By Raj Ananthanpillai
Would you let your therapist install a camera in your house? Would you let your best friend record all the audio in your kitchen? I imagine your answer to either of these questions would be “No.” These are people you trust, people with whom you may even have a contract where they would lose their job if they repeated something you said in confidence. However, millions willingly install recording devices in our homes and pay for the privilege.
We get them as stocking stuffers and set them up next to our beds. We would never trust the government with such access to our private spaces yet we make exceptions for big-tech companies. These are for-profit companies over which you have little oversight. To make the most of the present technological realities, we must understand some of the core privacy issues at play here and realize the impact we can have on our security.
Each year, technology becomes more powerful and more convenient. For the sake of convenience, we gladly throw caution — and our privacy — to the wind. We want to live like the Jetsons, our feet on the sofa as our robots do the housework. The problem with that fantasy, at least for the moment, is that we are still at the mercy of corporations. If Rosey the Robot went to talk to Mr. Spacely at the end of every day, she would not truly belong to the Jetsons. You may only ask your home assistant for the weather or to play a song, but it’s always on. You bought it to be a hands-free way to order dish soap, but it has several other functions for the company that built it. Remember this: You are a valuable product. People are willing to pay for the recordings collected by the microphone in your living room and the health data on your wrist.
The Issue in Front of Us
We have allowed companies to stockpile our personal data for inconsistent and, sometimes, indefinite amounts of time. By hoarding this data, companies have created a target that interested parties will attempt to access by any means necessary. The obvious fear is that a hacker will get access to our information. This is a common enough occurrence that it’s hard not to gloss over when we hear of the latest breach. We think it’s going to affect somebody else. We think we aren’t worth the effort. But it happens to people like you every day. Rich or poor, you have something worth stealing. Outside of hackers, there is another problem that is equally troubling; can these companies sell your data legally? The answer: Of course, they can and do.
Your information is a goldmine for companies. A study from Cornell found that “smart speaker interaction leads to as much as 30X higher ad bids from advertisers.” Presently, this seems to largely be the extent to which smart device companies are legally selling your data. Your information is a marketing proposition. However, in the future, we cannot be certain what these companies will be willing to do with your data. If your conversations and health data live forever on a server, they are at your disposal not simply for the company’s current goals but for all of its goals in perpetuity. If in 10 years health insurance companies want to calculate exactly how much of a liability you are, your health and purchase data could paint a precise picture of who you really are. While I do not personally believe a company would risk that kind of PR firestorm, we cannot know what they will do in the future. These publicly-traded companies need to create profits for shareholders, if they become cornered by poor stock prices, they may view this massive repository of data as a means to stay in business.
How can we move forward?
As I’ve said before, we have become complacent with our information. All of us would say privacy is important but the constant demands for our information beat us down. If a website needs our DOB, we know it’s easier to comply than to question why. But this is not the way it has to be. It can start as a question you ask yourself: Why does this company need this information? Maybe they really do require this but then the question becomes how long will they retain this data? If you aren’t sure, ask the company. Some of these organizations will direct you to their terms of service — to find your answer, you will need to get cozy with privacy policies with page counts to rival War and Peace. At the end of your studies, you may find you can opt out of certain conditions or find a request to delete your data. But this is not the current standard.
At my company, we have a product that allows you to interact with the digital world as you do today without common concerns. As shepherds of your data, we ensure that other companies are not given access to your SSN, DOB, or any other data without your explicit consent. Instead, they would receive a confirmation of your identity without exposing your information to a server where it would be stored with the level of security and amount of time they deem appropriate. Help tear down data caches and you can stop tiptoeing around your devices.