 |
| A sign outside the Willows bar at Folsom in San Francisco (Margie Shafer -CBS) |
If you follow developments in personal security,
particularly as related to personal information via the internet, then you’ve
been reading about data brokers.
Data brokers are agencies that collect consumer data
and sell it to a wide variety of companies, handling a large part of what is
known as “big data.”
The collected information enables companies to sell to a
targeted audience, and is what makes personalized – sometimes called
‘retargeted’ – ads like you see in Facebook and on other websites possible,
such as when you’ve been looking up a product on Amazon and then see the same
or similar items listed in the ads displayed on sites you subsequently visit.
The tools available to data brokers on the internet have
resulted in a dramatic expansion in the amount of data held on individuals.
There are about 3,500 registered data brokers in the US
alone, and one of them, Acxiom, claims to have files on 10% of the world’s
population.
Individuals generally aren’t aware of what personal data a
broker has, how they got it, or what will it be used for, although some sites
do have hard-to-find opt-out pages.
According to Techrepublic The widespread adaption of
wearable devices will accelerate the trend and allow a massive increase in the data available for collection.
How Will this Affect Businesses and Individuals?
In an article written for Intellectual Propertyetc.com Rachel Wenzel states “all of
this new technology is collecting data on our most personal bodily functions”
and goes on to say “While wearable technology seems to be a new commodity, the
spread of data is not. We often do not know all of the places our data can end up.”
What Data is Being Collected?
Because of this mass collection of data from multiple
sources, including wearables, the Federal Trade Commission released a report to Congress in May 2014 after an in-depth study
of nine data brokers.
The FTC report, “Data Brokers, A Call for Transparency and
Accountability,” says:
“Because these companies generally never interact with
consumers, consumers are often unaware of their existence, much less the
variety of data collecting (practices) in which they engage.”
It’s certainly a development to follow.
Profiling for Profit
The data is used to compile profiles about consumers, and
they’re placed into categories based on their interests and habits: age, race,
marital status, number of children and income.
Data can be used for purposes that consumers probably
wouldn’t agree to. For example, a data broker could profile a consumer as
belonging in the ‘Skiing Enthusiasts’ category. While a winter sports store
might then offer the consumer coupons, an insurance company using that same
info might infer that the consumer engages in risky behavior and offer higher
insurance premiums.
Terms of Service in Wearables are Unclear
The language is vague in most Terms of Service agreements.
Even the phrase “third party” is up for analysis, since it could mean
practically anyone who is in contact with the company.
One of the other issues is that in many of these agreements
you’ll find a paragraph that states something like, “In the event of the sale
of our company, or if we’re in bankruptcy, we can sell your data.” People don’t
realize that their data is an asset and there is value to knowing peoples likes
and dislikes as well as buying habits. You may be okay having your medical data
stored with your health care provider but if Google starts buying up these providers, are you okay with Google
having full access to your medical history?
The $19 billion that Facebook paid for WhatsApp only begins
to make sense when you understood that a) WhatsApp has 500 million users; b)
every WhatsApp user offers a rich vein of totally transparent data that can be
bought and sold.
It’s important to note that WhatsApp is a totally open
service. Every user’s phone number, message, location and image shared can be
used for profiling and resale.
Wearables in the Workplace
So, is there a business case for wearables in the workplace?
The answer is a qualified “yes.
Because wearable computing devices let users go hands-free,
there are a lot of ways they could be useful at work. For emergency personnel,
search-and-rescue teams and surgeons, wearables can provide real-time critical
information.
Smartglasses could be useful for technicians who need to
consult a manual, take a picture or view a set of schematics while performing
repairs.
Wearables can also remotely manage equipment on an assembly
line. Workers who need to wear special suits, such as environmental disaster
teams, could have hands-free access to data via smartglasses or a connected
wrist device.
Any user who needs instant access to important data can
benefit from using wearables in their workplace.
Notice I didn’t mention sales people or office staff.
Although I am sure that many will make a case for smartglasses or smartwatches
in the office, it’s difficult to think of a situation where a wearable device
would improve the productivity of a mobile sales team or an office worker.
How does the Law Oversee Wearables in the Workplace?
In the UK, wearable devices worn at work must operate in
line with the requirements of the Data Protection Act. This includes making
sure that people are being informed about how their details are being collected
and used, only collecting information that is relevant, adequate and not
excessive and ensuring that any information that needs to be collected is kept
securely and deleted once it is no longer required.
If the wearable technology is able to capture video or
pictures, organisations must address the issues raised in (believe it or not)
the CCTV Code of Practice. Mobile phones that take videos are
not covered because it is deemed obvious if a person is using a phone to take
pictures or videos
Information Security and Wearables in the Workplace
The current crop of wearables is based on Android, while the
next generation will run on Google’s recently announced Android Wear operating system.
Android is an open source operating system given away freely
by Google to smart device manufacturers. Its adaption has been phenomenal and
the majority of smartphones and wearables produced today come withAndroid pre-installed.
Unfortunately, Android’s success has attracted a huge
increase in Android malware. Security vendor Trend Micro rates Android an
”equal (if not greater) threatened platform to Microsoft Windows.”
Other experts say wearables are most vulnerable to malware
or hacking when sending data to the cloud. This adds a fair amount of vulnerability in the workplace.
Still, research firm Gartner forecasts that Google Glass and
other smart-glasses will help make employees more efficient, ultimately adding
more than $1 billion per year to company profits by 2017. This report and others
like it will probably convince many companies that they should introduce
wearables regardless of the potential for malware or end point vulnerabilities.
So is there an Alternative?
There are several manufacturers of wearable computing
devices for the workplace. These run on the BlackBerry secure QNX operating
system.
One such manufacturer, Euro Tech,
supplies wearable devices and systems to industry, logistic, healthcare,
transportation and defense markets. The equipment isn’t cheap, and it won’t
pass inspection by fashion-conscious tech reviewers, but it is secure and
durable.
If companies want secure wearables in the workplace, BlackBerry’s
QNX trumps the Android OS.
So what do wearables mean for CIOs? It’s another threat that
needs to be risk-assessed from a legal and data security perspective, and
systems should be proactively put in place to protect the company before they
appear in the workforce.
No comments:
Post a Comment