The Internet Of Things Remains A Calamity For Data Protection
The Internet of Things is a disaster for privacy and data protection, as most connected objects collect and transfer personal information this is what reveals the largest study ever conducted on IoT. As a technology, the Internet of Things has led to a real industrial revolution since its emergence many years ago, countless companies are doing their best to connect all everyday objects to the internet.
Unfortunately, in this “all connected” rush, builders often ignore security and privacy issues. In fact, in 2019, millions of connected objects pose a threat to the protection of personal data, this is revealed by the largest study ever conducted on the Internet of Things. Together, the two institutions reviewed more than 81 popular connected devices such as TVs, streaming dongles, speakers or bells made by market leaders such as Google, Roku, and Amazon. After 34,586 tests, the researchers’ verdict is final. Most scanned devices collect user information such as the IP address, technical details of the device used, or geolocation data. This data is then shared with third parties, most often without any transparency or request for consent. Of the 81 products examined in the study, 72 contacted a company other than the manufacturer.
Worse still, the information transferred is rarely encrypted and a malicious person could easily intercept it. Internet of Things: 72 out of 81 devices collect and transfer data Thus, almost all TVs in the panel contact Netflix even if no Netflix account has been configured on it. They transmit to the streaming giant information such as the TV model used and its geographical location. One of the connected cameras studied is transferring data to more than 52 unique IP addresses worldwide, and a Samsung TV has meet 30 different IP addresses. Recipients include leading cloud providers such as Akamai, Google, and Amazon, as well as a wide variety of marketing partners.
This data can then be used to develop consumer behavior patterns without even knowing it. And the problem only gets worse when a device offers recording features such as a microphone or a camera. For good reason, these devices can record without you knowing about it. Several cameras with cameras scanned as part of the study record all detected motion and cannot be disabled. Similarly, Amazon Alexa compatible devices will activate and register even if the activation word has not been spoken.
Researchers who have conducted this uplifting study point out that it is very difficult to examine the security of connected devices, especially because their manufacturers do everything to prevent the knowledge of what data is sent. In addition, the encryption systems that are supposed to protect the data during their transfer to third parties also prevent to verify the nature of it. By publishing this study, the researchers hope to encourage other institutions to ensure that consumers have more control over the information exposed by their connected objects. In the meantime, they advise to take care to think long before buying products. It is for example recommended to opt for “unconnected” objects if the Internet Of Things (IoT) is not essential.