Categories
Privacy Tech

The Internet of Things marks an anniversary for privacy

This September marks two years since the Federal Trade Commission ordered TRENDnet, a California-based maker of surveillance cameras and networking devices, to refrain from misrepresenting the security of its devices after feeds from hundreds of consumers’ cameras became public on the Internet.

According to the FTC, the company failed to use reasonable security to design and test software for its SecurView cameras. The omission allowed hackers to obtain feeds for roughly 700 cameras that showed babies asleep in their cribs, children playing, and adults coming and going.

The case, which TRENDnet settled by agreeing to strengthen digital security in its products and to implement a program that reduces risks to privacy, represented the first enforcement action by the FTC involving a consumer device that sends and receives data over the Internet, also known as the Internet of Things (IoT).

From mattresses that measure whether we toss and turn at night, to refrigerators that tell the grocer when it’s time to restock, to fitness trackers that encircle our wrists, the IoT represents a networking of everyday devices to improve—in theory, at least—how we live and work. The IoT includes meters that allow electric utilities to measure usage, monitors that give doctors access to our health data 24/7, and carpets and walls that detect when someone has fallen.

Though estimates vary, there are roughly 4.9 billion connected devices in the world, up 30% from 2014, according to Gartner, which projects 25 billion such devices by 2020. Data from mobile devices alone reached 2.5 exabytes per month (that’s one billion gigabytes) last year, up 69 percent from a year earlier, and is expected to exceed 24.3 exabytes per month by 2019, according to Cisco.

Or, as a character on the HBO series “Silicon Valley” exclaims: “Ninety-two percent of the world’s data has been created in the last two years alone!”

Devices can be difficult to secure. Seventy percent of the most common ones that constitute the IoT contain serious vulnerabilities, a study last year by Hewlett-Packard found. But what matters as much if not more is safeguarding the flood of data itself and ensuring that consumers know the terms of the exchange. Dominique Guinard, co-founder and and chief technical officer of Evrythng, a maker of platforms that tie devices together, observed recently in AdvertisingAge:

“In the data-driven world of IoT, the data that gets shared is more personal and intimate than in the current digital economy. For example, consumers have the ability to trade protected data such as health and medical information through their bathroom scale, perhaps for a better health insurance premium. But what happens if a consumer is supposed to lose weight, and ends up gaining it instead? What control can consumers exert over access to their data, and what are the consequences?”

Guinard envisions contracts between consumers and manufacturers that adjust over time and address what happens when data becomes unfavorable to the consumer. The FTC has discussed similar approaches. In a report published last January, the agency presented results of a workshop at which participants examined security for the IoT as measured by Fair Information Practices, a code established in 1973 by the U.S. Department of Health, Education and Welfare and later adopted by the Organization for Economic Cooperation and Development that has provided a framework for thinking about privacy since.

At the workshop the FTC and participants focused on the application of four practices as they pertain to the IoT: security, data minimization, notice, and choice. Participants stressed the benefit of so-called security by design, which holds that companies build security into devices at the outset rather than as an afterthought. Minimization refers to companies imposing reasonable limits on collection and retention of data. Less is more, you might say.

Notice refers to how a company describes its privacy practices, including what information the company collects from consumers. Choice addresses the ability of consumers to specify how such information may be used, disclosed and shared.

The meaningfulness of both notice and choice turn in part on consumers’ expectations. Among scenarios posited by the FTC:

“Suppose a consumer buys a smart oven from ABC Vending, which is connected to an ABC Vending app that allows the consumer to remotely turn the oven on to the setting, ‘Bake at 400 degrees for one hour.’ If ABC Vending decides to use the consumer’s oven-usage information to improve the sensitivity of its temperature sensor or to recommend another of its products to the consumer, it need not offer the consumer a choice for these uses, which are consistent with its relationship with the consumer. On the other hand, if the oven manufacturer shares a consumer’s personal data with, for example, a data broker or an ad network, such sharing would be inconsistent with the context of the consumer’s relationship with the manufacturer, and the company should give the consumer a choice.”

Technology may help. The Future of Privacy Forum, a Washington-based think tank that advocates for responsible data practices, suggested in comments to the FTC that companies tag data with permissible uses so that software can identity and flag unauthorized uses. Microsoft envisioned a manufacturer that offers more than one device using a consumer’s preference for one to determine a default preference for others.

As the proposals suggest, notice and choice can be a challenge to achieve when our appliances collect data while we go about our lives. But as the FTC observed, “giving consumers information and choices about their data… continues to be the most viable [approach] for the IoT in the foreseeable future.”

Categories
Life Privacy Tech

Facebook loses appeal over search warrants

Facebook cannot challenge the constitutionality of a search warrant on its users’ behalf prior to the government’s executing the warrant, an appeals court in New York has ruled in a decision that delineates a boundary for Internet privacy.

The ruling follows a lawsuit by Facebook to void 381 search warrants the company received two years ago from the Manhattan district attorney’s office, which obtained then in connection with an investigation into Social Security disability claims by a group of retired firefighters and police officers whom the DA suspected of feigning illness they attributed to the aftermath of the 9/11 attacks.

Upon receiving the warrants, which sought information derived from the users’ accounts, Facebook asked the DA to withdraw the warrants or to strike a provision that directed the company to refrain from disclosing their existence to users whose postings were to be searched. The DA’s office asserted the confidentiality requirement was needed to prevent the suspects being investigated from destroying evidence or fleeing the jurisdiction if they knew they were being investigated.

After the DA declined to withdraw the warrants, Facebook sued to either quash them or compel the DA remove the non-disclosure provision. The trial court sided with the DA and Facebook appealed.

The appeals court affirmed that the legality of the searches could be determined only after the searches themselves were conducted. “There is no constitutional or statutory right to challenge an alleged defective warrant before it is executed,” Judge Dianne Renwick wrote for a unanimous panel of the court’s appellate division in a ruling released July 21. “We see no basis for providing Facebook a greater right than its customers are afforded.”

The constitutional requirement that a warrant can issue only upon a showing of probable cause as determined by a judicial officer helps to ensure the government does not exceed its authority when requesting a search warrant and eliminates the need for a suspect to make a motion to void the warrant before it can be served, the court noted. “Indeed… the sole remedy for challenging the legality of a warrant is by a pretrial suppression motion which, if successful, will grant that relief,” Renwick explained.

According to Facebook, which was joined in the appeal by Google, Twitter, Microsoft and other tech industry firms, the federal Stored Communications Act also gave the company the right to challenge the warrants. But that law, which protects the privacy of email and other communications stored on servers belonging to ISPs, authorizes ISPs to challenge subpoenas and court orders but not warrants obtained from a judicial officer based on a showing of probable cause, the court noted.

Despite its ruling, the court agreed with Facebook that the DA’s serving 381 warrants swept broadly and suggested the users themselves may have grounds for suppression. “Facebook users share more intimate personal information through their Facebook accounts than may be revealed through rummaging about one’s home,” wrote Renwick. “These bulk warrants demanded ‘all’ communications in 24 broad categories from the 381 targeted accounts. Yet, of the 381 targeted Facebook users accounts only 62 were actually charged with any crime.”

Through civil liberties groups hoped the appeal might bolster protections for Internet privacy, experts said the ruling makes sense as a matter of law. As Orin Kerr, a professor of criminal procedure at George Washington University Law School who has written extensively about privacy and the Internet, wrote in The Washington Post:

“Think about how this plays out in an old-fashioned home search. If the cops show up at your door with a warrant to search your house, you have to let them search. You can’t stop them if you have legal concerns about the warrant. And if a target who is handed a warrant can’t bring a pre-enforcement challenge, then why should Facebook have greater rights to bring such a challenge on behalf of the targets, at least absent legislation giving them that right?”

Still, “that doesn’t mean the warrants were valid,” added Kerr, who imagined that the defendants themselves seem likely to challenge the sweep of the material seized from their Facebook accounts if they haven’t already.

For its part, Facebook disagreed with the ruling but said the company had not decided whether to appeal. “We continue to believe that overly broad search warrants—granting the government the ability to keep hundreds of people’s account information indefinitely—are unconstitutional and raise important concerns about the privacy of people’s online information,” Jay Nancarrow, a spokesman for the company, told the Times.

The DA’s office noted that the investigation led to the indictment of 134 people and alleged hundreds of millions of dollars in fraud. “In many cases, evidence on [the suspects’] Facebook accounts directly contradicted the lies the defendants told to the Social Security Administration,” Joan Vollero, a spokeswoman for the district attorney’s office, said in a statement.

 

Categories
Tech

All things mobile?

With my MacBook in the shop this week I’ve used my iPhone exclusively for all things digital. That includes paying bills, refilling a prescription; purchasing tickets to a concert and typing posts such as this one.

“This is one of those times when an iPad might get you most of what you need,” my significant other told me. Overall the phone is fine. Still, I’m struck by the tasks that seemingly ought to be mobile yet for whatever reason require a workaround.

For example, at Ticketfly, an online merchant that sells what the first part of its name suggests, my attempt to purchase one ticket to a show this September ended in what the site termed a server error. Ticketfly suggested a phone call to complete my order. 

Walgreens asked me if I would like to purchase a membership in a program for discounts on drugs. Intrigued, I clicked on a PDF file of a brochure that described the program. But the site failed to deliver the file despite my trying at least three times to open it.

I also tried to pay my Visa bill at Bank of America. The bank issued me a new card recently. That required me to connect the card anew to my bank account. But the site could not direct me to the page where you enter your banking details. I later completed the setup from a desktop Mac at the library.