As the technological realm becomes more pervasive, whom can we trust? Each week, Liberty Nation brings new insight into the fraudulent use of personal data, breaches of privacy, and attempts to filter our perception.
Motel Movie – You Be the Star
People film themselves doing all manner of things these days and somewhere out there, apparently, there is an audience for any activity. One hotel in Japan seems to think the internet voyeur business may be more profitable than providing accommodation, so it slashed the rate of one room – as long as the occupant agrees to have his or her every movement live-streamed.
No, this is not a pornographic enterprise – in fact, sexual activity and nudity are against the rules. The Asahi Ryokan hotel in the city of Fukuoka is charging only $1 per night for travelers to stay in room #8 if they don’t mind being filmed during their stay. “Peeking Camera in Hotel Room: In exchange for being able to stay at a low price, guest’s room is broadcasted [sic] live on YouTube for 24 hours,” the hotel’s YouTube channel, which now has thousands of subscribers, says. The $1 price is a reduction from the usual $27 per night commanded by other rooms at the establishment. Originally, it was a marketing strategy to try to fill the hotel’s least booked room, according to Japanese news site Sato24. The recordings are soundless, and guests are not filmed in the bathroom; they are also free to turn out the lights when they wish, at which point the live-stream goes pitch black.
“Young people nowadays don’t care much about the privacy,” said manager Tetsuya Inoue, whose grandmother owns the hotel. “Some of them say it’s OK to be [watched] for just one day.” Inoue himself becomes the star of the show as he is filmed going about his duties when room #8 – a small tatami room with a futon on the floor – is vacant.
The Asahi Ryokan is hardly luxury accommodation, but at least this small establishment gives guests a choice of whether they want to be filmed or not. In October, Japanese hotel chain HIS Group admitted that bedside video cameras could be hacked – and that executives had known about it. Self-described “Crypto Locksmith” Lance R. Vick outed the company on Twitter, saying:
“The bed facing Tapia robot deployed at the famous Robot Hotels in Japan can be converted to offer anyone remote camera/mic access to all future guests. Unsigned code via NFC behind the head. Vendor had 90 days. They didn’t care.”
One might expect that a hotel chain “employing” robot staff would know its way around tech security a bit better. The Henn na hotels opened in 2015, replacing human receptionists and assistants with automatons in both human and novelty forms (ever been checked-in by a dinosaur?) while guests unlock rooms via facial recognition. While it was thought the robot staff would cut costs, the Nagasaki branch fired over half the androids earlier this year after complaints from human staff and customers who found them less than effective.
Each room contains an assistant bot and these Tapia devices could apparently be hacked easily by placing a cheap NFC (near field communications) sticker and installing a recording program to spy on guests’ rooms. HIS Group apologized not only for the lack of security but for failing to act on the warning – until bad press forced it to do so. According to Thomas Hatch, CTO and co-founder of IT security company SaltStack, this situation is not unusual. “Even large companies with large resources are struggling to keep up with securing their assets, let alone smaller companies that are pushing these devices out to the world. Many smaller companies lack the proclivity or motivation to secure such devices,” he said.
Do you believe in love at first sight or, perhaps, love at first swipe? Romance was one of the first aspects of our lives to go online – from matchmakers to hookup apps, dating on the internet has lost much of the stigma that bogged down romantic hopefuls in the early days. In fact, the success of online dating has some researchers predicting that in the year 2035, more than 50% of romantic relationships will originate online.
The year 2037 has been dubbed the year of the “e-baby” by matchmaking website eHarmony and students at London’s Imperial College Business School. Based on a survey of 4,000 people and statistics from the U.K.’s Office for National Statistics, researchers projected that in 2037, more babies will be born to couples who met online than to those who met in real life.
Between 2015 and 2019, 32% of relationships began online, compared to only 19% from 2005 to 2014. Almost a quarter of millennial relationships already begin on dating apps – the most common conduit – at 23%.
Biggest Known Data Breach
In its recent Surveillance Giants report on Google and Facebook, Amnesty International claimed that data breaches and scandals are routine functions – rather than aberrations – of these businesses. Well, this week revealed a doozy, as the personal data of 1.2 billion people were found on an unsecured Google Cloud server.
This information – from customers in the U.S., Canada, and the U.K. – was found by researchers with the Data Viper cybersecurity company. The data was removed after being reported to the FBI, but according to Data Viper’s blog, the leaked information included names, email addresses, phone numbers, and LinkedIn and Facebook profiles.
The breach is thought to have originated mostly from data enrichment companies – businesses that take one data point on a person and then trawl the internet for information to create a full profile. As Data Viper explains:
For a very low price, data enrichment companies allow you to take a single piece of information on a person (such as a name or email address), and expand (or enrich) that user profile to include hundreds of additional new data points of information … Each time a company chooses to “enrich” a user profile, they are also agreeing to provide what they know about the person to the enriching organization (thereby increasing the validity of the organization’s future results). Despite efforts from social media organizations like Facebook, the resulting data continues to be compounded, creating a situation with no oversight that ultimately allows all of a person’s social and personal information to be easily downloaded.
The information was traced back to enrichment companies People Data Labs and OxyData.io, although it is not established that they leaked it – perhaps a client who had purchased the data from either of these businesses is the culprit.
“This is the first time ever that I’ve seen emails, names and numbers linked with Facebook, Twitter, LinkedIn, and Github profiles all in one spot,” said Vinny Troia, one of the experts who discovered the infringement. “There are no passwords related to this data, but having a new, fresh set of passwords isn’t that exciting anymore. Having all of this social media stuff in one place is a useful weapon and investigative tool.”
Despite the huge volume of information released, some have urged the public not to panic – the breach only exposes information that was already publicly available – but no passwords, financial or social security data was found. Consumer website Tom’s Guide recommended that social media users protect themselves by not putting sensitive personal information – including date of birth – on social media profiles. Troia also gave the information to website HaveIBeenPwned, which allows internet users to check if their accounts have been compromised.
That’s all for this week from Tech Tyranny. Check back in next Monday to find out what’s happening in the digital realm and how it impacts you.
Read more from Laura Valkovic.