Your home is getting “smarter” all the time…full of smart gadgets, anyway…in fact, most people listening probably have trouble keeping Internet-connected devices OUT of their homes. It’s hard to buy a DUMB TV now, for example, one that doesn’t watch you while you are watching it. But most people know precious little about what these Smart TVs — what ALL these smart gadgets — are learning about us, and what happens to that data?
Oh, details on smart gadget data collection might be out there somewhere. Buried on some website, in a 27-page privacy policy. In other words, invisible to most people. Duke University professor Pardis Emami-Naemi is hoping to change that. She’s working on a proposal to add nutrition-like labels to gadgets, so the privacy trade-offs we are all making all the time make are easier to understand … at a glance. She’s here today to explain the effort..and why this issue matters so much to her. I started our conversation by asking her to remind us what people mean when they say Internet of Things devices.
You can listen by clicking here, or clicking the play button below. Or, you can read the transcript below that.
Pardis: So Internet of Things devices are basically these digital devices that are connected to the Internet. And basically they have this power of collecting data. They have sensors and they can collect data. They can analyze data either on the device or they can send to, for example, the cloud to do some data analysis and they do some data processing. And then based on that, they would basically do a functionality that the device is supposed to do. And basically any of these devices that are now connected, we now call them connected devices, smart devices, or Internet of Things devices.
Bob: Give me a couple of examples of what kind of devices these are.
Pardis: Yeah, so basically whatever devices we had before, now let’s think about them being connected. For example, we now have smart speakers, for example, Alexa devices. We have smart thermostat. We have a smart refrigerator, a smart microwave… toothbrush. So all of these devices that we traditionally had them not being connected and offline, now they’re connected.
Bob: So my father loves asking Alexa what the temperature is outside, for example, but why does these seemingly harmless, maybe even fun gadgets … What kind of risks do they pose?
Pardis: So they collect a lot of data from users and in many cases, users are not aware of such data collection, and it’s not just about the types of data that is being collected, but it’s also about how this data is being used, who will have access to this data, for how long the data will be retained for. Is data being sold to third parties? Several data practices that users are not informed of when they start interacting with these devices. And that is basically one of the several harms of such devices.
And this is basically in addition to all these security risks of these devices. They’re now connected to the internet. So basically, an attacker can actually use these devices, for example, as a bot in a botnet attack, and basically use these devices to get access to the network of users and be able to steal data from their other devices, from their computers. So these devices, because many of them do not have good security properties, they do not use a good encryption, sometimes users do not update them or some of them do not receive security updates at all … and because of that, they’re weak devices. And so it is basically the opportunity for attackers to use these devices to get into the network of the victim.
Bob: So there’s criminal hackers. There’s companies who might be watching us. There might be interpersonal relationship conflicts that are exacerbated by these devices, but we’ve invited them in. Some of them are really cheap… Amazon’s Dot device can be $20-30… What is your solution for this issue?
Pardis: So we are actively doing research on this topic, but just in terms of … the first important challenge here is: Can we somehow inform consumers about the privacy and security practices of these devices at the time of purchase so that they are better able to basically purchase devices that are less risky, or at least they’re more aware of the risk that they’re introducing to their home? And for that, we designed a usable and informative security and privacy “nutrition” label for smart devices, which is, as the name suggests, very similar to a nutrition label, but now for security and privacy and for smart home devices.
There we basically talk about security properties of the device, including whether the device receives security updates and what is the frequency? Is it an automatic update? A manual update? We talk about the authentication mechanism of the device — is it a password, is it two-factor authentication?
And then we also talk about several privacy and data practices, including what data the device collects, how long is the ability to retain the data, who will have access to the collected data, and many more factors.
Bob: So just like a box of cereal tells me how much vitamin C and vitamin D is in the cereal. This label tells me how long the data that I surrender to this machine is stored by the company, right? It looks just like one of those nutrition labels?
Pardis: It is very similar. So it is a layered label. It has two layers. The primary is this concise format of the label, which could basically be printed and attached to the package of the smart device. Then there is a QR code and URL that will direct you to the secondary layer, which is this, more detailed version of the label.
So on the primary layer, we try to put information that consumers understand and they’re also more actionable and not just like a nutrition label that you may not be able to know what you can do about it. For example, related to data sharing, maybe users have this option to opt out from data sharing or, for example, they can delete their data.
So we surfaced the options, the controls that users have on the primary layer. But then if you are curious, if you have more expertise, you can see the secondary layer, which has all the information on the primary layer, but a lot more advanced information as well.
Bob: So these, these two layers that you’re talking about, I think that’s probably the answer to the next question I had planned to ask you … which is: many people say, you know, why even bother with privacy policies? Because no one reads them. Consumers just don’t care. Is this your response to that?
Pardis: So to some extent we didn’t actually want this label to be a long detailed label full of jargon and technical terms similar to what a privacy policy is. We actually wanted people to be informed. That was the goal of this work, that we want to build something to inform consumers’ purchase decision making.
And so we realized that maybe one layer is actually not enough to put all this information there. So we decided to design this two layered label, and we conducted consumer studies, and we found that users actually really like the idea of a layered label. It was more useful to them. They were saying that most of the time, we don’t really want to see all this information. Maybe a few of them we understand we care about, and that is what we have on the primary layer.
Bob: Okay. You keep saying “we.” So can you tell me, what group is working on this project with you?
Pardis: I initiated this project at Carnegie Mellon University… I think it was second or third year of my Ph.D. with my two advisors, Lorrie Cranor and Yuvraj Agarwal. Both of them are faculty in computer science at Carnegie Mellon University. We basically initiated this work at the time at CyLab, which is a security organization institute at Carnegie Mellon. And we are still working on that, although I’m basically now moved to Duke. I’m still working with my advisors at CMU. I’m also a research consultant at Consumer Reports to basically help them design such a label in the US and basically study how such a label could be effective for consumers.
Bob: Consumer Reports, I’m sure, is an important partner in this. It’s a name that consumers recognize and trust, but what kind of buy-in have you received from industry groups? What kind of adoption or interest is there in adding these labels?
Pardis: So we haven’t started directly engaging with manufacturers yet. It is in the process. It is in the pipeline. So we first want to basically have a prototype label, which is different than the academic paper-type of label, something that we believe industry would adopt. That is something that I’m working on with Consumer Reports, which is probably a shorter version of this label, more concise. But then after that we would like to have some focus groups with industry players, with startup smart device companies and maybe larger companies as well… And see, basically, how much of this information they’re willing to disclose.
So right now we don’t really know which companies are more willing to do so, and who is basically the first company to have that. But we are hopeful that we would see this and just maybe having this analogy — the IoT security and privacy label. We have app privacy labels that… are currently in the Apple store and Android store.
So we believe that in the US this idea of a nutrition-like privacy label .. it is accepted to some extent. So we think that maybe this idea would also be accepted for smart devices.
Bob: I know that you’ve been working in privacy for a long time, and I’ve seen you speak in other places where you explain why privacy is a really, really, personal and intense matter for you. Why is that?
Pardis: Yeah, so, basically I’m originally from Iran and I was there for 22 years or so, so for the majority of my life I was actually living in Iran and in Iran, similar to several other countries actually … surveillance is a huge thing and not having privacy is pretty accepted.
But at the same time, you want to have privacy. You understand the value of it, but it’s not actually there and you can’t really do much because not everyone knows that it is an important factor. You have to stand up for it and you don’t really have that much time. You have more important things to do than just really fighting for your privacy in Iran. But for me, it was always an important missing component, especially as a female student, as a woman in Iran. It was a huge thing.
And when I moved here, when I realized that it is a field by itself, people care about privacy as a research topic, I can get my Ph.D. in this field, then I realized that this is really important. I can actually do research. I can help people, I can inform their practices. So then I got really even more passionate about just doing more in this field so that maybe I can also help people in Iran as well, and also other cultures where not having privacy is a very cultural and accepted factor.
Be the first to comment