{"id":112,"date":"2016-01-27T08:30:46","date_gmt":"2016-01-27T16:30:46","guid":{"rendered":"http:\/\/www.founditdata.com\/blog\/?p=112"},"modified":"2016-01-27T08:30:46","modified_gmt":"2016-01-27T16:30:46","slug":"ftc-big-data-and-iot-spawn-new-data-concerns","status":"publish","type":"post","link":"https:\/\/www.fidcyber.com\/blog\/security\/ftc-big-data-and-iot-spawn-new-data-concerns\/","title":{"rendered":"FTC: Big data and IoT spawn new data concerns"},"content":{"rendered":"<p><a href=\"http:\/\/www.founditdata.com\/blog\/wp-content\/uploads\/2016\/01\/IoT.jpg\" rel=\"attachment wp-att-113\"><img loading=\"lazy\" decoding=\"async\" class=\"size-medium wp-image-113 alignright\" src=\"http:\/\/www.founditdata.com\/blog\/wp-content\/uploads\/2016\/01\/IoT-300x171.jpg\" alt=\"IoT\" width=\"300\" height=\"171\" srcset=\"https:\/\/www.fidcyber.com\/blog\/wp-content\/uploads\/2016\/01\/IoT-300x171.jpg 300w, https:\/\/www.fidcyber.com\/blog\/wp-content\/uploads\/2016\/01\/IoT.jpg 350w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a>The ongoing collision of big data and the internet of things raises whole new concerns about maintaining security, privacy, and fairness of personal data, says Julie Brill, member of the Federal Trade Commission.<\/p>\n<p>Brill spoke earlier this month at the Cyber Security and Privacy Summit hosted by Washington State Gov. Jay Inslee.<\/p>\n<p>\u201cThe data from connected devices will be deeply personal, and big data analytics will make the data more readily actionable,\u201d said Brill. \u201cSome of these devices will handle deeply sensitive information about our health, our homes, and our families. Some will be linked to our financial accounts, and some to our email accounts.\u201d<\/p>\n<p>However, she added that people won\u2019t change much.<\/p>\n<p>\u201cWe as individuals will remain roughly the same. We will not suddenly become capable of keeping track of dozens or hundreds of streams of our data, peering into the depths of algorithmic decision-making engines, or spotting security flaws in the countless devices and pieces of software that will surround us,\u201d she warned.<\/p>\n<p>Faced with a world of uncertainty about which devices are safe and whether they are getting a fair shake in the big data world, \u00a0Brill continued, \u201cconsumers could use some help.\u201d<\/p>\n<p><strong>Major inroads possible into our lives<\/strong><\/p>\n<p>This rapidly evolving environment raises issues that have yet to be resolved. Brill divided the issues into the three areas of security, privacy, and fairness:<\/p>\n<p><strong>1.<\/strong><i> Security<\/i><\/p>\n<p>\u201cBecause these connected devices are linked to the physical world, device security also is a top concern,\u201d she said. To wit:<\/p>\n<p>\u2022 <i>No armor.<\/i> Of the 90% of connected devices that are collecting personal information, 70% transmit the data without encryption.<\/p>\n<p>\u2022 <i>No expertise or recognition. <\/i>Traditional goods manufacturers may not have the expertise, or even realize they need such expertise, to secure their new devices.<\/p>\n<p>\u2022 <i>Cheap as dirt.<\/i> Many connected devices will be inexpensive and essentially disposable.<\/p>\n<p>\u2022 <i>Just because the plug fits \u2026<\/i> Security vulnerabilities may be hidden deep in the code that runs an app or device, which may not become apparent until it is connected to an environment for which it wasn\u2019t designed.<\/p>\n<p>\u201cAll of these factors point to the need to take an all-hands-on-deck approach to data security, with security researchers playing an important role in bringing security flaws to light,\u201d Brill said.<\/p>\n<p><strong>2.<\/strong> <i>Privacy<\/i><\/p>\n<p>\u201cConsumers want to know\u2014and should be able to easily find out\u2014what information companies are collecting, where they\u2019re sending it, and how they\u2019re using it,\u201d said Brill. She said that information plays an important part in consumers\u2019 decisions about whether to use digital products and services in the first place.<\/p>\n<p>However, obstacles have emerged:<\/p>\n<p>\u2022 <i>Didn\u2019t know<\/i> they <i>were watching<\/i>. Many companies, including data brokers, ad networks, and analytics firms operate in the background with consumer data.<\/p>\n<p>\u2022 <i>Devices give no clues.<\/i> Many connected devices do not have a user interface to present information to consumers about data collection.<\/p>\n<p>\u2022 <i>Queries not answered.<\/i> Questions have arisen about who should receive disclosures about data collection and use practices; how would consumers or innocent bystanders know when a device is recording images or audio; and how will the collected data be secured.<\/p>\n<p>Brill said that manufacturers of connected devices should recognize that providing transparency will require some creative thinking.<\/p>\n<p>\u201cVisual and auditory cues, and immersive apps and websites should be employed to describe to consumers, in a meaningful and relatively simple way, the nature of the information being collected \u2026 and provide consumers with choices,\u201d Brill said.<\/p>\n<p><strong>3.<\/strong> <i>Fairness<\/i><\/p>\n<p><i>\u00a0<\/i>Certain data brokers assemble individual profiles on consumers from various sources which are used for marketing practices.<\/p>\n<p>On such firms specifically, Brill said that \u201cwhile this kind of information can be used for relatively benign purposes, or even in ways that will enhance financial inclusion, this kind of information has also been used to harm vulnerable consumers.\u201d<\/p>\n<p>Again, pairing big data with internet of things in this area creates new concerns:<\/p>\n<p>\u2022 <i>Credit scores used beyond credit world.<\/i> The use of scores, such as credit scores, can go beyond decisions about mortgages, for example, to other major decisions such as whether a prospective employer would extend a job offer to a given applicant, or whether insurance companies would charge higher premiums on auto or homeowners insurance.<\/p>\n<p>\u2022 <i>Scores grown outside the regulatory zone.<\/i> The use of many different types of scores has proliferated to make eligibility determinations covered by the Fair Credit Reporting Act, yet they haven\u2019t yet been subject to the same kind of scrutiny that Congress and federal agencies have brought to bear on traditional credit scores.<\/p>\n<p>\u2022 <i>It all happens in a black box.<\/i> Scoring algorithms and other forms of big data analytics rely on statistical models and data system designs that few on the outside understand in detail.<\/p>\n<p>\u201cThis suggests that testing the effects of big data analytics may be a promising way to go,\u201d Brill said, adding that \u201ccompanies using scoring models should themselves do more to determine whether their own data analytics result in unfair, unethical, or discriminatory effects on consumers.\u201d<\/p>\n<p>In summary she says, \u201cFor now, the rapid changes in big data analytics and the internet of things have made it difficult to meet some of these expectations in practice. The key point, however, is that these are the enduring expectations of consumers, rather than relics of a simpler world.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The ongoing collision of big data and the internet of things raises whole new concerns about maintaining security, privacy, and fairness of personal data, says Julie Brill, member of the Federal Trade Commission. Brill spoke earlier this month at the &hellip; <a href=\"https:\/\/www.fidcyber.com\/blog\/security\/ftc-big-data-and-iot-spawn-new-data-concerns\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,7,9],"tags":[],"class_list":["post-112","post","type-post","status-publish","format-standard","hentry","category-network","category-security","category-technology"],"_links":{"self":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts\/112"}],"collection":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/comments?post=112"}],"version-history":[{"count":1,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts\/112\/revisions"}],"predecessor-version":[{"id":114,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/posts\/112\/revisions\/114"}],"wp:attachment":[{"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/media?parent=112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/categories?post=112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fidcyber.com\/blog\/wp-json\/wp\/v2\/tags?post=112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}