Fear is a tool

It started with a thought, one I have had for a little while and one that had been voiced in the past. Today, in the Guardian we see part of this in the article called ‘How we sold our souls – and more – to the internet giants‘ (at http://www.theguardian.com/technology/2015/may/17/sold-our-souls-and-more-to-internet-giants-privacy-surveillance-bruce-schneier). I respectfully disagree with parts of this.

The first premise is the important one.

Did we sell our souls, or were governments on a global scale lacks and slow regarding the rights of privacy?

That is an important question as it is linked all over the place. We tend to look (as I have mentioned numerous times) regarding the information the intelligence community gets, but at the same time we allow ourselves to get mined and exploited by every social network available. A nice example that the article uses is the Hello Barbie. The Washington Post gave us loads of information in March (at http://www.washingtonpost.com/blogs/the-switch/wp/2015/03/11/privacy-advocates-try-to-keep-creepy-eavesdropping-hello-barbie-from-hitting-shelves/), but it did not get the global visibility it required to have.

You see, there is nothing wrong with an interactive toy. I reckon that as programs became more and more interactive, then so would toys and the Hello Barbie doll is the premium evolution for children. The big issue is not the toy, but this simple line: “As the doll ‘listens’, audio recordings travel over the Web to a server where the snippets of speech are recognized and processed. That information is used to help form Hello Barbie’s responses” Why? Why use the web? Why not connect to a device that has the software installed? The answer is simple, this is only in one part about the doll, it is a lot more about collected data and data is value (their marketing department will come with some “it’s  all so much easier via the web answer”). Collecting the questions of children gives way to trendsetting and to marketable exploitation. Of course, in that light the adult edition, where the answer to every question becomes “not now darling, I have a headache” is likely only 6 months away.

You think I am kidding? Data is the core of value, marketability of data is the new ‘O’ for industrials. Knowing how to push the button by answering the not asked questions in advertisement is the rage, the El Dorado of the marketing industry. So when we see the quote at the end of the article “Mattel and ToyTalk, the San Francisco-based start-up that created the technology used in the doll, say the privacy and security of the technology have been their top priority“, we should state that if security and safety were such important parts, you would have kept these issues local and not via the web. As for security, if hackers can take down Sony, then Mattel might not be that much of a challenge and in that light, that collected data would be worth a fortune, so people will get that data one way or another.

Beyond the toy need of a child is the need for health. That part is dealt with in “Many medical devices are starting to be internet-enabled, collecting and reporting a variety of biometric data. There are – or will be soon – devices that continually measure our vital signs, moods and brain activity“, now we get to the juicy stuff! You see in the UK there is the Data Protection Act 1998. Yet here we see the following issue:

Section 36 gives us: ‘Personal data processed by an individual only for the purposes of that individual’s personal, family or household affairs (including recreational purposes) are exempt from the data protection principles and the provisions of Parts II and III’. So Barbie is already exempt in this case.

Even though section 2 gives us in section 11 ‘Right to prevent processing for purposes of direct marketing’, which is in part II, so Barbie is again exempt.

However, we do see protection under part one section 8. Here we see: ‘Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data’. Yet the danger here is that this regards ‘personal data‘, the definition under part one states: “personal data means data which relate to a living individual who can be identified”, which is not the part that is transferred, so it does not count. The personal data is what mommy, daddy or junior enter within a website or social media, outside of the UK (or Commonwealth), so that they can receive a much more personal ‘experience‘ with Miss Barbie. This is at the core of the problem, but it is only one factor. The same applies in 99% of the cases to healthcare and fitness equipment that connects through the Bluetooth, Wi-Fi and the web link. All this gets collected. So when we wonder regarding the excuses on software on cheaper through the online experience, several parts give clear indication that this is about collecting data, because data is the new gold. How much do you think a health care provider is willing to pay, so that they have data that allows to cut off, or additionally charge the riskiest 10%? Even though those people are already paying premium, to have a check on the safest group and to flag the least safe group is worth a bundle. Anyone selling that data for less than a 9 figure number is getting royally screwed.

And it goes on beyond the mere computer and the internet. More precisely your smartphone. The apps you install track you here as well. They track your location and sometimes download your address book, calendar, bookmarks and search history. Not to mention a host of other parts. The most annoying part of it all is that you the user gets to pay for your bandwidth, so if your data gets downloaded, you are likely to see background usage of the data and the bandwidth used goes to your total usage.

The gem of the Guardian article is shown near the end “And it’s all possible because laws have failed to keep up with changes in business practices

This has been the number one issue for well over 4 years now and the lawmakers have basically been sitting on their hands, pretty much all over the commonwealth I might add, because data is money and those captains of industry require overhead (read data profits). It comes down to the same issue with the laughingly disturbing discussion on movie piracy. Telco’s rely on bandwidth, without that, there profits go down to the basement, in that same light their reliance on data seems to hinder governments to react in a timely manner. Research, investigations and commissions. We have seen data issues since before Edward Snowden. Yes, in all these years, how many successful alterations were made to the Data Protection Act 1998, via either legislation and/or the House of Lords? You do the math, yet the answer is simple. As I see it, look at your two hands and do not use the 10 fingers that is how often, a mere ZERO times! Just like the internet consumer change, the internet data change has seen just as many evolutions.

The worst is however yet to come!

You see, the newer mobile phones often have the capacity that surpasses many laptops and tablets. I witnessed just 4 days ago how a friend used his mobile as a SharePoint because he had to update his PS4. What He had not realised is that the PS4 also started to update his installed games. It took him less than two minutes to realise this and in that time his 2GB bandwidth was gone! Welcome to 4G bandwidth!

He’ll lose an additional $10, so he did not think it was a biggie, but now consider how much data can be passed over to wherever the applications decides. So when we get these small messages, when we are lulled into a sense of ‘security’ consider where your data is and who else has access. That is at the heart of the matter, as well as the heart of the legislative failing. Who else has access! When data is stored at any third party provider, the app maker might guarantee that THEY will not allow access to the data, but that does not state that this is the case, you see, if they have the data parked in any other provider, what does the rules of those providers stipulate? Only they? Only the executing service agents? The world of data is quite literally the new Wild West of Business and IT, a reasonable untapped frontier and we all forgot that we think that data is there and only we can access our little field of data, whilst in reality and corporation with a tractor can get to any part of that data field. It is all nicely settled in the line “are exempt from the data protection principles”, so as we consider our data and why we are not keeping it local, consider one final ‘deletable’ part, which is also in the Guardian article “In 2009, Amazon automatically deleted some editions of George Orwell’s Nineteen Eighty-Four from users’ Kindles because of a copyright issue. I know, you just couldn’t write this stuff anymore ironically“, yet even though the irony is out there, consider that your data is also on the cloud. So what happens when that gets deleted? Not by you or by the provider, but by a third party who got around it all? You might wonder why that is an issue, if you do then consider the final question in this dilemma: ‘Who is the owner of a deleted file?’

So here is the fear part:

Where is your data?
Who ‘owns’ it?
Who has access to it (besides you)?

These are one side of the fear equation, on the other side you have the data local storage, which you must personally manage, you must backup this data and you must keep track whether it is all backed up. Some users feel uncomfortable with that. A nice example can always be found when someone in your vicinity cries over a crashed mobile and all contacts lost (I saw that a few times happen to people I know in 2014).

One fear or another, they’re gonna getcha!

So you the user have gone with the flow and the privacy for billions is up for grabs because no one wondered, asked or pressured, now that part is almost indefinitely gone, only by adjusting the laws can we see a restoration of proper privacy of data and information, but those who rely on the value of data are extremely intent on not letting those changes happen. Consider this part from an earlier Guardian article “Facebook places tracking cookies on users’ computers if they visit any page on the facebook.com domain, including fan pages or other pages that do not require a Facebook account to visit“, do you think Google is any different? So as you are tracked and as data is combined from social media, from websites, devices and even toys. How much privacy do you think you are enjoying at present?

Now we get to a truly speculative part. Consider Google with its Nexus range. Now the new Nexus 6 looks nice (way out of my budget range), there is a 32GB and a 64GB version. No issues here! In all aspects a decent game changer for the Nexus fan. Now we get to the Nexus 9, the tablet. Before I give my view, let’s refer you to Forbes, here we see some interesting details (at http://www.forbes.com/sites/ewanspence/2013/01/29/apples-128GB-ipad-just-gave-every-android-tablet-manufacturer-a-headache/), an important fact is that this is a January 2013 review, so more than two years old! In that regard the specs do not seem to have changed! So this ‘new’ tablet is only to be begotten in a 16GB or 32GB version. So it has a lot less storage than the Nexus 6 mobile phone. It has a few more weaknesses, but basically, as Apple already had a 128GB edition, Google remains at 25%. In my view this was intentional! The machine was released late November 2014. Why would they not have a version that is at least 64GB? My iPad 1 (yes version One) which I bought in 2011 already had 64GB). This is not a mere oversight from a bungling manager, as I see it this is an intentional drive to get people towards Google drive, with data stored in a place where some might have access (the non-user that is). Remember, this is pure speculation on my side! Google could have made a contender and is offering nothing more than a consolation price. Offering it at a very competitive price, but it comes with the foresight that people will be driven to the Google Drive, sooner rather than later!

Please feel free to reject this notion, but ask yourself, in the fight between IOS and Android, why would Google not offer a machine a lot more competitive? This is at the heart of the matter, this is as I see it the crux of it. There is of course a danger that we make ‘relationships’ between fiction and facts in events that are a figment of our imagination, but in the competitive industry that is called ‘mobile devices’ to remain behind to this extent to that degree calls for questions, does it not?

There is one part to add, the Guardian article was originally adapted (by the Guardian) from ‘Data and Goliath’ by Bruce Schneier, Bruce Schneier is a security technologist and CTO of Resilient Systems Inc. He can also be found tweeting his heart out as @schneierblog.

 

Advertisements

Leave a comment

Filed under IT, Law

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.