to hack into Samsung TVs and listen to users in their homes. This makes it likely that the intelligence agencies are also listening in on other devices with microphones. Don’t forget that tech firms have been found to be working hand in hand with government agencies on numerous occasions.
Don't Buy Them!
By now, you should be beginning to understand why devices that listen are terrible for privacy. If you're still skeptical, however, this case from March should help to bring it home. On that occasion, prosecutors pressed Amazon to hand over the files created by an Amazon Echo. They believed it may have witnessed a murder: yes, the devices really can listen in at all times!
The sad thing about these particular devices is that although they seem “cool,” they don’t really bring the kind of advantages necessary to make them worthwhile. Being able to ask any smart speaker the weather, or a recipe, simply by talking to it, may seem futuristic. The reality, however, is that you are probably going to get more useful information searching Google on a tablet or smartphone.
Having said that, Google is well known for collecting hugely invasive datasets about its users. As such, a better idea would be to stay away from Google and stick to a privacy-friendly search engine like StartPage. That way you know you're getting the information you desire without feeding data to the snoops.
No matter what you decide to do, please consider digital privacy carefully this holiday season before rushing out to buy the latest IoT products. We've survived until now without these invasive beasts, so, unless it seems absolutely necessary, think twice about pushing them onto your loved ones.
Opinions are the writer's own.
Title image credit: Peppinuzzo/Shutterstock.com
Image credits: Zapp2Photo/Shutterstock.com, ruskpp/Shutterstock.com