Smart Devices - Who Is Watching Your Data?

Increasing your home's or car's IQ isn't a wave of the future, but of the present. With the explosion of smart devices on the marketplace, today's consumers are more connected than ever. 

Although these devices keep getting smarter with each upgrade, should consumers be concerned about trading the convenience of futuristic gadgets for potentially higher security risks?

Where Does the Data Go?

In a 2013 article, The Arizona Republic described smartphones and tablets as the "universal remote control for everyday life," but raised the question of whether smart devices had become too smart for peoples own good. 

New smart devices are marketed every year to an eager audience, but consumers may not realize the amount of data these devices collect about their daily activities or have little idea of where this data goes.

Marilyn Prosch, an associate professor in the Information Systems Department at Arizona State University's W.P. Carey School of Business helped create one of the world's first data-privacy research labs. 

She believes that technology advances are causing companies to gather increasing amounts of information from consumers and these companies are actually enabling security breaches by storing so much data.

For mobile applications to work, service providers require a great deal of information. Consumers want their privacy protected, but tend to trust providers to protect it for them. 

While the providers are publicly touting the security of their services, theyre privately worried about protecting their customers private data. Prosch said companies should honestly disclose to customers what data is collected and how it is or isnt protected.

Some new television models, for example, allow consumers to use verbal commands to enhance operation. However, for the smart device to work, it stores every word spoken. Thus, any conversation is potentially recorded and sent to "third party researchers" where its converted to text and stored indefinitely. 

Although the voice command feature is optional and can be disable for security purposes, many consumers may not realize they're being recorded.

In a Pew Research Group study released in early 2016, it was found that many people struggle to understand companies data collection and usage. 

While most adults seemed unsure what information was collected, almost half of American adults werent confident they understood where or how their data was being used.

Security Could Be Better

Consumers' desire to see futuristic home automation ala "The Jetsons" have seen a vast number of solutions flood the market. However, a majority of these devices lack proper security. This leaves consumers open to a wide range of threats, including potential data and identity theft, property theft and dangerous personal threats.

In a CBS News report by Anna Werner, the Federal Trade Commission (FTC) reported that smart devices held benefits, but also risks. If a consumer's TV stores sensitive information, then "authorized persons could exploit vulnerabilities to facilitate identity theft or fraud."

Security experts at Synack, analyzed various devices for vulnerabilities and realized many made easy targets for hackers. Synack assessed security on several home automation controllers, smoke detectors, cameras and thermostats. 

They found certain scenarios favoring hackers in multiple devices. Exploiting these security flaws could allow information, such as the presence of people in the house, to fall into the wrong hands and expose users to the risk of burglary or even stalking.

Prosch said, using smartphones for monitoring medical and parenting purposes is a potential privacy abuse area. These apps are often misused and nicknamed, "stalker apps." She said, "an abusive spouse can use stalker apps just as easily as a parent can."

With devices in such high demand, technology manufacturers may feel pressured to sell products now and fix security issues later. This leads to a concern that manufacturers aren't building enough security measures into their devices before they hit the market.

The FTC recommended "companies build security into their devices at the outset, rather than as an afterthought."

Manufacturers may still decide to deal with security breaches, if a problem arises. However, once consumers' private information is compromised, its too late to fix the problem.