Ever get that feeling you’re being watched? The Internet of Things is making surveillance even simpler for security services, to such an extent that Director of National Intelligence, James Clapper, has declared that smart meters, cameras, and other IoT devices are being co-opted to listen into conversations and generally keep an eye on you.
Yes, law abiding citizen: YOU.
It seems that the worst fears about the Internet of Things and smart home technology are being realized. Like the stuff of Hollywood movies, any connected hardware can be hacked and its data used to draw a picture of what you’re up to. This might be anything from listening to conversations to getting an idea of how much coffee you drink.
The Golden Age of Surveillance
The FBI has claimed in recent years that it is “going dark” – spy language for losing the ability to spy on targets thanks to encryption. While the steps of Apple and other device manufacturers to avoid privacy-based lawsuits by giving users encrypted-by-default hardware is a good thing, the truth about going dark is quite the opposite.
And don’t just take our word for it: a study released in early 2016 and commissioned by the Hewlett Foundation, was developed with the help of civil libertarians, counterterrorism analysts and technical experts.
The study (Don’t Panic: Making Progress on the ‘Going Dark’ Debate) at Harvard’s Berkman Center, concludes that
“‘Going dark’ does not aptly describe the long-term landscape for government surveillance…”
Put simply, the intelligence service knowingly uses the term despite a wide variety of new avenues to surveil targets (domestic or international, innocent or criminal), and cites a range of products, some of which you might expect, others which are a little more surprising.
“…toasters to bedsheets, light bulbs, cameras, toothbrushes, door locks, cars, watches and other wearables.”
In short, everything around you that uses an Internet connection can be co-opted and used to either directly observe your behavior or record it in another way for later analysis.
Scary, isn’t it?
In case you are wondering what "smart" – as in "smart city" or "smart home" – means:
— Evgeny Morozov (@evgenymorozov) February 1, 2016
How These Devices Monitor You
Did you know that when you bought the various smart home solutions you’re currently enjoying, that you would be welcoming the intelligence gathering services into your lives with open arms?
In 2015, the UK’s Guardian newspaper asked if the IoT was “the greatest mass surveillance infrastructure ever?” In the same article it cited Philip N Howard’s “Pax Technica: How the Internet of Things May Set Us Free or Lock Us Up” who suggests that our continued connectivity via every device in our homes, will lead to “a new political age…. ‘Pac Technica.'”
The inference here is that in place of traditional governments of democracy and dictatorship, “data-driven socio-technocracies” will rise,
“…built on the intensive reporting of our behaviours, habits, tastes and beliefs, seamlessly transmitted by the devices we use, carry and interact with.”
But how will this be achieved? How does an Internet of Things toaster, for instance, surveil you?
There’s no reason to be so doubtful. For instance, telephone providers can detect when you’re home by the way you make or answer calls; electric companies can determine your whereabouts in a similar way. Indeed, with the use of smart meters, your electricity provider can tell what devices are being used. This is pretty much the case across the board with IoT smart home devices. Usage paints a picture, while hardware with a built-in mic or camera – such as Smart TVs or games consoles – are ready to record your activity.
Even when you’re aware of the risks of the more obvious surveillance options, we have the weak points, connected smart devices in your home that can be used to gain access to other devices.
If They Breach Your Privacy, Criminals Can Too
As demonstrated at the Black Hat conference in 2014, a Google Nest thermostat can be hacked and turned into a “smart spy” – in just 15 seconds. While the device was secure when shipped, and the hack requires physical access, the speed with which the hack can be applied makes these merely minor barriers to success.
But of course, you don’t want to be surveilled by anyone, do you? Because once one party is keeping an eye on you, it makes it so much easier for another to learn about your movements. We’ve already had situations with Internet connected security cameras being subverted by criminals. We know that one of the major barriers to security services being given backdoors to encrypted systems is the threat to industrial secrets – and even the economy – should these backdoors be discovered by hackers.
And this is the real threat with any connected hardware, not just the Internet of Things. Hackers remain ready and willing to gain whatever information they can, and use it for profit. This might mean anything from selling your personal data and medical data to stealing data and holding it to ransom.
If the NSA can do it, so can criminals.
What Can You Do?
Want to avoid this sort of surveillance? You have two options.
The first is the simplest. Reject the smart home and the Internet of Things (we’ve already established that it can be quite a security nightmare). While they might make things easier on a superficial level, in reality, smart home technology is just saving a bit of time. Is that saving worth risking your privacy over? I doubt you think so.
Second, you might want to retain your smart home hardware, but keep better control over it. The way to do this is to implement your own smart home hardware. Here at MakeUseOf we’ve looked at various custom smart home and home automation solutions, such as those managed by the Raspberry Pi. If you want to move forward with smart home technology, maintaining your own systems and ensuring the necessary firewalls and other security is implemented, is the safest option.
Do you have a smart home? How concerned are you by the testimony of director of national intelligence, James Clapper? Tell us in the comments.