A smart device in itself is one of those ultra-connected environment of capabilities and services, which enables interaction between physical objects and their virtual representations based on existing technologies such as sensors, controllers or low powered wireless along with services available from the wider internet. This ultra-connectivity is why smart device privacy has become such a concern among the modern day tech lovers.
Currently we are seeing widespread adoption of smart devices across sectors especially in the consumer sector in form of wearables and home appliances which are provisioning basic comforts of life. As per the Verizon IoT Report of 2016, home monitoring solutions have seen a growth of 50% from 2014 to 2015 and 43% annual growth for smart cities technologies and network. The growth and adoption of smart devices is incremental and getting mainstream. As per Gartner there will be approximately 20.8 billion connected devices by 2020.
On the other hand, popular mobile operating systems are provisioning API (Application programmable interfaces) which would integrate with their home smart devices. For example with iOS 10 (Mobile OS for Apple) new applications will be introduced for enabling the management of home appliances and compatible with HomeKit – which is Apple’s home automation framework. iOS 10 will have application such as ‘Home’ which will have provisions for adding smart home devices such as air conditioners and purifiers, humidifiers, cameras, and doorbells. It would provide the ability to perform actions including turning on lights and unlocking doors, in addition to other useful features which will be expanded over time. The application will also be equipped with a panel to control multiple devices at once and also includes Geo-fencing to schedule activities based on the user’s location.
With the mass adoption of smart devices for home and industrial usage, the Internet of Things (IOT) ecosystem also introduces a large amount of data which gets embedded and synchronized across devices – capable of being controlled by any exposed APIs (supported by multiple platforms). The integration of a smart device across multiple API’s, existing in multiple devices (such as Mobiles, ipad etc.) with data linkages at every point of presence (PoP) causes concern for the privacy of individuals and group of people. In lot of cases individuals would not be even aware of their data being synchronized across multiple devices and tracked by smart devices which potentially has the ability to send and receive data to or from virtually any platform. This situation can be assumed as the watchwords for having a dystopian life without freedom where “Big Brother is always watching you”. Due to the increased pace of technology, significant use of third parties and an increased need to do more with personal data, individuals now are challenged to have a conscious judgement of choosing a smart device with multiple considerations in order to effectively mitigate numerous smart device privacy risks.
Why should I worry about Smart Device Privacy?
Some of the major smart device privacy concerns impeding the momentum of adoption of smart devices include:
- Gaining physical access to homes or commercial business through potential attack vectors against smart door locks, and electronic locking mechanisms.
- Capturing of data from sensors across smart devices is other major area to which a consumer is generally unaware.
- In such cases, there’s high potential risk of a user being under surveillance by an organization or any individual without the customer knowing about the same.
- With the distribution of data across multiple devices and ecosystem using clustering and classification algorithms, patterns could be identified for tracking the current location of a user based on the information stored in mobile devices by location sensors.
- Personal and sensitive data leakage: Stealing money and identities based on leakage of personal information is one of the major concerns which potentially could happen by aggregating data from multiple smart devices controlled by a single device (such as mobile) etc.
- ability to gain unauthorized access to devices
- Misusing features of an application: One of the interesting applications which can be extended to a smartwatch (Android Wear 2.0) is Remote Camera Shutter. If the phone’s camera app is activated, the screen can be shared with the smart watch, and the user can have control of the shutter and view photos. Third-party applications also support the features using the phone camera for streaming and potentially other camera control features. From a security perspective, the remote camera shutter, if exploited, could become a means to spy on individuals which again is one of the major concerns and a root to the notion of “SOMEONE IS… ALWAYS WITH YOU”.
What is sensitive for me?
Any information relating to an identified or identifiable natural person is Personal Information. An “identifiable person” is a person who can be identified, directly or indirectly, by reference to an identification number or factors specific to his or her physical, physiological, mental, economic, cultural or social identity. Examples of Personal Information include, but are not limited to account number (bank account, credit card, etc.), address, biometric identifier, license or identification number, date of birth, name, personnel number, photograph or video identifiable to an individual, vehicle identifier or serial number, and may also include other information related to an individual that may directly or indirectly – identify the person (e.g. salary, performance rating, purchase history, call history, etc.). Examples of information that would not be considered personal would be statistical or summarized information, for which the identity of the person is unknown or linkage to the person has been removed.
“Sensitive personal information” is one of the very important category of personal information that requires an extra level of protection or a higher duty of care which we would see generally being inputted by customers using smart devices. Examples include information that reveals medical or health conditions, racial or ethnic origin, gender, political opinions, religious or philosophical beliefs, medical or health conditions, sexual preferences, financial information relating to individuals, and government issued identification, such as national identification number, national insurance number and social security numbers.
When we see the usage of personal and sensitive personal information one of the practical example is using health related smart devices or devices (such as mobiles) which consumes data related to health. For example again with iOS 10 there are couple of health related frameworks being introduced such as HealthKit and CareKit. HealthKit looks one of the most flexible healthcare development frameworks which can be integrated in iOS and watchOS to read and write health and activity data to the Health application and to provide enhanced health and fitness solutions and recommendations. CareKit on the other hand is a framework which can be used to enable the tracking of symptoms and medications, while sharing information with physicians and other healthcare professionals live. Sharing such sensitive data without having a clarity and awareness of where all the application data will synchronize raises another big concern.
The smart device category of wearables such as Apple Watch, Android Wear etc. is a truly innovative category which has extended functionalities to integrate with iPhone, iOS and Android OS product lines. Many of its features are enabled via NFC capabilities including Apple Pay for Apple Watch. The devices in this category has a huge potential security risk specially with the various types of data being associated, including health care data, financial data, vehicle , room access, as well as home system control which also serves as a centralized command and control for all consumer smart devices for home.
.. as customer what should I focus upon?
As a customer, the prime focus should be to obtain security tested products and keep them updated as per the latest software releases provided by the smart device vendors. The following are some of the key factors which a customer should primarily focus upon to reduce the smart device privacy risks associated with potential threats with the existing smart devices they utilize:
- Identifying the data subjects (smart home devices which are connected and have your personal information).
- The relationship of the affected data subjects to other data which is correlated (e.g. third-parties, cloud applications etc.)
- If the PII is shared with external party application (for correlation and analysis like health related applications)
- The location of the affected data subjects and control considerations
- The management and controls related to the PII involved.
The following are some of the key principles which Customers should follow at minimum while embracing new smart devices.
- Notice: Only provide details to an appliance or application if it provides information / notice at the time information is collected describing how personal information is processed and protected. This notice should include information about the purposes for which we collect and use information and to whom it may be disclosed. Only provide personal information that is necessary, relevant and not excessive for the purposes for which it is to be used.
- Access: Restricted access should be provided to other applications and devices to access the personal information including the opportunity to correct, amend or delete any personal information.
- Information Integrity: Reasonable steps should be taken to verify the information which is share will be used for the purpose for which it is to be used.
- Information Retention: Identify the retention period to ensure that personal information is retained only for as long as needed to meet the purposes for which it was collected.
Remediation for Smart Device vendors
Vendors primarily should emphasize upon the following key controls to reduce the smart device security and privacy risks:
- Approach for Masking & Scrambling Data – Personal and sensitive data needs to be masked in all appliance and virtual environments in order to avoid exposure of data to people who are not normally authorized to see this data.
- Criteria for Masking & Scrambling Data: There should be at minimum certain criteria’s followed for masking and scrambling data. Few of the important criteria which should be considered includes:
- It should ne not reversible
- It should be impossible to determine original data
- It should maintain relational integrity
- It should have the ability to mask key fields
- It should be compatible for all systems in the platform (standard across devices and appliances).
- Strategies for sharing relevant data across parties – Copy only subset of data which is relevant. This strategy has its share of drawbacks as it requires special conditions and effort for copying only a subset of the data.
- Delete personal or sensitive data across devices and use unique identifiers to identify the resources – One strategy that can be used to mask personal or sensitive data is to use unique identifiers across devices to correlate the information from the primary source of smart device. However this strategy is not very helpful for all cases since we might require the absolute data for testing or validations. Also, effort is required to delete particular data which is personal but may have technical limitations which are due to the platform requirements.
- Replace personal or sensitive dates with ‘aged’ dates – This strategy is more specific to data which involve dates and is useful to masking date of birth.
- Altering personal or sensitive data by character replacement – This strategy is more specific to data which involve text and numbers and is useful to mask data without losing the size (length) of the data in the field.
- Maintain the confidentiality and integrity of personal data collected within the smart devices and appliances through the provisioning of encryption, authentication and integrity protections.
Thus, in addition to providing tight security to devices, data privacy can be ensured by having a comprehensive security framework defined with a simple rule of masking or scrambling personal & sensitive information wherever not required across platforms at minimum.