Survey: Smart Home Technology. What It Is And Who Has It
The Most Discussed Topics On Facebook During 2015

Smart Devices Create Challenges And Privacy Threats For Consumers, Part 2

Part one discussed the challenges and privacy threats smart devices for the home create for consumers. Today's blog post discusses data ownership, and how to shop wisely.

You've probably heard the terms: Internet of Things. Smart Home. Connected home. All refer to the myriad of devices in your home that are connected to the Internet, outfitted with sensors, collect information about your usage (e.g., who, what, when, where, why, and how long), and transmit that digital information collected to the device manufacturer and others.

The collected information is often shared with corporate partners or affiliates, such as the device's operating system software developer and mobile payments provider. (See this chart for partners by payment type.) Data may also be shared with the Internet Service Provider and/or the wireless service provider (for mobile apps).

The types of devices vary far beyond smart phones and tablets. Some include security, lighting, temperature controls, and safety devices (e.g., smoke alarms, carbon monoxide detectors). Some may be toys used by very young children. Some may be fitness devices that collect your health information and transmit it to entities not bound by HIPAA and HITECH laws.

This data collection isn't new. It's been happening long before the Internet and smart phones. You might say that digitization and mobilization made the data collection far easier and far more extensive.

A wise consumer is bound to ask: who owns the data these collect (and transmit) about me and my family? Great question. ZD Net explored the answer:

"According to law firm Taylor Wessing, end users don't really have ownership rights to the data gathered by off-the-shelf systems they've installed. If you've rolled out a smart home set-up, you can't legitimately claim that all the details about when you switched on your lights or opened your garage belong to you and you alone."

The term "end users" refers to consumers... you. So, consumers in the United States have few property rights. That means you have little control over the data collection and sharing with others. Not good.

And, it's worse because devices don't always indicate when they are recording your activity, what you do and say:

"... One recent high profile misstep case in point: the privacy policy for Samsung smart TVs told customers that if they had discussed personal or sensitive information in front of the TV, "that information will be among the data captured and transmitted to a third party through your use of Voice Recognition", causing consternation among users. The company subsequently published a blog to explain to users exactly how and when their TVs were listening in."

Whatever smart home devices you purchase, shop wisely:

  1. Read both the terms of conditions and privacy policies before purchase. If you don't like the terms, don't buy it and keep shopping for alternatives.
  2. Buy devices that include regular software updates, just like your computer. This helps protect you (and the data collected about you and your family) against malware, hacks, and computer viruses by unauthorized persons.
  3. Buy devices that are truly smart. Avoid devices that are simply outfitted with a touch-screen and Internet connection. You're probably paying (a lot) more, so make sure you get more. And,
  4. Buy devices with robust privacy settings, so you can control what information you share, when, and how.

What do you consider when shopping for smart devices for your home?

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Chanson de Roland

A law professor of mine, a professor of property, remarked one day in class that the common law and the later statutory means of determining rights in property work pretty well, once the origin of property rights had been established, but that the common law and statutory law often don't effectively determine the origin of rights in property, that is, they don't often don't provide an answer to how property rights originally arose in a person.

However, the law isn't always so inept at deciding who originally gets property rights. In one area of the law of intangible property, intellectual property (IP), the law does have principles for how property rights arise and are determine in a person, which is why my brothers at Taylor Wessing could have said more about how consumers not having rights in their personal data is a radical deviation from the principles of how IP rights arise in a person. In the law of IP, generally speaking, it is the author or inventor who holds the rights in the intellectual property that he creates. All of the personal data that the Editor, Mr. Jenkins, has reported on, supra, which our smart devices collect about us, is personal data that each of us authors or invents or creates with the acts of our lives. Neither the smart devices or their makers or those who collect, store, and distribute our personal data from those devices create or author or invent even the slightest bit of our personal data, so under traditional principles of IP, our respective personal data should belong solely to each of us, as its authors. Or we should at least have some controlling property interest in it that allows us to determine its use, disposition, and control.

Yet somehow what should be our property rights in our very valuable personal data ends up being solely and exclusively the property, not of each of us, its respective authors, but is deemed to be the sole property of those who collect it through our smart devices. How did that happen? How did the law make such a radical departure from traditional principles of IP so that our valuable and intimate personal data belongs to someone else, to the collectors rather than the authors? Well, the answer to that is simple: Because of the great wealth involved in collecting our personal information, the origin of property rights in our personal data were determined by a sort of political conquest, where our courts and our legislatures abetted the new Conquistadors, the data collectors, such as Google, Facebook, the data aggregators, device makers, app makers, etc. in cashing-out by conquering us and seizing our property rights in our personal data, much like we seized America from Native Americans. But this time, we are the Indians.

Now, I don't mean to compare the legalized theft of our personal property to the deprivations and enormities suffered by Native Americans, for it is not even close. Yet, in a very real sense, we are all on the reservation, while the Conquistadors, the Googles and Facebooks, et al., enjoy the rich wealth of our personal data, based on nothing more than the legal equivalent of a kind of Manifest Destiny, as engineered by our federal government, which is suppose to represent us and not them, but which in reality represent them and not us.

Today, this nearly ubiquitous expropriation of our personal data merely costs each of us a large sum of money and our privacy, exposing the intimate details of our lives to strangers, the collectors of our personal data, for their profits. But if there ever comes the easily imagined day when our government descends into despotism, the pervasive, indeed ubiquitous, collection of our personal data will costs us our liberty as well as our money and our privacy.

Gorge Orwell, notwithstanding his wisdom and foresight in 1984, hadn’t even a clue.

George

Roland:

Thanks for your comprehensive and insightful comments. I agree. It doesn't have to be this way. It shouldn't be this way. At a minimum, consumers should be compensated for the use of their personal property. And, there must be effective product and service alternatives, and not the current take-it-or-leave situation where consumers give up all control of their personal data.

I've had enough conversations on Twitter to know that I am not the only one concerned. Others are equally concerned.

George
Editor
http://ivebeenmugged.typepad.com

The comments to this entry are closed.