I will confess that I took that title from an article sub-heading when I started researching the topic of Internet of Things (IoT) and privacy. I felt it was the appropriate and concise phrase for what I came to realize from that research – Big Brother won’t come through some big TV – it will come through mainly small everyday devices we will learn to not be able to live without – a smart watch, a logging wristband, a smart hair accessory or contact lenses that monitors for diabetes or other illness. These devices are loudly touted for their benefits, but their risks regarding loss of privacy and security are equally silenced or mumbled through in afterthought. But they are affecting society in general, and the legal practice in specific, in startling ways.
What is the Internet of Things (IoT)? The short answer is devices connected to the Internet. The complexity comes in as to the number and types of these devices that are being connected to the Internet and to each other. Depending on what source you wish to believe by 2020 we will have anywhere from 24 – 50 billion IoT devices connected. Even though this number is impressive it pales in comparison to the other number of major importance in our discussion – the amount of data points generated by those devices. A January 2015 report issued by the Federal Trade Commission found that “fewer than 10,000 households can generate 150 million discrete data points every day.” Multiply the potential number of connected devices by the potential amount of data points that can be generated and what do you get – BIG, BIG DATA. Data is valuable – it can be sold, bought, and stolen. It has become in the words of one critic “the new oil: the data of our citizens.” And it is being collected by these IoT devices and often without us knowing how, how much, or how it is being used – sometimes against us.
Voice-Activated Always On Devices
Have you heard the one of Amazon’s Echo smart speaker being at the center of a new legal battleground regarding the acquisition of technology-based evidence? And in a murder case no less? Could it be that Echo overheard and recorded “sounds” that may provide evidence as to who is responsible for wrongdoing? Echo is not alone – what about Apple’s Siri or Google’s Home? As we continue to use our smart devices and expect them to do more and more without any actual intervention with us, its pervasive nature becomes more accepted as the norm. But will we get to a point where we need to be careful what we say in front of our appliances because not only do they record but they then send that information somewhere that can be hacked in and used against us?
Always On Sensor Devices
Health and Fitness Devices
You know about FitBit and Apple Watch. But do you know about wireless insulin pumps and pacemakers, Blue-tooth enabled defibrillators and remote controlled drug infusion drips? How about smart bed sheets, web-enabled toothbrushes, injestable, micro bio-cameras and smart medication bottles? Each of these can make us vulnerable to hackers, physical attacks, and rate hikes in health insurance, as well as subject us to prejudice against our job performance and abilities. Has the monitored human reached a new level?
Home and Auto Devices
Alasdair Allan claims that by “2025 everything in your home will have an IP address” giving a different perception of the concept of a “home network.” We already have refrigerators equipped with cameras that can let you see if you need more milk or eggs, thermostats that regulate the temperature, apps that control the locking of doors, security cameras, etc., etc., etc. Let’s not forget the baby monitors – one having been hacked that lead to a sleeping baby being woken up and terrified by a barrage of foul and cruel language.
Autonomous vehicles have taken the headlines as well. Researchers are developing digital twins (learn more at https://vantiq.com/digital-twin/) that combine computational models and machine learning to predict vehicle health and enable autonomous decision-making, resulting in cars that drive themselves. From Uber and Google cars, to the apps that lets you monitor and control your teenagers driving speed, (sensors and remote control), driving locations (with geo-fencing), and driving capacity (no texting while driving or intoxication levels). Between this and Facebook no youthful indiscretion will ever be forgotten.
The data collected can be factors in home and car insurance, as well as claims made on each. And about that holiday party you have in your home every year – might want to limit the alcohol. Has surveillance reached a new level?
Smart Anything Devices
The list continues as to what is and can be connected and what data will and can be collected – utility grids, traffic control, other smart public infrastructure – the underlying premise of “smart cities.” The devices are not always so maleficent looking – Barbie dolls, electronic toys, Microsoft Kinect for Xbox, the list goes on. Has connection reached a new level?
What Can Be Done?
It is being strongly recommended that manufacturers of IoT devices factor in security at the onset of the design of such devices and that companies selling the devices be more transparent with consumers of the data they collect, how they collect it, where it is stored, and how it is used, as well as to give consumers options regarding this collection and use of their personal data. That is the cruz of the issue – the data that is collected is personal to the individual it is being collected from. The question of who owns the data is two-fold – before it is collected and afterwards. Should there be a difference in ownership? If the data is so valuable to the companies, should not the individuals also profit from the collection and use of their own data? Does privacy no longer exist? Have we given it away with every device we purchase and plug in? Or are we still in time to put in some guidelines, agreed upon by companies, individuals and governments, to protect what little privacy is still intact?
As I end this I ask you – have you read David Eggers’s book The Circle? Tom Hanks and Emma Watson are in the upcoming movie. Read the book. See the movie. The premise is that “privacy is theft.” The truth is that privacy is such a fragile thing. Its up to us as attorneys to protect it.
 Bradbury, Danny, How Can Privacy Survive in the Era of the Internet of Things?, www.theguardian.com/technology/2015/apr/07/how-can-privacy-survive-the-internet-of-things, April 7, 2015.
 FTC, Internet of Things: Privacy & Security in a Connected World,” www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf, Jan, 2015.
 Rob van Kranenberg, quoted in Bradbury, Danny, How Can Privacy Survive in the Era of the Internet of Things?, www.theguardian.com/technology/2015/apr/07/how-can-privacy-survive-the-internet-of-things, April 7, 2015.
 McLaughlin, Eliott C., Alexa, Can You Help with this Murder Case?, www.cnn.com/2016/12/28/tech/amazon-echo-alexa-bentonville-arkansas-murder-case-trnd/, Dec. 28, 2016.
 Bannan, Christine, IoT Threat to Privacy, www.techcrunch.com/2016/08/14/the-iot-threat-to-privacy/, Aug., 14, 2016.
 Silverman, Craig, 7 Creepy Baby Monitor Stories That Will Terrify All Parents, www.buzzfeed.com/craigsilverman/creeps-hack-baby-monitors-and-say-terrifying-thing?utm_term=.omJjdkkmR#.ujpz100e6, July 24, 2015.
 Ullman, Ellen, ring of Power: Book review The Circle, www.nytimes.com/2013/11/03/books/review/the-circle-by-dave-eggers.html, Nov. 1, 2013.