Is your ‘smart’ fridge spoiling your secrets?
LONDON — Track your sleep with a bracelet.
Turn up the heat from the driveway. Let a monitor sing to your baby. Advances in the so-called internet of things have put amazing technology in the hands of many Canadian, but what happens when those trendy tech products give away your secrets?
A Western University professor is targeting those tools — and the loose privacy rules that may fail to protect consumers — in a new report.
“There’s a general problem with security whenever you have a device that’s part of a network, because that then becomes an entry into your home,” Sam Trosow said.
Suddenly, ordinary objects like refrigerators are connected to the internet and collecting data.
And most people using those devices are blissfully unaware of what they’re giving away.
“There are reports about selfdriving cars being hacked, about people figuring out how to get into someone’s home through garage door openers, or understand people’s patterns by looking at their automatic light switches,” Trosow said.
An international study by data protectors, including the Information and Privacy Commissioner of Ontario, showed six in 10 “internet of things” devices don’t properly tell customers how their data is being used.
Trosow studied a long list of companies and products — from the Fitbit to Tesla, to GE appliances — to see how they lined up with Canadian privacy law.
“Some of the rules that are in effect need to be updated to reflect the advances in technology,” Trosow said.
He wants to see more clarity for users — so they know what’s going on with their information — and a tightening of the regulations.
Personal information can’t be given to a third party, but data collectors get around that by taking out the identifying details. It’s called “de-identification.”
The problem, Tr os ow warns, is that today’s algorithms are so sophisticated the anonymous data doesn’t always stay anonymous.
Those third parties can “re-identify” sensitive information.
Privacy laws in Canada are stricter than those in the United States, Trosow said, but many American products go by the rules south of the border. But while that’s found in the fine print, most consumers aren’t reading those details.
“By using more and more of these devices, we are creating more and more potential problems, especially if the public is not aware of the issue of privacy,” said Catherine Rosenberg, a University of Waterloo engineering professor and Canada Research Chair in the Future Internet.
“Most of the applications don’t work if you don’t give them access to your data,” Rosenberg said. “This is very, very disturbing to me. I don’t necessarily want to give it, by default, to Apple or Fitbit. That, I think, is very irritating.”
The problem, Rosenberg and Trosow agree, is a lack of options.
“The choice is between no application, or giving everything away,” Rosenberg said of using certain apps or devices. She’d said she’d even be willing to pay for an upgraded version to protect her data.
Trosow is looking next to examine ever more devices.
But the research he’s done so far has illuminated some frightening examples, like Mattel’s proposed “smart” baby monitor that would interact with a child. Its rollout was cancelled after a barrage of public outrage.
“Can you imagine growing up attached to a toy at that level. . . where it’s a substitute for human contact?” Trosow asked.
“I just think that’s the beginning of some really terrible horror movie.”