Online Privacy – right to be forgotten
Articles,  Blog

Online Privacy – right to be forgotten


With the birth of the computer, and then the
internet, the information age began. It started with excitement and great optimism
about how the free flow of information would change the world. Social networks and search engines like Google,
Facebook, and Twitter putting “in the moment” information at our finger tips. Mobile technology and smart phones keeping
us tied to that information no matter where we are. And now the rise of the internet of things,
which is making our homes smarter and adaptable to our every whim. But at what cost? There’s no easy answers here, and I’m
still struggling with this myself, but it’s an important conversation to have. Let’s dive into this. CES 2019 just ended and we saw an incredible
number of amazing, whiz-bang, smart home devices, smart TVs, self driving cars, and more paraded
around the show floor. As a tech nerd this is like watching a summer
blockbuster and eating a bottomless tub of popcorn. But there’s the faint drum beat in the background
throughout all of this that’s getting overshadowed and lost amongst the noise, and that’s the
drumbeat of privacy. It’s something that’s slowly slipping
away from us and we’re not noticing, or caring that it is. I’ve talked about this in previous videos,
but we all have to do a due diligence when signing up for a service or buying a new smart
home device. We all have to understand how our private
data is being used by the company providing that product or service. Are we comfortable with how they’re using
our data? If we are, what guarantees do we have that
it’s kept safe, or that we’ll be able to access and delete it if we want. It’s our information, so we should remain
in control of it, right? We’re barely into 2019 and a bombshell of
a report came out that Ring smart cameras and doorbells, which are owned by Amazon,
might have been snooped on by employees. From The Intercept’s report: Ring provided its Ukraine-based research and
development team virtually unfettered access to a folder on Amazon’s S3 cloud storage
service that contained every video created by every Ring camera around the world. And even worse than that: At the time the Ukrainian access was provided,
the video files were left unencrypted, the source said, because of Ring leadership’s
‘sense that encryption would make the company less valuable,’ owing to the expense of
implementing encryption and lost revenue opportunities due to restricted access. Ring has since released a statement: “Ring employees never have and never did
provide employees with access to livestreams of their Ring devices.” Which The Intercept says is contradicted by
multiple sources. This story is still unfolding, but it’s
not a good sign when a company plays fast and loose with customer data due to the expense
of implementing encryption and lost revenue opportunities. That’s putting profits above their customers
and their privacy. Have a new fancy Smart TV in your home? Well, it knows everything you’re watching
and is logging all of it to the TV manufacturer. In the U.S., you may be familiar with the
Neilson Ratings, which the TV industry has historically used to gauge how many people
watch specific TV shows. In the early days that was done with volunteers
reporting what they watched in a log book, but today, it’s as simple as having software
on your TV that can identify anything you’re watching, no matter the source. The Verge just had a very open conversation
on the practice with Vizio’s CTO, Bill Baxter. I applaud Vizio for being so open and forthright
about this information, but not all companies want to disclose that this is what’s actually
happening. Bill Baxter stated: So it’s what the glass on the TV sees, just
to be really straight. Whatever the TV sees. But he made it clear that Vizio takes privacy
seriously: … there are restrictions, and we don’t
want to violate the customer’s privacy rights and we certainly anonymize that data and we
don’t try to, in any way, infringe on their privacy. The margin on TVs is razor thin, so they have
to resort to ways to keep prices low for their customers, but have ways they can monetize
on the backend. While Vizio may appear to be taking the right
steps, that can’t be said of everyone. A Consumer Reports investigation last year
found major security vulnerabilities in many smart TVs that could be used by “a relatively
unsophisticated hacker”: The vulnerability was found in sets by Samsung,
TCL, and devices using the Roku TV platform, which can include brands like Philips, RCA,
Hisense, Hitachi, Insignia, and Sharp, along with some of Roku’s own streaming players. Both Amazon and Google have also been caught
with data breaches around their Amazon Echo and Google Home products. Amazon sent 1,700 audio recordings to the
wrong customer. Last June it came out that Google Home and
Chromecast were leaking precise location data because they were transmitting data on an
unsecured internet protocol without any form of authentication. And as if that wasn’t bad enough, mobile
providers who have incredible data into our every movement, have been found to have major
loopholes into gaining access to that data. Motherboard conducted an investigation into
the practice, and after giving a bounty hunter $300 found the exact location of their cellphone: The bounty hunter did this all without deploying
a hacking tool or having any previous knowledge of the phone’s whereabouts. Instead, the tracking tool relies on real-time
location data sold to bounty hunters that ultimately originated from the telcos themselves,
including T-Mobile, AT&T, and Sprint, a Motherboard investigation has found. These surveillance capabilities are sometimes
sold through word-of-mouth networks. It can probably go without saying, but this
is terrifying. Imagine someone is in an abusive relationship
and trying to hide for safety. Or an unscrupulous employer looking into a
potential employees extracurricular activities. Not to mention the potential implications
for governments sidestepping the constraints of laws that are unable to keep up with the
rapidly changing technology. So What Do We Do? In the U.S. we have the Fourth Amendment,
which is supposed to protect us from unreasonable searches and seizures. It’s the notion that “each person’s
home is their castle,” but in the technological age we have far more private information stored
in pocket sized computers and in the cloud than was ever available in someone’s home. Our emails, texts, photos, documents, location,
phone calls, and every digital behavior we have is like an extension of our brain. We have laws that protect spouses from having
to testify against each other, as well as laws to allow us from incriminating ourselves,
but those laws don’t extend into the digital form. And that digital form is far more encompassing
and detailed. Big Internet has been running unchecked for
the past 20 years, which could be seen as necessary to allow it to grow and flourish. However, today it’s like big oil, big steel,
big auto during the industrial revolution and through the early 20th century. Unchecked corporate greed can lead to decisions
that go against an individual’s best interest and health for the sake of maximizing profits. We’ve seen this again and again throughout
history and only have to look back at laws enacted to protect children and worker safety. When it comes to our private data and corporations,
I think there’s a simple argument to be made for a bill or privacy rights that must
be followed. Apple is one of the only big companies making
customer privacy one of their central pillars, and they should be applauded for this effort. Other companies should follow suite. Tim Cook has spoken publicly on the need for
rules and laws to protect all of us, as well as warn of the dangers of the data industrial complex. The desire to put profits over privacy is nothing new As far back as 1890 Future supreme court justice Louis Brandeis published an article in the Harvard Law Review Making a case for a right to privacy in the United States. He warned… Gossip is no longer the resource of the idle and of the vicious It has become a trade. Today that trade has exploded into a data industrial complex. The European Union has taken the first major
step in this direction with the General Data Protection Regulation (GDPR) (https://eugdpr.org). It provides essential rights to access, to
be forgotten, to data portability, and privacy by design, along with major fines and rules
to keep companies in check. I’d argue that countries like the U.S. need
to follow suit, but this is where things are more gray than black and white. The argument around security and law enforcement
is a very thorny subject that has no clear answers right now, but is a debate not only
worth having, but required. Australia just passed a law requiring backdoors
into all encrypted data, which was poorly written, vague, and not thought through for
how it may have a lot of unintended negative side effects.[10] Any encryption with a backdoor
is the equivalent of not having security at all. You can make the argument that only the good
guys would have access to the backdoor key, but that key is highly likely to get compromised. It’s hard to believe a secure backdoor would
be safe with the revelations of the NSA security breaches with Anthony Snowdon and Wikileaks. Rival governments could hack and compromise
those keys. Weakening security for everything for the
sake of fighting terrorism is going to make us more vulnerable, not safer. But I also agree, and see the arguments for
law enforcement needing to have tools to pursue criminals and terrorists to keep all of us
safe. This is one of those subjects that makes my
head spin and I have no clear path to an answer, but I do know that we shouldn’t rush into
any legislation until it’s properly vetted and thought through. With companies like Amazon and Ring playing
a little too fast and loose with customer data, I’m a fraction of a step away from
pulling all Echo and Ring devices out of my home. I’m not there yet, and I want to give them
the benefit of the doubt and a chance to redeem themselves. I don’t want to be rash, but I want to hold
them, and all of Big Internet accountable for my private data. For me the first step seems crystal clear. Here in the U.S. we need privacy laws enacted,
much like GDPR in Europe. There needs to be regulations in place to
keep Big Internet under scrutiny with not only fines for breaking the rules, but criminal
punishments for more extreme abuses. When it comes to law enforcement, we need
much more open debate on the subject. We need to understand exactly what the police,
FBI, and others need to make their job effective, but also understand from the technical side
what’s possible without compromising security for everything. As it is today, law enforcement has more tools
in their tool chest than ever before, and even with encrypted communication are able
to use meta data and unencrypted data to track illegal behavior. A recent report showed that: The officials working in the trenches to examine
digital evidence often don’t know where to access the data relevant to their investigations
in the first place. When they do know how to access the data,
they don’t know what tools to use to analyze it. There’s a treasure trove of unencrypted
data law enforcement already can use, but often doesn’t have the right tools or knowhow
to do so. The report’s title, “Low-Hanging Fruit”
says it all, and that has nothing to do with the encryption debate. What’s your take on this issue? I’m really curious what others think, and
to hear different points of view on the topic. I don’t have the answers and don’t claim
to, but think this is an important topic for everyone to think about and debate. If we don’t, we’re going to watch our
right to privacy continue to slip away and be gone before we know it. If you liked this video, be sure to give a
thumbs up, it really helps the channel out. And share it with any friends you think would
be interested in joining in on the conversation. I’ve also included a link in the description
to the full script and all citations on my website, which also includes additional articles
and videos on the topic. And there’s also additional links, like
my Amazon Affiliate links, in the description if you’d like to support the channel. Not required, but it really helps to keep
the channel going. And if you haven’t already, consider subscribing
and hitting the notification bell to get alerts when I post a new video. And as always, thanks so much for watching,
and I’ll see you in the next one.

23 Comments

  • Chimerawizard

    Some groups of people in governments and companies have been given UNLIMITED POWER over our personal information with really, no limits on what they have been able to collect or censor. Now they need to be held to the fire for their abuse of power.
    First should be to instill fear into others by making an example of the most egregious offenders.
    Second is to determine what are the most effective and efficient methods of stopping it in the future, and put them on the ballot to see which method the people would rather go with.
    I would hope it to be an extension of the constitution to any publicly traded US based company.
    Different countries can try different measures and time will prove which ones worked the best.

  • xyhmo

    You're only two faces away from tom cruse, esp the eyes. As marketing, maybe try a cruse-like haircut (fake if needed) and start larping as an unhinged scientologist. ^^

  • outlucked

    You should rephrase your affiliate links pitch as it might get you in trouble with Amazon. You can't say "use the links to support the channel".

  • Merul

    You need to change to another background music. Video was great but the old background music was better than this. Try another one but it should be better than the last one.

  • Roman Unger

    Hey Matt. Thanks for you very nice and informative video. But showing Tim Cook speak about privacy and NOT mentioning the Facetime bug is a little bit of a miss.

  • Undecided with Matt Ferrell

    A quick note: This video was edited before the Apple FaceTime bug hit, which is why there’s no mention of it. While bugs happen in all software development, it’s all about how a company reacts to those bugs that’s important. Apple’s customer support process failed the family that reported the bug because they had trouble getting the information to the security team inside of Apple. Not a good look for Apple and a process that needs to be fixed.

    Regardless of the FaceTime bug, the central thesis of the video still holds true and I still applaud Tim Cook’s stance on the need for consumer privacy protections.

  • Aussie2u

    Awesome job to raise awareness. I know a Russian security analyst and he says the most flagrant spying comes from “free” software. His advice was to always assume you’re going to be compromised in some aspect and to make sure what you derive from the software or device is worth it to you.

  • Shane Whatley

    Great video Matt. This is definitely a topic that should be discussed more. I'm right there with you – I'm just about ready to toss any amazon devices that I have. And I've never wanted to add Google devices for the same reason. And now Facebook has their "always listening" home devices with included cameras to place in your home…no thanks! Some of these companies have just been too loose and careless in regards to users' privacy and information and it shows in their bad track records. Although not perfect of course, I believe Apple to be the only big player that is truly taking privacy seriously. And if they maintain that stance, I believe they will win in the long run (just my 2 cents). And that is one reason I choose to invest in their ecosystem over others when it comes to my smart home stuff. Thanks for making this video!

  • Frank Barone

    "its not that I have anything to hide, I just don't have anything I want you to see". BE SAFE PEOPLE. Never reveal your identity to anyone or anything online. Never use your real name on FaceBook or Google. Always use prepaid credit cards purchased with cash if you need to buy anything online. Never fill out DMV forms, medical or car insurance, job applications or anything online. Read all privacy statements, and terms of use before doing any business with anyone. Never let yourself be photographed and tagged with your real name. Privacy is fleeting, The more you give in, the less freedoms you'll have. Fight for you constitutional rights to travel freely without having to pay anything for "Real ID", drivers license etc. Millions of gallons of blood was spilled for your freedom, don't let it slip away!

  • alton Davis

    35years in technology/data/security/privacy, You have no inclination of what has been going on for past 2 decades.
    As you said, we get caught up in life, technology from television, computers, breach in access to home security cameras….. and more.

    The guilty party gathering data and what data gathered would shock you. TVs that have hidden built in camera and microphone. Even when off, if connected to television services, the camera and microphone can be turned on.Your home is then recorded to gather data on every family member.

    Smart home and home security can be safe. You just have to select the right products. More work in building security in monitor and management of your devices. There are solutions out there for little cost that require self education to a limited amount to implement.

    I would be glad to have a full conbversation on this matter at any time.

  • panjun liao

    Hi Undecided with Matt Ferrell,Can we invite you to test our new item? It’s TOP 100 car charger on amazon,we decided to produce it after 2 years consideration ,we sell well and need to boost it up further,would you like to test it and share your honest feeling?
    We will provide free sample and extra commission,this should also can bring some fans to your YouTube channel,would you be interested?
    Thanks and looking forward to your reply ^_^

  • Will Dwyer

    The Fourth Amendment only forbids government agencies from conducting unreasonable searches and seizures. It does not apply to the private sector.

  • Dan Piestun

    Matt, excellent take on the privacy of the internet! Wonder why the count of this particular video is rather low….mmmhhh

  • Emmett Johnson

    There's a promising privacy focused phone os at the url
    e.foundation
    I'm not sure what it's called but I would like to try it sometime soonish

Leave a Reply

Your email address will not be published. Required fields are marked *