Why are we continually surprised as one story after the next comes out about Big Tech spying on us? Regardless of privacy policies or Government action, it's only going to get worse. It's in Big Tech's DNA to spy on us, and the proliferation of IoT / smart home gadgets along with artificial intelligence (AI) algorithms are only going accelerate the problem.
Below is a listing of articles documenting various spying incidents, capabilities, and vulnerabilities that you may not already know. Maybe it will help drive home that our society has a big problem and make you think twice before you order your next connected device that's built to spy on you.
"... the processes used to handle personal data at amazon.de have serious issues. This is the “worst case scenario” that consumer and data protection activists have been warning us about."
"Alexa was obviously able to hear our ‘subject’ in the shower, and commands given to thermostats and the like showed that he uses Alexa to control various smart home appliances. He uses Alexa at home, on his smartphone, and when he is out and about."
"We were able to navigate around a complete stranger’s private life without his knowledge, and the immoral, almost voyeuristic nature of what we were doing got our hair standing on end. The alarms, Spotify commands, and public transport inquiries included in the data revealed a lot about the victims’ personal habits, their jobs, and their taste in music."
"The fact that Amazon linked a customer’s data to the wrong person and didn’t notice the mistake points to a severe lack of control over the processes involved. It is obvious that no serious checks took place."
"Soon, the newly emerging trend to build voice assistants directly into smart devices such as light switches, ceiling fans, appliances, smoke detectors, and thermostats, will make voice control ubiquitous throughout the home."
If you're trying to avoid buying a product that let's Amazon listen in on your private life, then maybe the best place to start is Amazon's Alexa Built-In Storefront. Brands already in the Alexa Built-in Program include LG, First Alert, BOSE, Lenovo, Dell, and SONOS.
"A technology company selling vibrators uses a mobile application to spy on its customers in their most intimate moments..."
"Some retail stores now have cameras in their dressing rooms... and can make instant stars out of the unsuspecting, you may want to ask if that camera feed is secure before turning your back on this latest retailing innovation."
"Google saves years of information on purchases you’ve made, even outside Google, and pulls this information from Gmail."
"Google’s system scans the content of emails stored on Google’s servers as well as those being sent and received by any Google email account"
"Google's Nest Secure hub, the Nest Guard, had a microphone, but you wouldn't have known that from the specs or the company itself. "
"Google ... intercepted the unencrypted data that businesses and individuals beamed through the air willy-nilly. The data was left in the middle of the street so to speak, and Google gathered it as it drove through collecting photographs."
"A patent filed by the company suggests smart homes of the future could monitor naughtier members of the household with cameras, microphones, motion sensors and thermal imaging. The Google Home system could use this real-time information to decide if the person in question is misbehaving and needs telling off. In another patent Google described a device that would give advice to parents for 'areas of improvement' such as spending more time with their children at supper."
"Some Google Home Mini units have been secretly recording just about every sound they hear and transmitting all of that information back to Google. While it's unclear what happens to the recordings once they land at Google, the obvious privacy implications are enough to scare just about anyone."
"Tinder is testing an invasive new update that exposes your exact location on a map for potential matches to view."
"Lyft staffers have been abusing customer insight software to view the personal contact info and ride history of the startup’s passengers."
"Ride-hailing giant Uber ... allowed its executives to track riders' whereabouts without their permission."
"The warrants, which draw on an enormous Google database employees call Sensorvault, turn the business of tracking cellphone users’ locations into a digital dragnet for law enforcement. In an era of ubiquitous data gathering by tech companies, it is just the latest example of how personal information — where you go, who your friends are, what you read, eat and watch, and when you do it — is being used for purposes many people never expected."
"Government agencies, courts, and parties in civil litigation regularly ask technology and communications companies to turn over user data."
"The FBI has been in cahoots with Best Buy's Geek Squad for at least the past decade"
"We know everyone who breaks the law, we know when you're doing it. We have GPS in your car, so we know what you're doing ..."
"VIZIO facilitated appending specific demographic information to the viewing data, such as sex, age, income, marital status, household size, education level, home ownership, and household value ... VIZIO sold this information to third parties, who used it for various purposes..."
"Samsung's small print says that its Smart TV's voice recognition system will not only capture your private conversations, but also pass them onto third parties."
"These programs ... let multiple companies track your online activities to identify the characteristics of those who would be most receptive to certain ads. You can opt out if you want, but Verizon will keep tracking your web browsing anyway, under the excuse of “other authentication purposes,” whatever that means."
"A suburban Philadelphia school district remotely activates the cameras in school-provided laptops to spy on students in their homes ..."
"That was when he saw the light. Two small, black, rectangular boxes were stacked next to an outlet on the far side of the guest room, both facing the bed."
"What I’ve found since is that [the cameras] record to a memory card, but they can also stream live. The host could’ve been watching. Anybody could have been watching."
"On the third day of the trip, Schumacher noticed a light coming from behind some candles in the living room and discovered the camera. It was capable of audio recording and moved in response to various events, suggesting to Schumcher that it was being controlled remotely. "
"A tiny black dot on the Longboat Key bedroom smoke detector was enough to alert an Indiana couple that something was wrong."
"smart-meter technology ... allowed them to snoop on unencrypted data to determine whether or not the homeowners were home."
"Although Ring doesn’t currently lock and unlock doors, it can be used to connect with other security firms like ADT. In addition, Amazon has said it may integrate Ring with its Amazon Key service, which allows delivery people to gain access to Amazon customers’ homes."
"A new report shows that Google has been accessing data about Android users’ locations, even when the user believes that the data is being kept private."
"It already knows whether you are single or dating, the first school you went to and whether you like or loathe Justin Bieber. But now Facebook, the world's biggest social networking site, is facing a storm of protest after it revealed it had discovered how to make users feel happier or sadder with a few computer key strokes."
"This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get."
"When a server was installed and switched on, the microchip altered the operating system’s core so it could accept modifications. The chip could also contact computers controlled by the attackers in search of further instructions and code."
"This scheme is less crazy than it might seem. Modern circuit boards are filled with small support chips, and the backdoor chip would appear to be just another faceless component to all but the most detailed examination. "
"The attack reportedly focused on the Baseboard Management Controller (BMC), essentially a second small computer built into the server. The BMC implements the Intelligent Platform Management Interface, a tool enabling a remote administrator to reset the computer, reinstall the operating system, and perform other tasks without needing physical access."
"... pieces of malware with names like “Assassin” and “Medusa” that seem drawn from a spy film, describing tools that the CIA uses to steal data from iPhones, seize control of Microsoft-powered computers or even make Internet-connected Samsung television sets secretly function as microphones."
"The NSA’s actions are making us all less safe. They’re not just spying on the bad guys, they’re deliberately weakening Internet security for everyone—including the good guys. It’s sheer folly to believe that only the NSA can exploit the vulnerabilities they create."
Some concluding remarks
Regardless of privacy policies and Government legislation, spying & hacking are only going to get worse as connected systems continue to proliferate and become more complex. Combine this with the improvement and roll out of artificial intelligence that is used to data mine & classify, and we have an epic problem of privacy invasion.
However, all is not lost, and there is no reason to surrender to Big Tech's plan to spy on us. Your best defense today is to begin with the following plan of action:
- Learn about how the Internet is a shared, unsecure medium. For starters, know the difference between https and http, an address vs. a port, and why VPN isn't a panacea.
- Don't have an expectation of privacy with data you store in the cloud (e.g., pictures, email, video, etc.).
- Tell your vendors and suppliers to turn off (third party) tracking.
- Throw out devices that enable spying, or sell them to people you don't like.
- Think twice before you buy your next connected device and then save a few bucks by not buying it.