The Hidden Surveillance Behind Big Data
Many people understand that signing online or opening an app involves trading some measure of privacy for an experience. As part of their user agreements, apps regularly keep tabs on information like usage and users’ locations. But that kind of surveillance has a nefarious side.
Even if people are comfortable trading some component of their data for free apps or services, they may not always be aware how much they’re actually relinquishing. An investigation by The New York Times in 2018 found that one database gathering users’ data “reveal[ed] people’s travels in startling detail, accurate to within a few years and in some cases updated more than 14,000 times a day.”
For all the benefits that the internet offers, there’s a price tag attached. In a new article published in the Journal of Cyber Policy, John Jay College of Criminal Justice Professors Marie-Helen Maras and Adam Scott Wandt describe it as “a level of surveillance previously only written about in science fiction novels.”
Maras and Wandt examined the privacy implications behind the Internet of Things (IoT), which refers to the many connected devices — smartphones, smart TVs, and wearable devices like Apple Watch — that now “enable the real-time and remote monitoring and massive collection and sharing of data about people, animals, plants, and property.” Although IoT devices monitor users in order to offer them a service, that surveillance poses serious problems, Maras and Wandt argue. It’s made worse, they say, because U.S. law doesn’t adequately protect the “right to privacy of one’s information as well as the protection of one’s choice and consent to reveal information.” That becomes especially clear when there’s a data breach, like the one that the consumer reporting agency Equifax experienced in 2017. It only offered users a free one-year subscription, but those affected “will be at great risk of identity theft for the rest of their lives.”
Given that IoT devices will only continue to become more integrated in people’s lives, Maras and Wandt recommend three points of action: Implement laws that specifically address how such devices collect and store data; require that companies clearly share “security and privacy implications” before making devices available; and streamline user agreements so people know what they are signing away.
All three, they conclude, will help “create more informed users of IoT devices and attempt to mitigate the adverse impact of these devices.”