Tagprivacy

“The world doesn’t know where it wants to go”

&

Image: Compass by Valentin Antonucci (Unsplash) Image: Compass by Valentin Antonucci (Unsplash)

One of the joys of my working at the intersection of emerging tech and its impact is that I get to discuss things that are by definition cutting edge with people from entirely different backgrounds—like recently with my dad. He’s 77 years old and has a background in business, not tech.

We chatted about IoT, and voice-enabled connected devices, and the tradeoffs they bring between convenience and privacy. How significant chunks of the internet of things are optimized for costs at the expense of privacy and security. How IoT is, by and large, a network of black boxes.

When I tried to explain why I think we need a trustmark for IoT (which I’m building with ThingsCon and as a Mozilla fellow)—especially regarding voice-enabled IoT—he listened intently, thought about it for a moment, and then said:

“We’re at a point in time where the world doesn’t know where it wants to go.”

And somehow that exactly sums it up, ever so much more eloquently than I could have phrased it.

Only I’m thinking: Even though I can’t tell where the world should be going, I think I know where to plant our first step—and that is, towards a more transparent and trustworthy IoT. I hope the trustmark can be our compass.

Toolkits for designers & developers around ethics, privacy & security

T

At SimplySecure’s excellent Underexposed conference we discussed the importance of making it easier for those involved in making connected products and services to make safe, secure, and privacy-conscious products. After all, they might be experts, but necessarily security experts, for example. So, toolkit time!

I asked participants in the room as well as publicly on Twitter which toolkits and resources are worth knowing. This is what this looked like in the room:

“Which toolkits should we all know? Ethics, privacy, security”

Here’s the tweet that went with it:

So what are the toolkit recommendations? Given the privacy-sensitive nature of the event, I’m linking to the source only where people send the recommendations on public Twitter. Also, please note I’m including them without much background, and unchecked. So here goes:

This list can by no means claim to be complete, but hopefully it will still be useful to some of you.

Speaking about responsible IoT & user rights

S

Happy to announce that I’ll be speaking at not one, but two excellent conferences this fall about a topic I care deeply about: A responsible IoT and users’ rights. In other words, how we can make sure the Internet of Things works for everyone?

Das ist Netzpolitik!
On 1 September 2017 I’ll be speaking at Netzpolitik‘s annual conference Das ist Netzpolitik! (program), in German, about tensions inherent in the power dynamics of IoT as well as the regulatory environment: Das Internet der Dinge: Rechte, Regulierung und Spannungsfelder.

Underexposed
On 9 November 2017, also in Berlin, I’ll be at SimplySecure‘s conference Underexposed (program). My talk there is called The Internet of Sneaky Things. I’ll be exploring how IoT security, funding and business models, centralization and data mining, and some larger challenges around the language we use to consider the impact of data-driven systems combined all form a substantial challenge for all things related to IoT. But it’s not all bleak. There are measures we can—and through ThingsCon, we do—take.

I’m very much looking forward to both events, and to chatting with the other participants there. These are some great communities. If you’re there, please don’t be shy, so come and say hi!

Are we the last generation who experienced privacy as a default?

A


Attack of the VR headsets! Admittedly, this photo has little to do with the topic of this blog post. But I liked it, so there you go.

The internet, it seems, has turned against us. Once a utopian vision of free and plentiful information and knowledge for all to read. Of human connection. Instead, it has turned into a beast that reads us. Instead of human connection, all too often we are force-connected to things.

This began in the purely digital realm. It’s long since started to expand into the physical world, through all types of connected products and services who track us—notionally—for our own good. Our convenience. Our personalized service. On a bad day I’m tempted to say we’ve all allowed to be turned into things as part of the the internet of things.

///

I was born in 1980. Just on the line that marks the outer limit of millenial. Am I part of that demographic? I can’t tell. It doesn’t matter. What matters is this:

Those of us born around that time might be the last generation that grew up who experienced privacy as a default.

///

When I grew up there was no reason to expect surveillance. Instead there was plenty of personal space: Near-total privacy, except for neighbors looking out of their windows. Also, the other side of that coin, near total boredom—certainly disconnection.

(Edit: This reflects growing up in the West, specifically in Germany, in the early 1980s—it’s not a shared universal experience, as Peter Rukavina rightfully points out in the comments. Thanks Peter!)

All of this within reason: It was a small town, the time was pre-internet, or at least pre-internet access for us. Nothing momentous had happened in that small town in decades if not centuries. There it was possible to have a reasonably good childhood: Healthy and reasonably wealthy, certainly by global standards. What in hindsight feels like endless summers. Nostalgia past, of course. It could be quite boring. Most of my friends lived a few towns away. The local library was tiny. The movie theater was a general-purpose event location that showed two movies per week, on Monday evenings. First one for children, than one for teenagers and adults. The old man who ticketed us also made popcorn, sometimes. I’m sure he also ran the projector.

Access to new information was slow, dripping. A magazine here and there. A copied VHS or audio tape. A CD purchased during next week’s trip to the city, if there was time to browse the shelves. The internet was becoming a thing, I kept reading about it. But until 1997, access was impossible for me. Somehow we didn’t get the dialup to work just right.

What worked was dialing into two local BBS systems. You could chat with one other person on one, with three in the other. FIDO net made it possible to have some discussions online, albeit ever so slowly.

///

When I grew up there was no expectation of surveillance. Ads weren’t targeted. They weren’t even online, but on TV and newspapers. They were there for you to read, every so often. Both were boring. But neither TVs nor newspapers tried to read you back.

///

A few years ago I visited Milford Sound. It’s a fjord on the southern end of New Zealand. It’s spectacular. It’s gorgeous. It rains almost year round.

If I remember a little info display at Milford Sound correctly, the man who first started settling there was a true loner. He didn’t mind living there by himself for decades. Nor, it seems, when the woman who was to become his wife joined. It’s not entirely clear how he liked that visitors started showing up.

Today it’s a grade A tourist destination, if not exactly for mass tourism. It looks and feels like the end of the world. In some ways, it is.

As we sought shelter from the pouring rain in the boat terminal’s cafeteria, our phones had no signal. Even there, though, you could connect to the internet.


Connectivity in Milford Sound comes at a steep price

Internet access in Milford Sound is expensive enough that it might just suffice to stay offline for a bit. It worked for us. But even there, though they might be disconnected, the temps who work there during tourist season probably don’t get real privacy. On a work & travel visa, you’re likely to live in a dorm situation.

///

The internet has started to track every move we make online. I’m not even talking about governance or criminal surveillance. Called ad tech, online advertisements that track your every move notice more about you than you about them. These are commercial trackers. On speed. They aren’t restricted to one website, either. If you’ve ever searched for a product online you’ll have noticed that it keeps following you around. Even the best ad blockers don’t guarantee protection.

Some companies have been called out because they use cookies that track your behavior that can’t be deleted. That’s right, they track you even if you explicitly try to delete them. Have you given your consent? Legally, probably—it’s certainly hidden somewhere in your mobile ISP’s terms of service. But really, of course you haven’t agreed. Nobody in their right mind would.

///

Today we’re on the brink of taking this to the the next level with connected devices. It started with smartphones. Depending on your mobile ISP, your phone might report back your location and they might sell your movement data to paying clients right now. Anonymized? Probably, a little. But these protections never really work.

Let’s not but let’s be very deliberate about our next steps. The internet has brought tremendous good first, and then opened the door to tracking and surveillance abuse. IoT might go straight for the jugular without the benefits – if we make it so. If we allow to let that happen.

///

The internet, it seems, has turned against us. But maybe it’s not too late just yet. Maybe we can turn the internet around, especially the internet of things. And make it work for all of us again. The key is to reign in tracking and surveillance. Let’s start with ad tech.

Connected doll Cayla, connected TVs & the legal status of IoT in Germany

C

Over the last few weeks there’s been a lot of discussion around the security of connected toys. One case stood out not just because of insufficient security practices but also because in Germany it was declared illegal by Bundesnetzagentur (BNetzA, Germany’s Federal Network Agency).

BNetzA referred to §90 of the telecommunications law which states, among other things, that surveillance equipment is mostly illegal and that everyday appliances may not be equipped for surveillance (i.e. no audio/video recording “disguised” as everyday devices that purportedly serve a different purpose). Cayla, so BNetzA’s argument (English version) roughly, is a spy tool disguised as a toy; what’s worse, the kids using it have no chance of knowing what’s going on, and neither do the parents:

The Bundesnetzagentur has taken action against unauthorised wireless transmitting equipment in a children’s toy and has already removed products from the market.

“Items that conceal cameras or microphones and that are capable of transmitting a signal, and therefore can transmit data without detection, compromise people’s privacy. This applies in particular to children’s toys. The Cayla doll has been banned in Germany,” says Jochen Homann, Bundesnetzagentur President. “This is also to protect the most vulnerable in our society.”

Concealed surveillance device Any toy that is capable of transmitting signals and that can be used to record images or sound without detection is banned in Germany. The first toys of this type have already been taken off the German market at the instigation of the Bundesnetzagentur and in cooperation with distributors.

There is a particular danger in toys being used as surveillance devices: Anything the child says or other people’s conversations can be recorded and transmitted without the parents’ knowledge. A company could also use the toy to advertise directly to the child or the parents. Moreover, if the manufacturer has not adequately protected the wireless connection (such as Bluetooth), the toy can be used by anyone in the vicinity to listen in on conversations undetected.

Further products to be inspected The Bundesnetzagentur is to inspect other interactive toys and, if necessary, will take further action. In this respect the requirements of section 90 of the German Telecommunications Act must be met: Objects must, by their form, purport to be another object or are disguised as an object of daily use and, due to such circumstances or due to their operation, are particularly suitable for intercepting the non-publicly spoken words of another person without his detection or for taking pictures of another person without his detection. This also applies to customised devices.

Ever since reading the bit about concealed surveillance in objects of daily use I’ve been wondering about where to draw the line. Smart fridges? Connected TVs? Game consoles? Smart home hubs?

I decided to send an inquiry to BNetzA’s press office and picked two: Connected TVs (because they are disguised as an object of daily use) & smart home hubs (because they are particularly suitable for intercepting the non-publicly spoken words).

They replied promptly and were very helpful. Here’s what they said (Original German reply below):

Regarding the devices you named, the crucial point is the question if they are suitable for recording non-public conversations unnoticed or for recording images of a person unnoticed.

In other words: Is it clear to everyone that the device has a microphone or a camera? According to the current interpretation of §90 of the telecommunications law this is the case, for example, for cell phones and baby phones.

For devices that are controlled by voice or gestures we haven’t come to a final assessment yet.

So that’s pretty interesting and shows just how much we’re in a transition period we are with this. One one hand it’s a matter of reasonable consumer expectations: Would a regular consumer reasonably know what they’re buying? The other is a question of interfaces: If this is how a thing is controlled, is it then an obvious (or obvious enough) part of using the device to make it ok?

Ame on UX   security for iot   thingsconAMS
Ame Elliott making the case for UX & IoT Security at ThingsCon Amsterdam. (Watch her presentation.)

For designers and makers of connected devices that include a microphone or camera, this is tricky terrain. For a while, expect some level of uncertainty. This is something to keep an eye on. In the meantime, obviously make sure to maintain good security practices. No matter what the legal ruling on this larger question ends up being, if your device isn’t secure you got much bigger problems to begin with.

///

Here’s the original reply from Bundesnetzagentur’s media relations office in German:

“Hinsichtlich der von Ihnen genannten Geräte ist ein entscheidender Punkt die Frage, ob sie dazu geeignet sind, das nicht öffentlich gesprochene Wort eines anderen von diesem unbemerkt abzuhören oder das Bild eines anderen von diesem unbemerkt aufzunehmen.

Andersherum gefragt: Ist sich Jeder darüber im Klaren, dass das Gerät über ein Mikrofon verfügt oder eine Kamera eingebaut ist? Nach der Gesetzesbegründung zu § 90 Telekommunikationsgesetz ist das zum Beispiel gegeben bei Mobiltelefonen und bei Babyphones.

Dies ist von der Bundesnetzagentur hinsichtlich Geräten, die mit Sprache oder gar Bewegungen gesteuert werden, noch nicht abschließend bewertet.”

Kansas City & questions for the smart city

K

In her excellent IoT newsletter (subscribe here), Stacey Higginbotham of Stacey On IoT discusses privacy and the smart city. It’s a great, quick read in which Stacey takes Kansas City’s smart city plans and discusses them with KC’s Chief Innovation Officer Bob Bennett.

Since it touches on a quite a few of the core themes we touched on in our recent smart city policy recommendations for the German government, allow me to pull a few quotes from that newsletter:

(more…)