Innovation first, then security

The internet of things: It can help us manage our energy use even when we’re away from home, it can help you let people into your house remotely or make receiving packages easier. It can help you monitor your own family, home security issues or grocery use.. and it can help others monitor you.

A recent Gizmodo investigation, for example, revealed that Amazon’s smart doorbell/home security system Ring had major security vulnerabilities even despite a company pledge to protect user privacy. Gizmodo was able to uncover the locations of thousands of ring devices within a random Washington DC area. While only the Ring users who chose to use the Neighbors app were revealed, this still represents a major vulnerability which is ripe for exploitation.

Reflecting the density of Ring cameras that have been used to share footage on Neighbors over the past 500 days. Screenshot: Gizmodo

Continue reading “Innovation first, then security”

Innovation first, then security

It’s Not You, Or Me!

Pop quiz: What do climate change and social media privacy have in common?

“Stop Global Warming” by Piera Zuliani is licensed under CC BY-ND 4.0

If you said, “a distracting and inaccurate focus on individual actions” you’re correct! Congratulations! Pat yourself on the back and pour yourself a congratulatory beer, glass of wine, coffee, or soda.

Continue reading “It’s Not You, Or Me!”

It’s Not You, Or Me!

AI in the Canadian Government: The Immigration Edition

Over the last two years or so, the Canadian Government has been openly exploring the issue of how some government processes, such as the processing of lower risk or routine immigration files can be made more efficient through the use of AI (machine learning) algorithmic processes.

The good news is that the adoption of these systems has so far been guided by a digital framework which includes making the processes and software open by default whenever possible. These guidelines hint at a transparency that is necessary to mitigate algorithmic bias.

Input Creativity
“Input Creativity” by Row Zero – Simon Williamson is licensed under CC BY-NC 4.0

Continue reading “AI in the Canadian Government: The Immigration Edition”

AI in the Canadian Government: The Immigration Edition

AI security hits a Canadian University: Proceed with Caution

I usually only post to this blog once per week, but a news story caught my eye today since it concerns my sector (higher education), my country (Canada) and my passion (technology critique).

Mount Royal University: Image from https://www.cbc.ca/news/canada/calgary/mru-ai-security-1.5136407

Mount Royal University in Calgary, Alberta is going to be the first organization in Canada to install an AI system for the purposes of security. This system consists of a network of cameras and a machine learning algorithm that spends the first few weeks learning what “normal” movement looks like on campus, then uses that baseline to detect if there might be a security issue. Deviations from normal in this case, signal a potential “threat” or at least an event worth looking into. As described by the Vice-President, Securities management in a recent CBC article:

“when that pattern breaks, what it does, that screen comes to life and it shows the people in the security office where the pattern is now different and then it’s up to a human being to decide what to do about it,”

Continue reading “AI security hits a Canadian University: Proceed with Caution”

AI security hits a Canadian University: Proceed with Caution

(They)’ll be watching you

If I were to rewrite the iconic 1983 Police hit song “I’ll be watching you” for the information age, it might go something like this:

Black and white video image of a bass player from the music video for "Every Breath You Take" by the Police.
Sing it, Sting! Screen Capture from Youtube: https://www.youtube.com/watch?v=OMOGaugKpzs

Every pic you take,
Every move you make,
Every post you make,
Every word you say,
They’ll be watching you.

Oh can’t you see,
They’re using more than cookies.
They’re with you on every road,
On every app you download.

You clicked “I agree”,
And now they see what you see,
They’re tracking you,
And all your pictures too,
They’re always watching you.

Continue reading “(They)’ll be watching you”

(They)’ll be watching you

Because You’re a Media Company

Yesterday, Sandy Parakilas published an insightful op-ed in the NY Times. Titled We Can’t Trust Facebook to Regulate Itself. In this article, Parakilas,  a developer for Facebook leading up to the 2012 IPO, describes Facebook as “a company that prioritized data collection from its users over protecting them from abuse.” Parakilas writes:

Facebook knows what you look like, your location, who your friends are, your interests, if you’re in a relationship or not, and what other pages you look at on the web. This data allows advertisers to target the more than one billion Facebook visitors a day. It’s no wonder the company has ballooned in size to a $500 billion behemoth in the five years since its I.P.O.

The more data it has on offer, the more value it creates for advertisers. That means it has no incentive to police the collection or use of that data — except when negative press or regulators are involved. Facebook is free to do almost whatever it wants with your personal information, and has no reason to put safeguards in place.

In my PhD dissertation, completed in 2013, I made this very point from the outside, arguing for strong evidence that Facebook is in essence a media company rather than the technology provider that at that time they claimed to be. There is an important difference between a technology company and a media company of course. A technology company doesn’t tend to make money off of advertising whereas advertising is essential for media companies. What is particularly insidious about Facebook, as highlighted in Parakilas’ op-ed, is that beyond simply providing attention to advertisers, Facebook also mines and sells user data.

Continue reading “Because You’re a Media Company”

Because You’re a Media Company