How much are your data worth?
- Feb 06, 2019
- 46 views
Regarding possible violations caused by the use of the Internet, it is important to point out the concept and consequences of the so-called internet of things. IoT (Internet of Things) consists of networked people and objects on cloud data bases by deploying sensitive technologies installed on devices (mobile or not), allowing interaction between them.
In other words, the internet of things is nothing more than the extension of the Internet to the real world, making possible the interaction between objects and people. Today, most objects have technologies that allow them to connect to the Internet.
On the one hand, such innovations are interpreted as true facilitators of modern life, since they enable the user to minimize possible unpredictability of his day and, at the same time, make it as productive as possible. To illustrate this situation, we can think of an extremely simple case: by providing information from your locality to cellular devices a user may, upon waking up, anticipate a possible storm and choose their clothes appropriately, in addition to knowing firsthand if during your journey to work, for example, you will have to face some kind of difficulty that could delay you (as in the case of a traffic jam caused by a car accident). Certainly, in the absence of this device, the user would never know with what certainty what awaited him during his day.
On the other hand, although it is an innovation already present in the routine of many people, there are several implications that access to objects inserted in a personal context of life, such as televisions, clock radios, children's toys and cell phones, can lead to , considering, in particular, that such objects are fed by personal data.
The issue of information security is of paramount importance in the internet environment of things, since it has as a challenge to structure the country to deal with the issue in a satisfactory manner and in accordance with the discussions that have taken place at the international level. The importance of the correct and careful approach of the theme lies mainly in the fact that the vast majority of users are unaware of all the functions of their electronic devices and the real destination of their data captured by these devices.
There are many cases involving the interaction of people and objects connected to the Internet, which serve as a warning about the danger of breaching the privacy and security of personal information.
The case of Alexa device, Amazon company, is well known and commented on the topic of technology and data privacy. Alexa is the virtual assistant of the devices of the American company (100% connected to the Internet) that, through a voice service, allows its users to interact with many other applications. It is a small object with very few buttons, which has all its operation based on simple voice commands.
The security of the device was seriously questioned after a recent episode in the United States where Alexa recorded an intimate conversation of a couple inside their home and forwarded the contents of the discussion to an apparently random person from their contact list.
Despite the official statement of the company following the incident, which was reduced to say that the device was triggered by certain words captured in the conversation of the couple (according to the company, one of them would have a pronunciation similar to the word 'Alexa', , the device and, from that, the mechanism started to extract other commands throughout the dialogue), little is known about the fallibility of such devices and the transparency of information to the consumer at the time of acquisition.
The great 'luck' of the interlocutors, which allowed to control greater damages, was the fact that the person to whom the content of the conversation was sent was an employee of the husband who, upon realizing what had happened, immediately contacted the family , alerting to the apparently hacked device.
It would seem a less troubling and serious problem if the possibility for third parties to penetrate systems and software present in personal gadgets was limited to devices that primarily promote connectivity between applications, such as Alexa or Google Home (Google) and Siri (Apple).
Another event, at the end of August 2017, also in the United States, once again exposed the fragility of programs, software and devices developed by technology giants: thousands of Americans were need to update their pacemakers under the risk of such objects being invaded by cyber attacks.
Such pacemakers were able to send data over wi-fi to the control of cardiac information physicians of their patients. However, the systems of said pacemakers had a failure and needed to be updated by the developer company. This failure would allow the devices to be accessed by "hackers", allowing access to sensitive patient data, as well as the possibility of changing the operation of the devices, creating a huge risk of life for its users.
These are just a few of the possible cases of copyright infringement that can be brought on the Internet of Things. The episodes narrated above demonstrate that technology, while bringing practical benefits to those who benefit from it, causes at the same time risks, uncertainties and insecurities - which result, in most cases, from the ignorance or ignorance of users, not only the terms and conditions of use of that device, but also the lack of transparency of the information that is collected by the manufacturer / developer and the destination used.
In times of connected society, it is certain that information has become nothing more than a (very) valuable asset. The collection of cardiac data from patients, for example, is relevant and interesting to pharmacists, medical device developers, and many other healthcare companies - the latter, which profits approximately $ 3 trillion a year in the United States alone.
Collecting personal data in general (whether medical, financial or intimate, for example) is therefore a currency of exchange between private companies and insurers and banks, who buy this information as a way to secure their business decisions. By way of illustration, it is estimated that the US health industry could save up to $ 200 billion if more advanced and accurate analytical techniques were applied to patient medical data in order to locate patterns and thus avoid recall of products on the market, for example.
The above-mentioned episodes, which illustrate the fragility of data processing, have brought a great deal of uncertainty, but one conclusion is certain: the picture is irreversible and the tendency is for ordinary citizens to feel more and more their duty to claim their rights to intimacy and to privacy.
In other words, the seriousness with which personal data protection has come to be viewed by scholars of the subject in general, as well as by those concerned with its economic and market effects (as is the case with large technology and information companies) , is also justified by the still timid (but certainly growing) interest of ordinary citizens to complain about the security of their intimate data.
The fact that objects containing information from users are inserted in intimate environments of individuals and have the ability to be accessed by third parties through their microphones and cameras (since they are connected to the Internet), makes us conclude that the definition of privacy as "The right to be left alone" loses its essence in an environment that lacks clear and uniform information about the rights of the individual in the midst of this huge library of personal data.
In this sense, it is worth remembering that the concern with data protection also became relevant after the fateful leaks of information by Edward Snowden, responsible for the disclosure of documents that revealed to the world the scope of US espionage, which violated the privacy not only of citizens and foreign leaders, but also civilians around the world.
Most of the time, the purpose of the connection between objects and the Internet is to collect massive data from its users in order to optimize the functionality of the devices. In addition, by understanding the profile of users, it is possible to increase sales and profits of companies. In this context, the question that arises is: is this collection being done in a coherent and reasonable way for the purposes that will be used?
As we are still embryos with regard to the extent and importance of the use of personal data, it is enough to think of another unprecedented case that has also occurred in the United States, which, as we have seen, is the country-stage of all these last scandals of the digital universe: the investigation into a fire led the US authorities to conclude that a crime had been committed by the apartment owner himself.
Something previously unimaginable, his pacemaker was used as a means of proof, since it was attested during the investigation of the facts that his heartbeat did not match his version of the story. The story's protagonist ended up being arrested and later indicted for arson and insurance fraud, as reported in the report curiously entitled "Your own pacemaker can now testify against you in court" (in the original title, Your Own Pacemaker Can Now Testify Against You In Court) published by Wired.
This is a precedent that can certainly contribute to drastic behavioral changes in the very near future and, more than ever, extremely unpredictable.
In this way, considering that the current Digital Age instills in us constant evolutions and technological developments, we perceive that personal and sensitive data end up becoming the most valuable assets of the users.
Considering the increasing trend of the provision of integrated devices and connected to its user (such as Alexa, mentioned in this article), and also the constant search for innovation and technology (using pacemaker data to update patient history, for example), one must be prepared to align technology with the norms brought by legislation for the correct and efficient management of data collected by devices and websites. It is believed, therefore, that the greatest challenge of the present day is to deliver innovation in line with the collection and responsible treatment of data.