SciTech

Internet of things optimizes events while reducing privacy

Credit: Eunice Oh/ Credit: Eunice Oh/

Pugwash’s discussion topic this week was privacy and the Internet of things. Computing power is becoming more powerful, and is being used to record our everyday activities in ways that were never imagined even ten years ago. This explosion of data can provide a better experience for all of us, but at the same time, it puts the minutia of our lives on the Internet, where it could potentially be seen by anyone. Welcome to the Internet of things.

From watches to toothbrushes, thermostats to refrigerators, tech companies are encouraging us to record our activities and send the data up into the cloud, where they can look at it and optimize our experiences. Due to how cheap and available technology is, it is easy to incorporate it into the most mundane aspects of our lives. Manufacturers can put Radio-Frequency Identification (RFID) tags into products to track them, which work much like barcodes do. Then, they can use the data they collect to find ways to improve the product or use it more efficiently.

The information collected is not just about the devices. Data about specific users is also scooped up and used, most often in advertising. For example, there’s the story of Target mailing a high school student ads for maternity clothes and baby supplies. Her father came in to complain, only to apologize a week later when it turned out that the student was pregnant after all. Target was able to figure it out just through analyzing the patterns of what she was buying.

The data is also used to improve user experience outside of advertising. Google recently bought the company Nest, which sells a smart home thermostat system. By sending usage data to the cloud, where it is then analyzed, the thermostat can tell when you’re home and when you’re not, and learn to adjust the temperature accordingly. While this is an undeniably cool service, there are questions that arise: What if someone got their hands on the data, found out when you were not home, and decided that those times would be good opportunities to rob your house?

Once your personal information is on the Internet, it becomes harder to keep it from falling into the wrong hands. Even if it is only stored on company servers, and not intentionally shared or sold with anyone, there is always a chance that it could get stolen. As soon as you connect a device to the Internet, it becomes fair game to all the hackers in the world.
And even if that data is anonymized, it can still be traced back to you with a high level of certainty. For example smart watches, among other devices, collect health data that might be personally sensitive. Removing your name from the data or trying to clear the metadata (things like the date or location the data was created, or what kind of device it was created on) isn’t a sure bet, because using statistical inferences, it’s possible to narrow down the number of individuals to whom that data could belong. There are only so many people of the exact age, gender, weight, with the same conditions, who walk the same number of steps, who are from the same place, as you. The more data that’s collected, the easier it is to find out who it belongs to.

One proposed solution was to have more regulation on what sort of data could be collected, or what inferences can be made from the data. However, this might hamper the ability of companies to use the information to create the optimal experience, which is the whole point. Making consumers more aware of what data is being collected was another suggestion. Most people don’t think about how if they buy unscented lotion and a large purse, Target might know they’re pregnant. Making it more clear what information is gathered and what it is being used for will allow consumers to make their own choice, if they want to continue to invest in the companies or not.

The Internet of things is coming, and it holds the promise of optimized environments, from toasters to thermostats. However, the amount of data that is collected means that the limits of privacy are being put to the test.