Now more than ever before, “big data” is a term that is widely used by businesses and consumers alike. Consumers have begun to better understand how their data is being used, but many fail to realize the hidden dangers in every day technology. From smart phones, to smart TVs, location services, and speech capabilities, often user data is stored without your knowledge. Here are some of the most common yet hidden privacy dangers facing consumers today.
Geo-Location- Geo-Location can be convenient, especially when you’re lost or need GPS services. However, many fail to realize that any information surrounding your location is stored and archived, and then often sold to a 3rd party who wants to use that information for a wide variety of reasons. A variety of stores will purchase location information to determine how long a customer browsed in a particular aisle, so that they can further market to those customers in the future- promoting similar products. The information may seem harmless, but would you feel that same way if you saw a physical person following you around collecting the same information?
Social Media- Facebook, Google, Twitter, and Instagram are all social media services that are provided to individuals for “free,” but have you ever wondered what the real cost might be? The hidden cost for utilizing these social media sites is the forfeit of personal information for the social media sites to sell and thus profit from. In fact, Google and Yahoo can actually read their customers personal email.
Web Browsers and Apps- Before smart phones existed, “apps” were nonexistent. Anything accessed now through an app, was before accessed through an internet browser. The web browser on a smart phone is what is referred to in the cyber security industry as “sandboxed,” meaning it cannot access general data on the system or control hardware. An installed app however can be coded to do anything it wants to gain access to any hardware the user has control of. Take the History Channel for example, if
a user accesses the site from a laptop, they can access the entire website without a problem. However, if accessed through a web browser on a smart phone, the user is promoted to “download the app.” Many times, if you do not download the app, the website will disable you from viewing or using it, forcing you to download the app and giving up your personal information in the process. After downloading the app, it asks for permission to access the camera and the microphone on your device. This is because the app is storing personal information of its users outside of what happens within the History Channel app you just downloaded.
Speech Software & Smart TV’s- Speech software such as Cortana, Alexa, and Siri have become increasingly popular in the past few years. However, if you are running these services in your home or office, then you always have an active listening device running. Essentially, you are “bugged.” These services are running, tapping and sending your audio steams to remote servers daily. Many fail to realize that the cameras on these devices can be turned on without the light being activated. Meaning, your smart TV can be watching you even when you aren’t watching it. All of this can be done without downloading any related software because the software is already built-in.
Shopping & Savings Cards- Are these just great programs to help you save a little money at various stores? There are some little- known privacy danger inherent in the “frequent shopper” or savings cards offered by many grocery stores and retailers. These organizations are saving, analyzing, and sharing information on what you buy, when you buy it, and predicting future sales. The savings passed on to the consumer are far less than the amount of money these companies are making by selling the information to outside resources regarding your purchasing history and habits. Specifically, Kroger and Ingles make over 200% more profit from the data that they sell than the savings that the consumer experiences. The best way to protect oneself from the sharing of personal information, is to limit the number of programs you participate in.
Greg Sparrow is the Vice President & General Manager of CompliancePoint’s Information Security Practice.