Stacey on IoT | Internet of Things news and analysis

Internet of Things

  • Home
  • Analysis
  • Startups
  • How-To
  • News
  • Podcast
  • About
  • Speaking
    • Facebook
    • RSS
    • Twitter
    • YouTube

Contribute to an app trying to stop IoT surveillance

December 8, 2020 by Stacey Higginbotham Leave a Comment

I’m going to keep this article really short to help make up for the tome of an essay above, although the topic is related. This week, Carnegie Mellon released what it’s calling the IoT Privacy Assistant app, which shows users the location of nearby devices that could gather data about them. The app, which is free, gives users the address of the devices, an image of them, and whatever the app knows about their data retention policies.

I didn’t have a chance to confirm the accuracy of the app’s data retention policies in the time between Carnegie Mellon’s announcement and the publication of this newsletter, but this effort to make local surveillance visible makes me really happy. In my case, the app pulled up a bunch of security cameras attached to banks along with cameras used by the government to track the line of cars waiting to get on the ferry from my island home to Seattle.

— There are a lot of security cameras near me.

I was disappointed that the app didn’t pick up my local devices on the network, but that’s because no one has apparently shared that my Eufy doorbell, for example, might pick up their face or license plate and share that with me. If I want to track more devices I need to publish them on the app myself.

I can become a contributor to the network and submit my own devices or devices I find while rambling around my neighborhood. To do that, I have to register on the IoT Privacy website and fill out a report. As part of that process, I have to acknowledge that I am over 18 and that my work will become part of a research study. If I decide to delete my account, all of the devices I have contributed will also be deleted unless I transfer ownership of those items to someone else.

So if you are a ride-or-die reporter of data-collecting IoT devices in your area, be aware that your reports will be public and part of this research. I tried to create a resource for my Eufy doorbell and it took me about five minutes before I hit a wall. It asked me questions about my device’s data-sharing and retention practices that I doubt many consumers would know, such as who would have access to the data and how long it would be stored. It also asked for access to various APIs, which I didn’t have.

The goal is to get vendors of connected devices to create registries for those devices, then let users claim them or report them. So without vendors on board, it may just continue to show me nearby surveillance cameras and nothing more. But while that’s helpful, I’d love to see more people claiming and reporting their own devices — and for the vendors themselves to get involved.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Filed Under: Analysis, Featured Tagged With: carnegie mellon, Eufy

Sponsors



Become a sponsor

Subscribe to Blog via Email

Enter your email address to receive notifications of new posts by email.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

IoT Podcast

Listen to the latest episode of the Internet of Things Podcast. Just press play!

Sponsors

Become a sponsor







Get Stacey’s free weekly Internet of Things newsletter

  • This field is for validation purposes and should be left unchanged.

Recent Comments

  • YYTT on So long, and thanks for all the insights
  • Stacey Higginbotham on Matter is now official!
  • Kevin Wirick on Matter is now official!
  • John on Episode 437: Goodbye and good luck

Stacey on Twitter

Tweets by gigastacey
Copyright © 2023 SKT Labs, LLC · Privacy Policy