Languagesx
English Deutsch
Subscribe
Home Is the IoT Nothing More Than a Sophisticated Spy Network?

Is the IoT Nothing More Than a Sophisticated Spy Network?

iot spy network
Is the IoT Nothing More Than a Sophisticated Spy Network?

The Internet of Things is a long-cherished dream. Until recently, it was logistically difficult, if not impossible, to pull it off. According to Mehal Rajput in his post, “IoT and Home Automation – Is it the Future?” advances in tech have not only made the IoT possible but also more affordable.

We’re a society that’s becoming increasingly interconnected. IoT is a natural progression of that interconnectivity. Companies in the know are building in internet capabilities into a range of appliances. It won’t be long before every device that we own is connected online.

Whether or not the internet is equipped to deal with this onslaught is another story. Mark Fairchild dealt with that more fully in his post, “The Automation Boom is Coming. Will the Internet Be Ready?” so we’re not going to get into that question here.

Interestingly enough, though, IoT is playing a big role in web development in the future. Read more about how in Chirasee Bose’s article “IoT is Impacting the Future of Web Development, but How?

There are definite benefits. Your smartwatch could, for example, call an ambulance for you if you had a heart attack. Your fridge could automatically add milk to your shopping list when you’re running low.

Companies are tripping over themselves to try and reap the benefits of a tech-driven society. In their rush, though, are they opening themselves up to severe liability issues? How will stricter privacy regulations impact businesses who’re a little freer with their data? How much responsibility does a company have in protecting its consumers? Is the IoT nothing more than a sophisticated spy network?

In this post, we’ll look at those questions and more. We’ll also throw in a few wild scenarios that most of us would never consider. Could they be in your future? You’ll have to read on to find out.

Consumer Privacy Concerns

One issue that always comes to the fore is the issue of how the IoT will impact privacy. There’s no question that it will. Sergei, in his post, “Internet of Things Makes it Easier to Steal Your Data,” cites several real-world examples of where companies have already violated their client’s trust.

We already know that our smart speakers listen constantly. They have to so that they’ll pick up commands that you might give. The question then becomes, is anyone listening in on the speakers? Do they record conversations?

It may seem a little paranoid, but what happens if someone hacks the smart speaker? Why would anyone want to do that? There could be many reasons:

  • You’re in the middle of a messy divorce
  • You hold a high up position in a company
  • Someone wants to learn your schedule to be better able to commit a crime against you
  • A company is conducting market research

We could go on all day coming up with potential reasons that people might want to listen in. You get the idea, though. Now let’s take this a little further. It’s not just smart speakers to be concerned about.

According to TechCrunch, the FBI recently issued a warning about the latest smart TVs. If your TV is equipped with a camera and microphone, hackers could use these items to spy on you. Why? They can use the camera and microphone to:

  • Scope out your house.
  • Take embarrassing pictures of you and your family.
  • Take photos of your children for child traffickers.
  • Legitimate companies might spy for market research purposes.
  • Spy on boardroom meetings and business conversations through smart devices used to present data.

Now Imagine 64 Billion IoT Devices Spying On You

By 2025 alone, we can expect to see around 64 billion IoT devices. According to the World Bank, there were 7.53 billion people on the planet in 2017. That’s an average of just over eight devices per person. There’ll be virtually no place to hide.

Any voice-activated device has the potential to listen in on communications. Considering the increasing popularity of voice searches, we can expect more smart devices that can be commanded using your voice.

Even if the devices aren’t voice-activated, they pose a threat. Most of these devices have very basic cybersecurity measures in place. After all, who’d want to take over your smart kettle or your home thermostat? Cybersecurity for these devices seems unimportant.

But let’s look at a simple scenario here. A thief wanting to rob your home could mess with the temperature of your thermostat so that you think it’s broken. They might intercept the call to the repair person, or simply just arrive before the real technician does.

That part doesn’t matter. What does matter, is that they’ve gained access to your home quickly and easily.

What’s the Solution?

At the moment, we’re in mostly uncharted waters here. Whose responsibility is it to secure these devices? After all, if your phone or computer gets hacked, you can’t hold the manufacturer responsible.

At the same time, though, devices like phones and computers do come with decent in-built protection. Your smart kettle is another story. At the moment, securing these devices is something of a grey area.

There’s not a lot of legislation regarding IoT devices yet. But that is changing. Take a look at California’s IoT Security Law, for example. The law that came into effect at the beginning of this year puts the onus on companies to take reasonable cybersecurity precautions.

The bill has stirred up some controversy because it’s a little vague. What constitutes “reasonable cybersecurity precautions?” What isn’t vague, though, is that the Californian government expects companies to take more responsibility when putting IoT devices onto the market.

Future legislation will likely be grounded on the same principle.

What Does that Mean for Companies Producing IoT Devices?

Companies will have to consider the potential for their devices to be breached. They’ll need to take measures to safeguard the devices that they have against hackers. And, considering that a Smart TV has similar capabilities to a computer, they’ll have to up their game.

Every kind of smart device will need to incorporate higher level protection.

What Potential Liability Issues are There?

Considering the current lack of legislation, we’re going to analyze the provisions of the Californian IoT Law.

The law states that companies have to consider what data their devices collect and take suitable cybersecurity measures to prevent breaches. Again, this is a vague recommendation. Would a basic anti-virus program be considered sufficient or must companies do more?

A thermostat, technically, monitors the climate within your home or office. It might also store location and usage data. That’s not precisely high-value information. So how much security would the manufacturer be forced to install?

That said, an enterprising hacker might use the thermostat as an easy way to access the home’s smart hub or wireless internet. Through that, they could potentially access other devices operating off the same network.

Devices like your smart car, for example. They might access the controls and track your movements. They could switch off the security while the car’s parked so that they could steal it. And, once self-driving cars are the norm, they might even steal the vehicle from a remote location.

In a case like this, who’s to blame? Is it the car manufacturer because their software was hackable? Not if they took every reasonable precaution. Is it the internet provider’s responsibility because the network was less secure? Not really, as the hacker gained access through the thermostat.

It’s not a strong leap of the imagination to see a court siding with the client against the thermostat manufacturer here.

Could Companies Lose Suits Related to IoT Liability Issues?

Clients expect the products that they buy to be safe to use. If a defect in the thermostat’s wiring causes a short-circuit, and the house burns down, the homeowner has a case against the manufacturer.

While we’re in somewhat new territory here, it’s not a stretch to say that poor cybersecurity on a device is endangering the consumer’s welfare. Let’s have a look at how this could play out in a business and home environment.

Let’s say that company A has developed a cure for the common cold. It’s ground-breaking, and the formula is worth billions. The research department relies on smart boards to work out complex calculations.

Company B manages to hack one of those smart boards. They’ve got everything that they need to reproduce the formula. Company B beats Company A to market and can undercut their price because they spent a lot less on research.

Company A could have a case against the manufacturer of the smart boards in terms of privacy laws.

In a home situation, a hacker might take control of your smart TV. They might wait until your kids are watching TV alone and expose them to inappropriate content. They might try to message them through the TV and arrange a meeting.

Several potentially disturbing scenarios in the home and office could play out.

What Consequences Could Companies Face if Found to be at Fault?

At the moment, reputational risk is potentially the worst consequence. A breach at any time is bad news for a business. Companies that expose data through negligence take a real beating in the press.

There’s also the potential for fines or penalties to be levied against companies found to be in contravention of privacy laws. The GDPR, for example, imposes a fine of the greater of 4% of global annual turnover, or €20 million.

Now, this legislation doesn’t specifically deal with IoT devices. It could, however, apply to a breach caused by an IoT device.

In places where the legislation hasn’t quite caught up yet, companies are unlikely to face penalties. They may, however, face damaging civil suits.

Problems with Determining Liability.

It’s not all smooth sailing for the consumer, though. You’d have to prove beyond a shadow of a doubt that the IoT device was the source of the breach. That becomes tricky when it comes to connected systems being hacked.

An IoT device manufacturer might argue that it took reasonable precautions. They might also say that the internet service provider should have provided a more secure solution. They might argue that the home’s smart hub should have provided better security.

It’s entirely possible that these cases could drag on for years.

Then there’s another completely separate issue to consider – the consumer themselves. Don’t they have some responsibility here too?

Do Consumers Bear Responsibility Too?

Another thing that we haven’t considered is the consumer’s role in protecting themselves too. We’re essentially looking at the software here. If a consumer is lax about keeping their software up to date, they might miss security patches.

If a breach happens as a result, is the company still liable?

Let’s get back to that example of Company B stealing Company A’s formula. It could be argued that Company A should have taken better precautions. They could have isolated the smart boards so that they operated on an internal system rather than being connected to the web.

While legislation seems to be placing more responsibility for cybersecurity on manufacturers, consumers also have to take precautionary measures.

Is the IoT Nothing more than a Sophisticated Spy Network?

We’re not ready to label it as such. It’s true that the more connected devices there are, the easier it will be for us to spy on one another. But let’s face it, the concept of complete privacy ended when the internet became so popular.

It’s a little too late to cry foul when it comes to IoT devices. Unless you’re willing to disconnect from everything internet-related, the personal privacy ship has sailed and sunk.

What we can do, however, is to be more careful in how we apply the technology. Do we really need our thermostat to be connected to the internet 24/7? It’s fun to be able to play with the settings on your phone when you first get it. How soon will it be before the novelty wears off, though?

Perhaps we can take a cue from cryptocurrency experts here. With cryptos, it’s safest to keep the bulk of your coins in cold storage. Or, to put it more simply, offline. Ironically, safeguarding our IoT devices might ultimately mean running them on a closed system, cut off from the internet.

This will pretty much defeat the object of an IoT, so is it practical? Probably not. For now, consumers and manufacturers have to start taking cybersecurity for these devices more seriously. Manufacturers will have to create more secure devices. Consumers will have to do their part by ensuring they follow good cybersecurity practices.

Image by Gerd Altmann from Pixabay

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Chris Usatenko
Editor

Chris is a growth marketing and cybersecurity expert writer. He’s passionate about cybersecurity and has published hundreds of articles in this area. He’s particularly interested in big data breaches and big data companies. He’s proud of his contribution to high-levels sites such as “Cyber Defense Magazine,” “Social Media News,” and “MTA.” He’s also contributed to several cybersecurity magazines. He enjoys freelancing and helping others learn more about protecting themselves online. He’s always curious and interested in learning about the latest developments in the field.

Related News

A conceptual image to show digital piracy. A black skull and cross bones with a light blue outline is set in the foreground in front of dozens of small screens
US Federal Court overturns huge $1bn piracy ruling
Brian-Damien Morgan
A stylized map of Europe with interconnected beams of light running cross it symbolize mobile networks
The countries with the fastest mobile network speeds in Europe
Sam Shedden
Evolution of Cybersecurity
The Evolution of Cybersecurity in the Age of IoT and Cloud Computing
Faith Adeyinka
Apple will aim to produce a quarter of all iPhones in India
Apple to make a quarter of all iPhones in India
Brian-Damien Morgan
Modern Shipping Logistics
How IoT & Analytics are Powering Modern Shipping Logistics
Yash Mehta

Most Popular Tech Stories

Latest News

Release of Prison Architect 2 has been further delayed to September 2024
Gaming

Prison Architect 2 delayed again, this time to September
Graeme Hanna10 hours

A second delay has been confirmed for Prison Architect 2, less than a month before the expected launch date. The game is now expected to launch on Sept. 3. The...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.