Posted by Jonathon Sanchez
In an article published in the Harvard Law Review in 1890, attorneys Louis Brandeis and Samuel D. Warren astutely foresaw the rising need for privacy. The need for privacy arose from how technological change shapes society – in the 1890s the rise of photographs were particularly concerning to the authors – and, with the current proliferation of social networks such as twitter and Facebook, the author’s prediction that technology enables “what is whispered in the closet shall be proclaimed from the house-tops” rings truer with each new innovation. Currently, the rise of the “Internet of Things” only exacerbates these concerns; the law’s adaptation to protect technological innovation is about the same place it was when the article was published. Consumers do not have the awareness to the consequences of the continual erosion of privacy, but hopefully that is beginning to change.
The “Internet of Things” is a phrase that recognizes the extent of how a surprisingly large array of consumer products now have the ability to collect, retrieve, and send data to someplace on the internet. Everything from our refrigerators, watches, televisions, central heating and cooling systems, will all be connected to the internet. Many appliances of tomorrow will be connected to the internet, controlled by an app, and feed data into the “cloud.” Some applications of the “Internet of Things” will be very beneficial from the mundane (if you forget to turn off your thermostat you can do it from home) to the profound (reducing air pollution) and millions of other possibilities not currently thought up. The future is very real: in the Aaron Hernandez trial, prosecutors used location data retrieved from his cell phone to help indict him, to provide one example. There is even a do-it-yourself tracker to convert traditional products into an “Internet of Things” product.
Additionally to these more invasive uses of the data itself, the devices connected to the internet are surprisingly unsecured. For example, one can search Shodan for every device connected to the internet that has minimal security, generic passwords, or no security at all. As Mashmir Hill from Forbes wrote
“Marc Gilbert got a horrible surprise from a stranger on his 34th birthday in August. After the celebration had died down, the Houston resident heard an unfamiliar voice coming from his daughter’s room; the person was telling his sleeping 2-year-old, “Wake up, you little slut.” When Gilbert rushed in, he discovered the voice was coming from his baby monitor and that whoever had taken control of it was also able to manipulate the camera. Gilbert immediately unplugged the monitor but not before the hacker had a chance to call him a moron”
This story epitomizes the horrors consumers may find themselves in when their device has been accessed by someone they did not intend to have access. Shodan is sort of the Google of these devices: It is an index created of all of the “Internet of Things” a 17 year old created. The average consumer has no idea how important it is to, at minimum, put a password (especially a strong password) on many of these devices. Even the international space station was infected with malware. Every day devices can be hacked by utilizing exploits embedded in the USB – so be careful next time you charge your phone before a flight. Even devices, like irons, that you did not know connected to the internet, have hidden embedded chips that transmit data via your unsecured wifi spot (especially in hotels) that could spread malware onto your devices that connect to the same wifi spot.
Okay, we know that many devices are connected to the internet (some we didn’t even know connect like the malware iron), the security of these devices are a second thought, and data mining can paint horrifyingly accurate pictures of all aspects of our lives. So what do we do about it? First step might be to buy a linux laptop (the ISI switched to linux to help solves its malware issue). Second step will be to use a tracker-free browser such as Epic. Epic is based on the open source software that would later become Safari and Chrome, but without anyone tracking you. You can also sign this ACLU petition. Lastly, you can keep current on the FTC’s current policy proposals (the comment part of the rule-making has closed) and by writing your local politician to put additional political pressure on the FTC to protect our privacy rights. As Louis Brandeis wrote in 1890, the right to privacy also entails the right to be left alone.