back to article Welcome to 'uber-veillance' says Australian Privacy Foundation

Regulators are way behind the game when it comes to wearable and IoT privacy, and users are willingly conspiring with companies that don't care about them to help create a society of “uber-veillance”. That's the grim conclusion reached by Australian Privacy Foundation (APF) board member and University of Wollongong researcher …

  1. dan1980

    'In the future, she said, “you won't be able to hide: you will get hit with fees for not disclosing.”'

    Already happening. Sure, they call it a 'discount' for those that do but the effect is the same. Health insurers are doing this right now.

    The big problem, however, is that this kind of data gathering becomes the norm and so it is an implied consent and, moreover, the world shifts to where it is just considered normal. When that happens, there is less choice for those of us who don't want to fall in line.

    Have a look at something like Uber. Not quite the same, I know, but it's something for which you actually need a smart phone or else you can't use it. Admittedly, I am not inconvenience as a result of this but what happens when we have several such services and they have the effect of reducing the number of 'real' taxis due to them being forced out of the market? What happens then, when you need a smart phone to take a taxi?!

    It's not a strong connection but remember that Uber can and does track you - where you go and when. So perhaps one day, because people accept that about Uber, even those of us who don't won't have much of an alternative. Perhaps the normal taxis switch to that service too?

    Or look at supermarket checkouts with the decreased number of normal check outs and the roll-out of the 'self service' units. They're fine - whatever - but now I am seeing places where fully half the machines are card only. Even without a foil hat, it's pretty clear that your options for purchasing anonymously with cash have just decreased.

    Yes, my foil hat is probably on a bit too tight but people have to understand what the future will hold and once EVERYTHING is recorded we are screwed because all it takes is a bit of hacking or some some unethical business misusing that data and you are fucked.

    It's the correlation of dozens of sets of data that really does it. Sure, maybe it's no so bad that Uber know where you travel and when. But what about combining that with your public transport history via the various electronic ticketing systems, such as Opal in Sydney or Myki in Melbourne? And then add that to your fitness tracker and your shopping records and so on.

    Each thing might not be a big deal and people will say that they don't care if their health insurer knows when they go to sleep but each such bit of data gets added to to the ever-increasing pile.

    You say: "I don't care if company A knows my birthday" and then "I don't care if company B knows when and where I take taxis" and then "I don't care if company C knows when I buy bread and milk and whether I buy medium black t-shirts at $20 or small white t-shirts 3-for-$10". But what happens is that now companies D, E and F know all that too. and you have no idea who they are.

    My hat really is too tight.

    1. Anonymous Coward
      Anonymous Coward

      Too tight?

      Hmmm, no you are right.

      It's almost become a challenge to avoid leaking personal information these days.

      I can see a near future where being 'unknown' in the corporate world will render you a non-person and a commercial pariah.

      That house on that bush block in Tasmania is starting to look even better....[unplugged]

      Anon, why be a hypocrite?

    2. Urh

      bloody supermarkets...

      What really gets on my tits about having half the self-serves as card only is that it only makes the queues longer. It makes no bloody sense.

      1. Sanctimonious Prick
        Coat

        Re: bloody supermarkets...

        -rant

        Bloody Oath! And same at public transport ticket machines, especially when the person(s) in front put in the wrong pin, choose the wrong account, or don't have enough funds - geez, carry some shrapnel - we're not completely cashless, yet! :D

        /rant

  2. Mark 65

    Simple solution

    The easiest way to solve a lot of these problems is that the data created by the device is the sole property of the owner of that device (leasing issues aside) and that any sharing must be explicit and unforced by the asymmetric nature of the relationship i.e. Apple can't fuck you over if you don't say yes. The solution is simple, it is about having the balls to implement it and no politician does.

    1. KrisMac

      Re: Simple solution

      <tinfoil>

      It is not so much a lack of balls on the part of politicians that worries me, it's complicity...

      You only have to look at what is going on back in the 'mother country' to see how the ability to track, trace, profile and categorise people is very much in the self-interest of the political classes. David Cameron's latest little brain fart about banning messaging apps that enact strong encryption without backdoors for him and his cronies tells you all you need to know about where things are heading in that arena.

      That sort of intrusion into people's privacy is not about countering external threats - it's all about being able to micro-manage your internal population and to punish those who commit 'thought crime' against the State. Add in the ability for politicians to tap into the vast pool of biometric data that wearables are going to provide and you have a scenario that the Stasi could only dream about.

      Once you know not only what someone thinks in the privacy of their own home, but also where they go when they leave home; who they talk to and how much they have to pay to insure their unfit, unhealthy lifestyle - how hard might it be to 'persuade' them and their friends that they might be better off just doing as they are told in return for a bit of a discount on the power bill for their home use defibrillator?

      How long before Tony Abbot catches on to that game?

      Politicians are not sitting on their hands because they don't understand the tech - they are doing so because they very much DO understand the tech and see that it is absolutely in their personal best interests to let things develop just they way they are...

      </tinfoil>

  3. Anonymous Coward
    Anonymous Coward

    Online privacy is problem looking for a solution, not the other way around

    Root cause analysis of the problem indicates that several things are needed, most of which are not currently in place:

    1) Clear definition of personal data ownership, on both a legal and commercial basis. Currently the data slurpers hold most of the cards here. This is a fundamental issue, which while being superficially addressed by some companies, still needs some work.

    2) Mandatory anonymization of personal data objects so as to prevent targeted, collated profiling by second and third parties. This means a doctor, insurance company or government agency can check how many people have diabetes, but not who they are, where they live, etc. Supermarkets can check how much whiskey they are selling, but not who is buying it. Any removal of the anonymity shield would require a warrant or a very compelling public interest (life-threatening situations for example).

    3) Clear and unambiguous laws about data retention time limits and the right to quickly correct any of your personally identifiable information held in commercial and public databases. There must be a time limit on how long slurpers can hold your data and you should be able to inspect and correct it any time or at fixed periods.

    4) The implementation of data categorization rules by everyone in the public and commercial sphere. If a web site asks for your phone number, CC number, SSN, address or anything else that can identify you personally, they will be legally obligated to encrypt it, protect it and prevent its distribution to unauthorized parties, including their own staff. The civil and legal penalties for failing to do so should be serious enough that non-compliance is not an option. We can start with banks, credit card companies, and all merchants who accept credit cards.

    Since the cat has already been out of the bag for a long time and is now roosting at the top of a tree, the best we can hope for now are solutions that will prevent future abuses.

    I am not too sure politicians will ever get it, as this involves some amount of education and intellectual integrity. Consumers really need to vote with their wallets, and techies need to start designing solutions that can solve these problems. Databases can have rules applied to them, and these rules can be enforced. We need more tools for this stuff and a serious will to ensure that they are correctly used by data gatherers.

  4. Gartal

    As I've said for years

    As I've said for years to nobody in particular, the difference between communism as sold to the USSR and capitalism is that under communism people were forced to spy on each other, under the new high tech Capitalism people ask for it.

    1. Michael Wojcik Silver badge

      Re: As I've said for years

      Well, yes. That's the difference between centrally-planned economies and market economies. Various members of the Frankfort School, among others, pointed that out decades ago.

  5. jjcoolaus

    Samsung already penalises you for non-disclosure

    You can't add weather to the lock screen on a Galaxy Note 4 unless you have location services turned on.

    I leave location off 99% of the time because a) the battery hit; and b) I don't need google recording where I go every minute of the day; and c) you can't selectively opt-out which apps should have location data and which apps shouldn't; and d) I know the data isn't private, available to anyone who asks pretty much.

    Well I've punished them, by disabling s-health (stop the pedometer count as well) and I might even change a different launcher or lock screen that can provide me with weather data for a city I specify.

  6. Richard Stallman

    The reason these computers spy on their "owners" is that they are run by nonfree software -- software that controls its users. This is one of many reasons we should reject nonfree software and demand that software be free, under its users' control.

    See http://gnu.org/philosophy/free-software-even-more-important.html.

    Meanwhile, we should not settle for existing privacy laws. We must legally require the redesign of all digital systems so as not to accumulate dossiers about people.

    See http://gnu.org/philosophy/surveillance-vs-democracy.html.

    Dr Richard Stallman

    President, Free Software Foundation (gnu.org, fsf.org)

    Internet Hall-of-Famer (internethalloffame.org)

    MacArthur Fellow

  7. Seán

    Oh Really

    If only there were some kind of data protection laws, oh wait there are.

  8. T J

    A challenge, but it's being taken up

    Technology is two-edged, always. But here, I'm talking about the edge faced by the intelligence agencies, and corporate-owned "governments". It can fight back.

    There are now strains of Android (let's just quietly ignore the hipster with the head shaped like a fruit trying to get our attention in the corner, and let's laugh at the random collection of ones and zeroes holding the four-colours flag as it gets kicked mewing and drooling out the door, shall we) that have Google's caring-sharing life-sucking tentacles removed, and have been hardened in other ways.

    Ubuntu is becoming a popular handheld device OS.

    There are homegrown efforts coming up that use other software, and indeed other hardware than the (cough cough) "major" brands do.

    And online, the problems with TOR are being analysed out of the way (the entire paradigm sucks, because...), i2p2 grows and grows (...really, both endpoints need to be encapsulated within a network in order to be safe) and "illegal" - let's use the correct term: alegal - radio networks just keep popping up and refusing to be mole-whacked.

    It's very annoying (for the surveillance sycoph... community), but some things are, albeit slowly, getting harder to find out, not easier. Bit like the MAFIAA discovering the public don't like being ripped off and neither do musicians.

    Of course your standard thickhead won't care (and will continue using their real name on Facesucker, etc), until somebody dies or something big happens. But after that, suddenly they'll be on their car roofs beating their chests. FORTUNATELY, there will actually be tech there waiting for them with open arms.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like