Will the ‘Internet of Things’ boost surveillance capabilities?
A new wave of smart appliances could soon be spying on your every move, warns Chris Spannos.
How often have you held open the refrigerator door, surveying what there is to eat? This popular and seemingly benign act is one among many that, according to US Director of National Intelligence James Clapper, may soon emerge as a source of information used to manage and – arguably – control citizens and consumers.
Part of a movement referred to as the ‘Internet of Things’ (IoT), Samsung’s new smart-fridge and smart-stove are the latest products in the ‘smart-home’ range that attempts to integrate all of our devices, appliances and things using sensors and information networks across homes, businesses, workplaces and cars. It is considered to be the next computer revolution and is forecast to emerge as a multi-trillion-dollar industry over the next decade. However, unbeknown to many people, these things can be transformed into surreptitious spying devices.
‘In the future, intelligence services might use the [Internet of Things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,’ Clapper said in public testimony to the US Senate on Tuesday.
Samsung’s SmartTV has come under public scrutiny for its ability to listen in on users who are casually conversing while watching their favourite shows. Seemingly innocuous toys such as Mattel’s Wi-Fi-enabled Barbie can be hacked to become a spy doll eavesdropping on intimate conversations between children, dolls and parents – who have no knowledge that their privacy is being violated. Internal microphones in cars can similarly be used to secretly record passengers and send their conversations to third parties.
Numerous companies – including Apple, General Electric, Nike and Google – are investing in technologies that will connect everyday objects to the IoT and process user information through cloud services. The expected exponential increase in user-produced data from many points has caused experts to worry that we are hurtling toward an escalation in surveillance. Law enforcement and intelligence agencies may start to seek orders compelling Samsung, Google or vendors of other networked devices to push an update or flip a digital switch to intercept the ambient communications of a target.
These trends follow already heightened concerns about government spying. In 2013 former National Security Agency (NSA) contractor Edward Snowden revealed that the US agency and its partners were conducting illegal bulk surveillance of citizens at home and abroad, including spying on presidents and prime ministers of other nations. Since then think tanks, human rights groups and citizens globally have been ringing the alarm over widespread unlawful collection of information through considerable abuses of privacy, civil liberties and human rights.
In the last year, Privacy International has unveiled surveillance in Uganda, Pakistan, Colombia and Singapore. Amnesty International has warned that governments are ‘hoovering up’ electronic data of all kinds and that the British government ‘is one of the main culprits.’ In December, PEN International reported grave concern about ‘the extraordinary degree of control that Turkish authorities are attempting to exercise over legitimate public discussions online.’ In Poland, thousands of concerned citizens are currently marching against their government extending its surveillance powers. And now Clapper warns of using the IoT to gather information. People are worried.
Surveillance raises many political and ethical problems. Without legal approval, surveillance subverts democratic principles and practice. Governments argue that it is in the best interest of national security to secretly gather information on citizens. Reports show that these same governments would like to access corporate accounts in order to mine consumer data. While people willingly share revealing personal details about themselves, their family and friends on social networks every day, the US Department of Defense has studied extensively how to influence these users. And Facebook controversially sought to learn how to control user emotions by manipulating its news feed.
Government and corporate power has spread through the capillaries of communication and information technology. The Internet of Things will further enable this spread through the connection of appliances. The more authorities intercept data from service providers and cloud services, the more the benign moments of everyday life – cooking, driving, playing, relaxing in front of the TV – will become rich sources of data collection, informing governments and companies about individual choices and society-wide patterns of behaviour, from the granular to the grand. As with much technology, the risks are in how it will be applied. If people were put first, such data could ideally inform government and corporate behaviour to try and ensure a more equitable distribution of resources. Refrigerators could speak to producers about food consumption, providing better assessments on need and streamlining production to avoid waste. However, in a market economy its use will be to profit already-wealthy corporations and entrench state power. We will continue to ignore the hunger and needs of those that cannot participate in the market for products in the sphere of the Internet of Things.
Can encryption help keep our information from being collected in this context – one that far surpasses the limits of George Orwell’s Big Brother? Indeed, in response to encroaching surveillance, citizens have applied encryption technology in their communications. Responding to market demand, some large companies, such as Apple, Google and Facebook, have developed services and products that enable end-to-end encryption, where there can be no person in the middle who can eavesdrop on a user’s communications.
The increasing use of encryption, aided by large companies providing options for secure communications, has worried government officials. In the US, the FBI, CIA and NSA have long complained about the problem of ‘going dark’, where the gap between government authority and technical capability to collect information is expanding.
In a recently published Harvard University report, surveillance and cybersecurity experts suggest that communications are steadily moving beyond the reach of government control. The government fears that an ‘aperture is closing’ and, once closed, they will be ‘blind’. However, the experts do not agree, stating that the ‘going dark’ metaphor ‘does not capture the current state and trajectory of technological development.’
As has been recognized by experts, most companies are unlikely to adopt encryption technologies. Most companies can monetize collected data through selling targeted online advertising opportunities. In fact, the majority of businesses that provide communications services rely on access to user data for revenue streams and product functionality. Software ecosystems have a tendency to be fragmented, which can make widespread use of encryption technology difficult. Many of the companies that offer encryption options also provide governments with data that can be analysed for surveillance.
The IoT will transform our built environment and personal space. Contrary to ‘going dark' against government fears, these changes will provide far more capacity for surveillance. Privacy is being lost. Surveillance will exceed (as it has for a long time) balanced national security aims. Yet many will be swayed by government pleas to increase surveillance to protect us. While the IoT revolution promises comfort and ease, are we willing to provide governments and corporations with evermore personal information in a parallel surveillance revolution that will escalate management and control of people and society?
Chris Spannos is Digital Editor for New Internationalist. His Twitter handle is: @cspannos