DON'T CONFUSE SECURITY WITH SURVEILLANCE

in #privacy8 years ago (edited)

Have you ever called customer service and heard the welcome greeting that says something like “...this call may be recorded for quality assurance”, or “...this call may be recorded for security purposes...”? This is not truthful, your call is being recorded for purposes other than “quality assurance” or “your security”. The recording serves only to indemnify the company against future claims you might make or to waive claims you might have based on what you say during the conversation. This is not the point of my article here, but I wanted to introduce the topic this way because this is when I began questioning these occurrences. I began denying these companies my consent to record my voice without first agreeing to my own “data retention policy” terms, which include paying me a license for the storage and use of my recorded voice. Some disconnected, some agreed, and some decided to send me a letter. That was dating back to the late nineties. This same understanding carried over into the development of smart phones and other new technology.

Don't confuse security with surveillance, especially when it comes to your home and your family. Video surveillance of your home while you are not there is a very useful tool in allowing you to take action in real time during any invasion of your home; however, it's important to recognize that surveillance by itself is only good for one thing, surveillance. If something is captured on video, it can be seen by anyone, for many years to come. If you have video surveillance in your home, the signal should be encrypted so that only you have access to that feed and so that no one else can intercept it and collect video images from your home, whether you are there or not, or at anytime. This should be a very easy concept for people to realize, but I think many people mistakenly trust the manufacturers of these devices and incorrectly assume that no strangers are watching them or collecting this data. While the risks are the same for home “security” systems as they are for all other forms of surveillance, I just wanted to focus on these innocent looking fun toy-like devices that people love to buy.

Yes, if you have any video or audio systems in your home, you are under surveillance. This includes a new television, smart phone, computer, surveillance cameras and especially these devices such as “Alexa”, “Scout”, “canary”, “Echo”, “Piper” and others such as OK Google, Google Home, Siri and Cortana. This leads me to the main example of this article. These devices are fun, entertaining, informative and useful, but they are “listening” to you when you don't need them to, recording what you say, and in some cases, collecting video data, whether through the device itself or by capturing video data from other un-encrypted devices in your home. If you're going to allow this, then you don't need locks on your doors, you don't need doors and you can build walls made of glass.

People spend lots of money for locks, doors, secure windows, security systems, and then completely ignore twenty-four hour video and audio surveillance of their homes by these devices. Most if not all of this data is being transmitted to your SMART meter. Your SMART meter is a node on an international surveillance network and your power company is collecting your data and selling it. Why invest in all of this security and then throw it out the window by allowing this type of surveillance? The SMART meter nodes are not encrypted. The space used for the batter of the computer hardware inside does not also allow for any firewalls or other forms of encryption. What this means is that anyone can collect the data from your SMART meter at any time.

These devices use speech recognition to respond to requests you make verbally. And although the “wake word”, which is usually the name of the device, so that it responds when you say its name. Don't believe this for one second. The device is “listening” to everything that is audible and recording that information all the time. Anything said, that can be translated into text, is translated into text so that the data can be sold and used by companies that want to sell you things that are consistent with your conversations. But what are the legal implications?

From a legal standpoint, voice tracking isn't necessarily out of line. "These devices are microphones already installed in people's homes, transmitting data to third parties," Joel Reidenberg, director of the Center on Law and Information Policy at Fordham Law School in New York City, told USA Today. "So reasonable privacy doesn't exist. Under the Fourth Amendment, if you have installed a device that's listening and is transmitting to a third party, then you've waived your privacy rights under the Electronic Communications Privacy Act." It's just like being outside, once you're in the public outside of your private home or vehicle, you have no protections to privacy. There mere fact that you have such surveillance devices in your home or use, begs the question of whether or not you have overtly or implicitly waived your rights and protections guaranteed by the Bill of Rights. And I'm not falling for the promise that pressing a mute button restores any of my privacy or rights.

Read Samsung's “privacy policy” and the recent changes it had to make, and you have to ask yourself if anything really changed. If you had the ability to listen to other people's conversations whenever you wanted, and if you had a profit motive, why would you ever abandon that ability? Don't believe for one moment that these devices are not doing only one thing, logging any and all video and audio data from you, all day, everyday.

It should be obvious that people should not be using these devices. It's bad enough that smart phones have replaced telephones and have become one of the most useful consumer tools in human history. Those of us who adopt practices to protect our privacy should consider establishing our rights in a written security agreement that is established along with the terms of service and privacy policies of these companies. Who says people or consumers cannot have their own terms of service and privacy policies? If enough people did the following, it would create the changes we want.

Identify proprietary data in a contract that expresses the terms under which that data can be used by the companies collecting it. Serve notice of the terms upon the company or organization collecting your information. The name and address of the company is usually found in its terms of service and privacy policy. Once you send the agreement, record it in your local county with the UCC Financing Statement for the security agreement as its cover page, and it becomes a lien upon the balance sheet of the company as long as the company uses your information, and you build a claim against the company under the terms of the license provisions in the agreement. You are the creditor, the licensor, for the use of your identifying and biometric data and the company using it is the debtor, or the licensee.

It is important to first understand what risks you have to your privacy from the technology you are using, then take steps to mitigate or reduce those risks. And then, to the extent you cannot eliminate them totally, impose license terms for the use of the information that is being collected about yourself on the companies doing it. At that point, collecting your information is no longer an asset or valuable, it now becomes a liability in which you are the creditor.

If you think these are crazy ideas, then answer these questions: Why was Muhammad Ali able to sell his “likeness” for $50,000,000 in 2004? And, why is Marilyn Monroe's estate still in business? And don't tell me because they were famous, that only puts a higher price tag on the data. Last question, did you know that the average person's identifying information alone (his financial data) is worth about $25,000,000 in an average life time?

https://www.aceofcoins.com/dont-confuse-security-with-surveillance/

Sort:  

"Hey Siri, can I get my smart meter shut off?"
"I'm afraid I don't know the answer to that."

Yeah, good try. Siri might inform on you if you try that.

I generally agree and I think the pseudonomous nature of block-chains can help with this kind of issue. If we take smart meters as an example, over at SolarCoin we have created solar PV generation logging into the block-chain, of course there is no privacy in the chain and the data logged is open and free for everyone to see. Critically though, there is nothing personally identifiable about the data and so long as you dont re-use addresses.

So I kind of think the real problem with these systems surveilling us, is that the data becomes owned and we lose control over it, and that we often are unaware its being gathered at all.

I recommend people have wireless Internet connected exterior cameras. Those do not pose much of a privacy risk if hacked, and they provide a lot of security compared to the low risk of compromise.

Your internal camera systems however should only be in common areas, and it should be a wired system without an Internet connection to it. Putting that system on the Internet is asking for trouble.

You want both systems for different reasons. Also, all home owners AND business owners should seriously consider at least one camera that records the street space outside. Imagine instead of the regular "Neighborhood Watch" sign it said, "All homes/businesses have exterior cameras." Criminals would go elsewhere.