The UK’s Intelligence and Security Committee has deemed the latest Draft Investigatory Powers Bill as a “missed opportunity”, according to its latest report.
The post ICS calls for latest Draft Investigatory Powers Bill to go further to protect privacy appeared first on We Live Security.
Many parents will have noticed the invasion of talking, AI-enabled toys hitting the shelves this holiday season. Once inanimate, mute objects on which we had to project personalities, movement and more, the latest high-tech toys are increasingly learning to think for themselves – with sometimes worrying consequences.
One of the most talked about recent examples of such a toy is Barbie. The beloved companion of many, Barbie recently became more interactive than ever with the launch of a Wi-Fi connected version that listens, replies and learns over time. As anyone who has heard Barbie’s suggestion to hold a “pizza party!” will well know, the power of speech isn’t new to the doll – the latest release however is branching out considerably further, combining Wi-Fi and ‘machine learning’ to be able to have entire conversations with playmates.
Much like Siri or Cortana, Hello Barbie is mic’d up and connected to a server in the Cloud which analyzes what is said to the doll and then selects an appropriate response. Learning as she goes along, Barbie mimics a real life friend by remembering details that she can drop into future replies.
While this might be every kid’s dream, it’s likely to be a real cause for concern for the more privacy and security conscious parents among us.
Much of the technology we use on a daily basis is now equipped to ‘listen’ to us in a similar manner in order to facilitate easier, more human interaction. As already mentioned, the most obvious example of this are personal assistants like Siri and Cortana which sit on our mobile devices and activate at our command. An easy enough use case to understand. What can be alarming however, is when technology not traditionally designed to listen to us is enabled to. Smart TVs, for example, have been in the press recently due to their ability to listen to conversations, capture the data and relay it to third parties. Even connected baby monitors have been called out due to their susceptibility to hacking.
As with any connected device, the debated risk is that Hello Barbie could offer an easier in for hackers attempting to intercept your Wi-Fi network. While ToyTalk which manages the toy’s cloud connection emphasizes the security measures it has taken, it also admits that ‘no device is 100% secure.’ On top of their security concerns, parents might also wonder what is happening to the data being captured as their child chats away to Barbie. Is it being stored anywhere? Yes. Is anyone listening to it? Yes. Will that child end up being bombarded with advertising for other talking toys? Hopefully not – according to ToyTalk, it does share recordings with third-party vendors, but only to improve their products. In any case, it sounds like any secret told to Barbie in confidence won’t stay that way for long!
Whether you like it or not, talking toys could be here to stay. This year, Elemental Path launched CogniToys – talking and listening dinosaurs enabled by IBM’s Watson, the famous artificially intelligent computer able to ‘understand’ human language. Another example is Ubooly, a cuddly bear described as the ‘Learning Toy that Listens’, becoming interactive once connected to a smartphone or tablet. Though only two examples, it’s just a matter of time before more of these toys hit the shelves.
So how do you feel about toys that listen? Will you be letting Barbie say hello to your child? With Christmas just around the corner, it’s worth considering the security implications of the latest high-tech toys available this season, and how connected you want your child to be.
Did you know you could be unwillingly revealing your location via geotagging in photos you upload with social media applications?
AVG’s Michael McKinnon walks you through some things to be aware of when it comes to geotagging.
Did you know:
Here are some ways to protect your privacy when it comes to geotagging on your mobiles device:
For more great tips on getting the most out of your devices, visit us at www.now.avg.com and follow us on twitter or Facebook.
Stay safe out there.
Self-driving cars got a boost earlier this month from Toyota, which committed $50 million dollars to Stanford University and MIT for artificial intelligence and driverless car labs.
Unlike others in the race to put a driverless car on the road, Toyota has said its approach is not to build a fully autonomous car, but to provide “semi-autonomous assists” that will keep the driver in ultimate control.
At the Toyota announcement event, Re/Code reported that MIT’s Artificial Intelligence lab director Daniela Rus suggested artificial intelligence (AI) could, for example, enable a car to analyze your behaviour to assist in your driving and make it safer. She also described how AI features could make driving more pleasurable. For instance, if you were in a bad mood, it would begin playing your favorite music.
Meanwhile, a fascinating new book by the Pulitzer Prize-winning New York Times senior science writer and long-time tech reporter John Markoff, called “Machines of Loving Grace”, offers an exploration of the future of what smart machines can do for us and what they can help us do. The book, which is subtitled “The Quest for Common Ground Between Humans and Robots,” is an excellent primer on the topic of AI and autonomous cars. The question central to Markoff’s exploration is: Will we control these smart machines, or will they control us? (You can listen to an interview with Markoff on his book and the topic of AI and driverless cars that aired on National Public Radio).
Now is a good time to consider the question while driverless-car and other AI-driven technologies are still in early stages of development.
Most experts and insiders involved believe, for example, that it’s a five-year scenario before autonomous cars become a reality. However, in the meantime, we will continue to see more aspects of AI and the Internet of Things (IoT) impacting our daily lives, in and out of the car.
One example playing out right now is how major auto insurance companies are embracing and using the IoT to monitor vehicles and collect data on drivers’ habits and track their behaviour. This includes things like changes in speed, how often we drive, and the time of day we drive, etc.
In a new report, research by Business Intelligence estimates that there are 155 million cars on the road in the U.S. capable of being monitored today through On Board Diagnostic (OBD-II) dongles, or plugs, that sends analytics about the driver’s driving habits back to the insurance company. The purpose touted is that insurance firms can then offer clients potentially lower premiums based on the driving data and their ability to analyze and assess a clients’ risk levels. That’s certainly an incentive to drive well, but raises some concerns.
As Accenture analyst Mark Halverson points out in a recent article on the topic: “Big data is a boon for insurers, which use it for underwriting, pricing and more. For consumers, however, it’s more of a mixed blessing, as they sometimes fail to see the benefit of sacrificing privacy for convenience (to the extent they even know they are sacrificing privacy).”
If you are one of the hundreds of millions of people in the U.S. driving with OBD-II, do you know if your insurance company is monitoring your data?
Halverson argues that for the industry to provide a model of “purposeful” data collection and urges, “insurers should at the very least clearly state their purposes for collecting data, and ensure that the data will be handled securely.”
Ultimately, there are many questions to be answered about who will be in control of the drivers seat in the not too distant future.
A study carried out by the Global Privacy Enforcement Network (GPEN), involved over 29 privacy enforcement authorities in 21 countries. It found that only a third of websites had effective control of the information collected on our kids.
Understanding what happens to the personal information of your children needs to be high on the agenda of all parents. I’m not sure it’s understood due to the covert way that the data is being collected. Have you ever tried reading the privacy policy that accompanies websites and apps? if you haven’t then I am fairly certain your kids haven’t.
Imagine someone knocking on your door and asking for your child’s email address and access to their friends contact details. You would be shocked at the audacity of the request and send them away with nothing. When our kids go online or use apps, this very information is being given up without thought about what happens to it.
When something is free, such as an app or web service, it’s not because the company developing it is just being nice. Companies need to make money so that they can fund innovation that will keep us functional and entertained. One of the ways they can do that is by using our data. As consumers, especially when it’s our kids, we need to understand the trade off between free and acceptable data collection and use.
In a recent BBC article about the GPEN findings, Mr Adam Stevens, head of the UK’s Information Commissioner’s Office, said: “The most common concern domestically was a lack of information being provided about how their information would be used.”
The study identified concerns with 41% of the websites examined and that a minority of sites had an accessible way to allow families to delete data.
It’s important that we engage with our kids and teach them the value of their data. They need to understand how apps and services they’re accessing are using their personal data, and we need to guide them on what is acceptable usage.
Data breaches are now common place, and with vast amounts of personal data being collected and stored the consequences for our kids could be significant.
While I would not encourage kids to tell untruths, I might encourage them to have a modified set of data for use online, for example: their place of birth could be anywhere and the day of their birth does not need to be the real one, however their year and month of birth should not differ from reality as the reputable websites and apps deliver content that is age appropriate.
I personally have multiple email addresses: one for my serious stuff like banking and family communication, and an account that I can burn if it becomes compromised or I start getting too much spam. While this maybe a complicated thing for our kids to do, the principal behind this is something worth educating kids about.
Follow me on Twitter @TonyatAVG
Earlier in January, thousands of attendees and exhibitors descended on Las Vegas for the 2015 Consumer Electronics Show (CES).
One of the most exciting and talked about trends was the mass market arrival of the Internet of Things, something that I have been talking about since August 2013.
The Internet of Things (IoT) is a catch-all term for the growing number of Internet enabled devices in our lives. If you wear an activity tracker, have a smart Nest thermostat, or remote access CCTV in your home, these are all part of the IoT.
What we saw at CES was a potential glimpse into the future. We saw smart dog bowls, smart baby monitors and even Belty, a smart belt.
Apart from excitement, all smart devices have something in common, they create data. They generate data that helps us as users to take more steps each day, brush our teeth for the required time, not forget to water our plants etc.
All this data is very useful but it is also very real privacy concern. In fact, shortly after CES, the chairwoman of Federal Trade Commission Edith Ramirez warned that privacy and security should be a key consideration as we add more devices to the Internet of Things.
She outlined three major concerns brought about by the IoT:
I couldn’t agree more with Ramirez, as we have seen with voice recognition technologies, the connected world of the IoT has witnessed a land grab. Companies are developing smart devices as quickly as possible and putting them out into the market without proper consideration for what is safe or how data should be used responsibly.
The line between our connected lives and physical lives is more blurred with each passing year and we must change the way we view data and personal information.
I don’t believe that collecting data is a bad thing, in fact its data collection that allows many of the web’s most popular services to function at all. What I do insist on, however, is that data collection is transparent, easy to understand and most important of all, consensual.
People have come to learn that their data has value, and they should be the ones to decide who they share it with, and how it can be used.