Is Alexa spying on us? We're too busy to care and we might regret that
By Tim Johnson tjohn...@mcclatchydc.com <mailto:tjohn...@mcclatchydc.com> August 10, 2017 1:56 PM WASHINGTON Its an experience every computer or smart phone user has had. After downloading new software or an app, a window pops up with a legal agreement. At the bottom is an I agree button. One click, and its gone. Most users have no clue what theyve agreed to. That single action can empower software developers to extract reams of personal information such as contacts, location, and other private data from the devices. They can then market the information. Even as privacy erodes in the digital era, little outcry arises over the digital tracking and profiling of consumers. Only slight murmurs are heard on Capitol Hill. But a handful of security researchers, lawyers and privacy watchdogs voice increasing concern that consumers might one day wake up in anger at the collection of data by software companies winning rights to do so through end user license agreements, also known as EULAs. One researcher says the data collection potentially poses a national security threat. For now, news about how companies collect data emerges in bite-sized stories. In late July, articles brought to light <http://www.zdnet.com/article/exclusive-roomba-ceo-responds-to-spying-story/ > that certain models of the Roomba robotic vacuum not only collect dust as they whir across the floor, they also map the homes of users and send the data back to headquarters. The Massachusetts manufacturer, iRobot Corp. <http://www.irobot.com/> , may share the data to enable the smart home and the devices within it to work better. It says it will do so only with customer consent. iRobot chief executive Colin Angle <http://www.irobot.com/About-iRobot/Company-Information/Management-Team.aspx > said, iRobot will never sell your data. He added that such information needs to be controlled by the customer and not as a data asset of a corporation to exploit. Your identity is what theyve compiled. That is kind of scary when you think about it. Gary Reback, California antitrust lawyer Other companies, empowered by the click-through habits of consumers that allow them to gather and sort through data, exploit the information by selling it to data brokers. We need legislation that basically forces these companies to be very, very clear on what information they are taking from us when we install these apps, said Michael Patterson, chief executive of Plixer International <https://www.plixer.com/> , a Kennebunk, Maine, cybersecurity firm. If they change the EULAs, they have to tell us, and they also have to make what theyve taken from us available at any time, Patterson said. When you buy a box of cereal or crackers, on the side of it it gives you nutrition facts, Patterson continued. Thats what I want. I want nutrition facts on every piece of software I install so that I can click on it and it says all the information theyre taking. Gary Reback <http://www.carrferrell.com/attorneys/gary-reback> , a Palo Alto, California, antitrust lawyer who has tangled in legal battles with Google and Microsoft over data privacy issues, said data harvested from consumers has led companies to create individual profiles, often at a level of detail that even family members may not know. When an online profile is created of you, which you never really get to see, its not just kind of what you buy, its who you might vote for, Reback said in a recent telephone interview. An old saying goes that when a consumer gets a service or product for free, the consumer becomes the product. His or her profile becomes an item to be marketed. You may think your identity is, you look in the mirror and thats what you see, but its really not. Your identity is what theyve compiled, Reback said. That is kind of scary when you think about it. I just dont think people think about it enough. Internet-connected devices proliferate in homes. An estimated 8.4 billion such devices <http://www.gartner.com/newsroom/id/3598917> exist in the world today, the Gartner research firm says, and that number is projected to climb to 20.4 billion by 2020. Those devices are often lumped together as the Internet of Things. Youve got no alternative. Gary Reback, California antitrust lawyer Its getting worse because the Internet of Things is like where your location is, how much your heart rate is going, (and) what youre saying with these new voice-controlled devices, said Chris Wysopal, cofounder of Veracode <https://www.veracode.com/> , a Burlington, Massachusetts, app security company. Wysopal is concerned enough about privacy that he avoids all voice-activated devices in his own home out of concern they may be feeding his private activities back to manufacturers. But he said young people may feel that we enjoy all this technology so much that were willing to give it up. As time passes, added Reback, the growth of big players in technology may leave consumers with the sense they have little choice but to accept conditions imposed on them. Youve got no alternative. Back when there was competition, if some people did a better job at protecting privacy, that might have influenced your choice, Reback said. The direction of where the issue may head is unclear. I dont have a good answer for where its going to go. But I think that things might just change that people really start to think its fine to have all this data in the hands of third parties, Wysopal said. Im a privacy rights kind of guy, so I tossed my Bose and will never buy Bose again. James Scott of the Institute for Critical Infrastructure Technology In addition to how the personal data of consumers is used, a corollary is whether companies can keep the data safe, said James Scott, senior fellow at the Institute for Critical Infrastructure Technology <http://icitech.org/> , a Washington center that calls itself Americas cybersecurity think tank. If U.S. adversaries hack databases containing consumer profiles collected and built up by data firms working with software companies, they could use the information to manipulate public opinion to stoke chaos, Scott said. What happens then is that nation states are able to fan the flame of alt right, alt left, Bernie Sanders supporters, Trump supporters, Hillary supporters, Scott said, adding that a potential campaign could fan the flame of distrust of the population against the government. Scott, too, said he stops using some products when he learns that companies are marketing his usage data, and did so after a lawsuit filed in April <http://fortune.com/2017/04/19/bose-headphones-privacy/> charged that Bose, the audio manufacturer of wireless headphones, was monitoring your music and selling that data. Im a privacy rights kind of guy, so I tossed my Bose and will never buy Bose again, he said. Bose, on its webpage <https://downloads.bose.com/ced/bose_connect/privacy_policy.html> , says it respects the privacy of our users. Patterson, the Plixer chief, said he is particularly wary of smart phone navigation apps. Maybe they keep track if Im speeding a lot, he said. Maybe they sell it to insurance companies. On a trip to one of the main U.S. intelligence agencies, which Scott would only identify as a three-letter agency, he said he was stuck at security with an unrelated large delegation, and inquired of a colleague who they were. Oh, thats Google, he said he was told. They are always here begging us to buy their data. Tim Johnson: 202-383-6028 <tel:202-383-6028> , @timjohnson4 <https://twitter.com/timjohnson4> <https://twitter.com/timjohnson4> Read more here: http://www.mcclatchydc.com/news/nation-world/national/national-security/arti cle166488597.html#storylink=cpy EM On the 49th Parallel Thé Mulindwas Communication Group "With Yoweri Museveni, Ssabassajja and Dr. Kiiza Besigye, Uganda is in anarchy" Kuungana Mulindwa Mawasiliano Kikundi "Pamoja na Yoweri Museveni, Ssabassajja na Dk. Kiiza Besigye, Uganda ni katika machafuko"
_______________________________________________ Ugandanet mailing list Ugandanet@kym.net http://kym.net/mailman/listinfo/ugandanet UGANDANET is generously hosted by INFOCOM http://www.infocom.co.ug/ All Archives can be found at http://www.mail-archive.com/ugandanet@kym.net/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
