People don’t like being spied on, as a rule. If you looked over your shoulder while using your computer and saw someone looking in your window at what website you were on, you’d have a distinctly negative reaction. If while driving to work you saw a car following you, wouldn’t you be a bit uneasy? When you arrived at work, if someone met you at your car and reached in to pull out the microphone and recording device they had stashed in your vehicle, how would you react? Oddly enough, those things are already happening. A host of companies and your own government are already spying on you, and have been for some time — but we continue to shrug it off. Maybe that’s because we simply don’t know about all the ways we’re being catalogued. Maybe we already know, somewhere in our heads, but we’ve gotten so used to the convenience that we have decided it’s a worthy trade. Either way, here are five ways you probably haven’t thought of yet.
OnStar: If your vehicle has OnStar or a similar capability, you are being spied on in ways you can’t imagine. It’s called “cartapping,” and it’s been going on for fifteen years or more. Law enforcement requests data from OnStar and other companies during criminal cases, and that data includes the conversations you had in your car. How many of us have sensitive phone conversations in our cars? Maybe a disagreement with our spouse? Do you generally assume that the interior of your car is a private place? You would be incorrect; one case found that since the monitoring (“searching”) was done by a private citizen (the OnStar employee) it didn’t count as a Fourth Amendment violation.
Store Loyalty Cards: You’re at the checkout with a loaded cart of groceries, and the store employee barely looks up as you start loading the conveyor belt. “Are you a rewards member?” Of course you are; you shop here all the time and the prices are much better if you’re in the club. You punch in your phone number, and suddenly you’re saving money. Now, you have to ask yourself: why would the store let you have these special discounts? It’s not because they’re altruistic, or they genuinely want you to save money. Nothing is free, and so the store is getting something in return. In this case, your data. What you buy, how often, what brand names, what days and times you shop, and much more. Your data, in fact, can tell them a lot more about you then whether you prefer canned peaches or fresh. Are you buying diapers? You must have a baby in the house; judging by the diaper size, he’s about two months old. You spend $250 or so every other Saturday? Chances are you’re getting paid every other Friday. You’re paying with a Wells Fargo debit card? Now we know where you bank. You’re buying generic macaroni and cheese instead of the expensive brand of Havarti you normally buy? Someone may be having money problems. The list goes on and on. In fact, a few years ago, a man received coupons in the mail from Target congratulating his teenage daughter on her pregnancy — except, he didn’t know she was pregnant. Target did, however, because of the products she had purchased with her debit card.
GPS Apps: Remember when needing directions meant consulting an atlas or a paper map? Remember when Mapquest first came out and you could print out step by step directions? Now we simply pull up Waze, Google Maps, or a number of other mobile apps and away we go. Have you noticed that when you get into your car and pull up Waze in the morning to check traffic, however, that it asks, “Are you going to work?” You’ve created a behavior pattern, and the app is literally asking you if you are going to deviate from the pattern that it has already defined based on the data it has collected.
Smart Home Devices: It’s fashionable now to have everything in your home controlled with your smartphone. You can lock or unlock your front door, turn your lights on and off, control your security cameras, or even see what the temperature is of the steak you threw on the grill when you got home — but again, what is the price of that convenience? All of that data has to go somewhere. All of those scheduled on/off cycles are stored, along with your usage patterns, and they can all be accessed by the manufacturer (or hackers, or the government, or anyone else with the knowledge and capability to do so). Sure, all of these devices have passwords behind the scenes to access the data, but let’s be realistic: How many people know the password to their refrigerator? Their connected light bulbs? Their “smart” washing machines? In most cases, the default password put in by the manufacturer is what the device is still running on, and you probably already know how this story ends:
Default credentials, which are ignored or too difficult for some people to change, [were] behind the development of a botnet that took part in the largest DDoS attack on record.
A botnet is when a hacker controls and links thousands, even hundreds of thousands, of these devices together, using them to attack websites. Chances are, you’re not exactly excited about the idea of a device from your home being used to attack others, so why would you even want devices in your home that can be used for that purpose, or to spy on you?
What does all of this add up to in practical terms? Well, think about how much data that can be gleaned just from these particular aspects. This does not count your email, your texts, or your internet history — all of which are known to be collected in bulk.
Next time you’re standing in that checkout line and you’re asked if you’re a member of the rewards club, maybe now you’ll say no. Perhaps you’ll stop by the ATM and take out some cash before going grocery shopping. And maybe, next time you cook a steak on the grill, you’ll stay out there and watch it yourself. Every little bit of privacy you take back helps — even if it means a steak that’s just a little too well-done.