The Top Hidden Privacy Dangers

The Top Hidden Privacy Dangers

CompliancePoint LogoNow more than ever before, “big data” is a term that is widely used by businesses and consumers alike. Consumers have begun to better understand how their data is being used, but many fail to realize the hidden dangers in everyday technology. From smartphones and smart TVs to location services and speech capabilities, often times user data is stored without your knowledge.  Here are some of the most common yet hidden privacy dangers facing consumers today:

Geo-Location

Geo-Location can be convenient, especially when you’re lost or need GPS services. However, many fail to realize that any information surrounding your location is stored and archived, and then often times sold to a third party who wants to use that information for a wide variety of reasons. For example, are you aware that data is often collected during your shopping experiences?

A variety of stores will purchase location information to determine how long a customer browsed in a particular aisle so that they can further market to those customers in the future- promoting similar products.  The information may seem harmless, but would you feel that same way if you saw a physical person following you around collecting the same information?

Read More: CompliancePoint Announces New White Paper on Data Breach Security Measures

Social Media

Facebook, Google, Twitter, and Instagram are all social media services that are provided to individuals for “free,” but have you ever wondered what the real cost might be? It is often said that if you don’t have to PAY for the service, then you probably ARE the service. The hidden cost for utilizing these social media sites is the forfeit of personal information for the social media sites to sell and thus profit from. In fact, Google and Yahoo can actually read their customers’ personal email.

Some individuals might say they don’t mind because they have “nothing to hide,” but wouldn’t you be wary of publicly posting your login credentials not knowing who might have access? Giving these large organizations’ rights to your private messages can be interpreted as pretty much the same thing. After all, isn’t your personal email just that — personal? Another unknown fact about Facebook is that they can create “ghost profiles” using facial recognition for people who do not have an account but appear in someone else’s photos.

During the Dakota Pipeline Protests, Facebook sold the private chat messages of its users who were discussing the matter to the FBI and local police, as well as private security companies who further reported inside information directly to the pipeline company. Because the information was “for sale,” the police didn’t need a warrant to obtain confidential information — they simply needed to buy it.  This is just one of the many ways that social media affects those who don’t realize the implications.

Read More: Facebook Is Going the Extra Mile for User Data Security

Web Browsers and Apps

Before smartphones existed, “apps” were nonexistent. Anything accessed now through an app, was before accessed through an internet browser.  The web browser on a smartphone is what is referred to in the cyber-security industry as “sandboxed,” meaning it cannot access general data on the system or control hardware. An installed app, however, can be coded to do anything it wants to gain access to any hardware the user has control of.  Take the History Channel for example, if a user accesses the site from a laptop, they can access the entire website without a problem.  However, if accessed through a web browser on a smartphone, the user is prompted to “download the app.”

Many times, if you do not download the app, the website will disable you from viewing or using it, forcing you to download the app and giving up your personal information in the process. After downloading the app, it asks for permission to access the camera and the microphone on your device. This is because the app is storing personal information of its users outside of what happens within the History Channel app you just downloaded.

Read MoreRisky Business: Navigating Privacy and Compliance in a GDPR World

Speech Software & Smart TVs

Speech software such as Cortana, Alexa, and Siri have become increasingly popular in the past few years. However, if you are running these services in your home or office, then you have an active listening device running at all times. Essentially, you are “bugged.”  These services are running, tapping and sending your audio streams to remote servers daily. Many fail to realize that the cameras on these devices can be turned on without the light being activated.

Meaning, your smart TV can be watching you even when you aren’t watching it. All of this can be done without downloading any related software because the software is already built-in. Some smart TVs will not turn on if the camera is covered with tape, or if the microphone has been disabled. If you’re living in the United States and utilizing a smart TV, it’s likely monitoring and watching you.

Shopping & Savings Cards

Are these just great programs to help you save a little money at various stores? What is in it for the business offering these ‘savings’?  There are some little- known privacy danger inherent in the “frequent shopper” or savings cards offered by many grocery stores and retailers. These organizations are saving, analyzing, and sharing information on what you buy, when you buy it, and predicting future sales.

The savings passed on to the consumer are far less than the amount of money these companies are making by selling the information to outside resources regarding your purchasing history and habits. Specifically, Kroger and Ingles make over 200% more profit from the data that they sell than the savings that the consumer experiences.  The best way to protect oneself from the sharing of personal information is to limit the number of programs you participate in.

Read More: A Penny For Your Thoughts: Can Consumers Become The Benefactors Of Our Own Data?

Picture of Greg Sparrow

Greg Sparrow

Greg Sparrow has enjoyed over 17 years’ experience in Privacy, Information Security and Risk Management Greg has had the pleasure of working on both US based and international projects. He was responsible for the development and implementation of the security program’s responsible for protecting billions of dollars in annual transaction volume. Greg’s most recent work includes security and certification work for Samsung Pay, enterprise risk management for multiple NFL and MLB sports teams and helping to secure critical infrastructure at some of the nation’s largest transit hubs. Greg holds multiple IT and security certifications covering the Healthcare Industry, Payment Card Industry and federal banking standards.

You Might Also Like