Surveillance, IoT and the fight for your face

Users must be prepared to fight on two fronts to ensure their digital rights are maintained.
24 October 2019

Ring doorbells was subject to privacy concerns when it partnered with US Police Departments. Source: Shutterstock

Tech without restriction creates a society without privacy. Digital rights today remain somewhat of a cryptic concept around the world, meaning that many abuse the gifts given by this fourth industrial revolution. 

China, for example, is developing a facial recognition system that can match faces to a database of 1.3 billion ID photos in seconds, with a target of achieving 90 percent accuracy. This intention has raised alarm bells, as it should, among artificial intelligence experts.

But this could just be the start with law enforcement in the US using internet-connected devices to access private user data. 

There is no escaping the fact that new technologies are being exploited by certain countries, governments, and organizations to keep an eye on users. So, what can people do about it?

The problem with IoT

The truth of the matter is that while technology is making tremendous leaps forward in computing power and device potential, the companies behind such advancement help governments keep tabs on their users.

For example, Amazon employees are listening to its scores of device users. Amazon employs thousands of people to help improve the Alexa digital assistant powering its line of Echo speakers. 

The team listens to voice recordings captured in Echo owners’ homes and offices which are then transcribed, annotated and fed back into the software to eliminate gaps in Alexa’s understanding of human speech.

Marketing materials promote Alexa as living “in the cloud and is always getting smarter.” However, whistleblowers associated with the program demonstrate the integral and often secretive role that humans play in training software algorithms. 

Alexa is not the only Amazon device that raises security questions marks. 

The video doorbell Ring came under fire for data privacy concerns after partnering with US police departments to get officers to promote the Amazon-owned product to citizens. 

In return for this promotion, police departments have been receiving free Ring products for residents of their areas and access to Ring’s Law Enforcement Portal — something that allows officers to request access to footage from Ring cameras without the need for a warrant.

Surreptitious surveillance

Surveillance is getting smarter than simply audio and video monitoring. As mentioned, Chinese platforms have the ability to algorithmically identify any of its 1.3 billion citizens within three seconds. Even more concerningly, China’s tech is being exported internationally.

In Ecuador, facial recognition cameras hang from poles and rooftops, from the Galápagos Islands to the Amazonian jungle. The system lets the authorities track phones and may soon get facial-recognition capabilities. Recordings allow the police to review and reconstruct past incidents.

And when surveillance systems move in, there appears to be no boundary. China is pushing hard for cameras to be installed in businesses as well as on street corners. Businesses in the city of Chengdu have contested rules requiring public baths, massage parlors, teahouses, chess and mahjong rooms, and cinemas to install surveillance cameras in public areas.

Clearly, the fight for digital rights only becomes more difficult once systems are widespread and gathering usable, and abusable, data points. So, what can modern users do to protect their digital rights?

The fight for your face

Users must be prepared to fight on two fronts, individual and societal, to ensure their digital rights are maintained. 

First, individuals must implement good data habits in their day-to-day browsing. This means browsing via a virtual private network, consciously deciding what apps do and do not have smartphone access, and implementing two-step verification for passwords. 

There is a long list of things that individuals can do to protect their own data before they begin the fight for wider data protections.

It is worth noting, too, IoT devices are susceptible pieces of hardware. From baby monitors to kitchen appliances and drones, cheap internet-connected devices typically come loaded with cheap security thresholds. 

For example, the majority of devices use cloud-based connections to relay commands between device and receiver. This allows third parties access to device, and therefore user, information. Individuals are best advised to implement peer-to-peer connection types which ensure commands only travel directly between device and receiver.

Second, societies must be prepared to stand up to corporations who wish to write the rulebook on data rights. 

In Europe, for example, the General Data Protection Regulation (GDPR) has drawn a line in the sand as to what companies can and cannot do when it comes to sensitive user data. The same cannot be said in the United States. 

Legislation in the US varies from state to state, rather than having unified standards from country to country. The risk is that differing rules result in weaker federal data laws.

The fight for digital rights is not won in any one moment. Digital rights, just like any other civil liberties, must be maintained on a case-by-case basis to be retained generally. The fight for your face has only just begun.

Contributed by Carsten Rhod Gregersen is the CEO and founder of Nabto.