Regulators are way behind the game when it comes to wearable and IoT privacy, and users are willingly conspiring with companies that don't care about them to help create a society of “uber-veillance”.
That's the grim conclusion reached by Australian Privacy Foundation (APF) board member and University of Wollongong researcher Katina Michael in conversation with The Register.
In light of the US Federal Trade Commission's warning at CES that it's watching the Internet of Things closely, Vulture South wondered how things might stand in Australia and asked Michael for her views on the topic.
One of the things that makes it hard for a regulator to formulate privacy rules covering things like RunKeeper, Fitbits and the like is that so much of the privacy invasion seems almost voluntary. Users take the defaults of the product-plus-service, create a social media stream informing the world of everything from their sleep patterns to the distances and even places they walk, run, cycle – with too little understanding of just how much about them can be inferred from the data.
“We know about peoples' measurements – sleeping, health, where they are, who they're with, engaged in sex, walking, running, speeding, burning calories”, Michael told Vulture South.
“How long does it take until we're constantly being monitored and tracked, and people are predicting our next action?”
She noted that individuals don't realise how much trackers, and the companies that sell them, know about us, how companies use that information, nor how their policies let them on-sell that information.”
She added that it's no longer a fiction that the services behind wearables and IoT devices could know more about us – at least in specific areas – than we know ourselves.
To Vulture South's scepticism, Michael answered “I'm busy: I can't count the number of steps, because I'm too busy walking. I can't count the calories I burn at the gym, or tell you the speed I walked, the distance I covered or the time I spent on a particular activity.
“Spatio-temporal models know these things and can make inferences about what you're doing,” she explained.
Michael reminded Vulture South that these models have been under development for decades. “I worked in a telecoms vendor for six years. We had voice and data traffic models; we were fairly accurate, we knew where traffic was coming from, where it was going to.”
The advent of mobile telephony expanded both the data and the inference that could be drawn from it dramatically, she said, so that by 1997-1998, she was able to find very good details that associated the individual to his or her behaviour.
Since then, the data sources contained in just one device, the smartphone, have exploded: “Not only can we collect the personal data from the sensors – the GPS, the accelerometer, the altimeter, the temperature sensor, and make the speed/distance/time calculation,” she said, but it's now trivial to plot that against data amassed by Google's StreetView or national address files (the GNAF in Australia).
“I not only know your X and Y coordinate, I know the building name, what floor you visited,” she said, and since people are creatures of habit, the inferences that can be drawn from phone data alone are invasive and revealing.
Add data from wearables and implantables, add consumer confusion about who owns the data (you don't, for example, own the data generated by “your” pacemaker, she said), and combine it with vague and liquid company privacy policies and user enthusiasm for self-publishing their “quantified self” data, and the emerging situation “blows the National Privacy Principles out of the water,” Michael said.
“For example, you can easily bucket someone into categories – social sorting – 'I won't hire them because they're lazy, or they're not eligible for credit, or I won't insure them, or hike up the premium'.
(For example, El Reg had its attention separately drawn to the AAMI “Safe Driver” app, which offers the inducement of rewards for the user to link back to the company. It's a short distance from carrot to stick.)
“How long is it going to take before this data is used to make decisions that the person is not aware of?”, she continued, citing the possibility that a future user doesn't realise they're being charged a different insurance premium “because of the data you put online from the Fitbit?”
Wearables, she said, are not so far in capability from state surveillance anklets (for example, that are used to monitor persons subject to control orders). “We're being duped into thinking they're liberating devices, when they're devices of enslavement,” she said. “And consumers aren't saying 'uh-oh, there's a problem here'. They're saying 'bring it on!'”
We're creating a world not of surveillance – that's already here – but of “uber-veillance” where the combination of data and analysis “gets inside your head” and increasingly predicts actions.
Michael says it's also easy to imagine that non-participation – a decision to keep some data private – could draw a punitive response from the corporate world.
Today, she said, people pay attention to the idea that their “things” might be hacked, that their phones might be vulnerable.
In the future, she said, “you won't be able to hide: you will get hit with fees for not disclosing.”
Penalties for non-disclosure of metrics will, at least, offer one opportunity for regulators to act, and such opportunities will be few.
Another spot where regulators could apply a wedge is in how devices and their associated apps treat privacy at purchase.
“They shouldn't be automatic opt-in,” she said. Individuals might find it inconvenient in the short term, but instead of hiding poison pills on page nineteen of a document nobody reads, users should have to go through dialogues, understanding and okaying each of the invasions the wearable's maker hopes to achieve.
“We get the devices, they have inherent policies built in and we're not told what could happen. The location information doesn't have to come built in and already enabled,” she said – it's just that's the preference of the vendor.
Orwell's vision is already obsolete, she said, usurped by Google and a world that has you tagged. Until privacy watchdogs awake from their slumber, it's only users who can resist the cargo-cult tradeoff of their secrets for a shiny toy. ®