Handy, isn’t it, all those ‘smart’ devices? But smart devices do make us vulnerable. They collect data and send it to the internet via WiFi. For malicious hackers and companies like Google, this is a real gold mine.
Thermostats, TVs, refrigerators, front doors and electric cars collect information in the home. Sensors register, among other things, movement, temperature, sound and location. But really, they’re just dumb devices. They ensure that companies such as Google or Samsung process and analyze your personal data. This means that they decide what the device should do. And that’s where it goes wrong.
‘In fact, smart devices continuously harvest information about people’s personal living environment,’ warns Bouke van Laethem, security expert and ethical hacker at KPN. ‘Users don’t know what companies do with this data.’ Companies consciously or unconsciously collect more and more data than we realize and take technical measures to hide this from the consumer.
Easy to hack
A WiFi security camera in the shape of a dog from the Chinese website Aliexpress.com, part of the Alibaba company, helps parents monitor their child’s bedroom. The company sold 434 of these cameras worldwide in the past six months. 98% of buyers give the camera a four- or five-star rating. For best security, after connecting to the Wi-Fi network, the camera should prompt to change the default password. If this doesn’t happen, hacking is very easy. The default password and ID number on the back of the camera are sufficient to access the camera images. All over the world.
Piece of data
In addition to safety, a smart home promises a sustainable energy supply. In order to be able to specify the energy yield, solar panels communicate with the internet, for example. Unfortunately, that is not always safe. The origin of some products makes the security and privacy challenges even greater. Products consist of hardware such as sensors, cameras, microphones, chips and software that together make the device work. Many technical companies outsource the design of the hardware and software to other parties, for example in Asia. ‘And in principle, all parties in the chain have access to at least part of the data,’ says security consultant Mattijs van Ommeren. According to him, consumers are not always aware of these intermediaries.
Digital safe
Solutions for privacy issues are being considered in various places. Marie-José Hoefmans and her team at Schluss in Amsterdam developed a digital safe in which users can safely store their personal data for a small fee. The consumer determines how much and for how long parties have access to the personal information. ‘The idea behind Schluss is diametrically opposed to the current park approach. As more and more people use Schluss, the pressure on companies to change things will increase,‘ says Hoefmans.
Professor of law and information society Gerrit Jan Zwenne says: “Just like an accountant checks the bookkeeping of companies, an independent party should also check whether the data collection of companies in the field of privacy and security is correct.”
Sources):
