Are You Being Tracked?
As people seek healthier lifestyles, they’re turning to technology for help. Runners use wearable monitors to track distance and pacing, while others use self-tracking devices to stop smoking, lose weight, and manage stress and chronic medical conditions.
As sensors and processors are miniaturized, battery life is extended, and global communications infrastructure expands, rapid growth in the self-tracking business will increase exponentially. It is estimated that by 2018 there will be nearly a half billion self-tracking devices shipped worldwide. As self-tracking devices become more ubiquitous in our daily lives, there is likely to be an increase in security and privacy issues.
Many of these tracking devices use Bluetooth technology that allows continuous or part-time connectivity to other computing devices without the need for wires. It’s very convenient for us, but is it worth the threat to your personal security? Bluetooth transmits short-range signals that may attach to other devices that can be intercepted and read by anyone with a Bluetooth scanner within a 100 meter range. This is a cause for concern because tracking devices can store personally identifiable information (PII) and even locate the device owner. WiFi-enabled tracking devices are also vulnerable.
Many self-tracking devices require the user to register with the application’s service provider. Researchers found that 20 percent of the applications transmitted sensitive data in clear text (no encryption), making it fairly simple for cybercriminals to hack into an application to retrieve your account information.
Researchers have noted that more than 50 percent of self-tracking applications fail to have a privacy policy, while 48 percent have privacy policies that are so generic that they do not explain how they would protect PII.
As sensors and processors are miniaturized, battery life is extended, and global communications infrastructure expands, rapid growth in the self-tracking business will increase exponentially. It is estimated that by 2018 there will be nearly a half billion self-tracking devices shipped worldwide. As self-tracking devices become more ubiquitous in our daily lives, there is likely to be an increase in security and privacy issues.
Understand the security and privacy concerns associated with self-tracking devices.
Many brands of devices have been found to be vulnerable to location tracking. GPS-based applications on smartphones, smartwatches, and sports wristbands can even track your whereabouts without your knowledge.Many of these tracking devices use Bluetooth technology that allows continuous or part-time connectivity to other computing devices without the need for wires. It’s very convenient for us, but is it worth the threat to your personal security? Bluetooth transmits short-range signals that may attach to other devices that can be intercepted and read by anyone with a Bluetooth scanner within a 100 meter range. This is a cause for concern because tracking devices can store personally identifiable information (PII) and even locate the device owner. WiFi-enabled tracking devices are also vulnerable.
Many self-tracking devices require the user to register with the application’s service provider. Researchers found that 20 percent of the applications transmitted sensitive data in clear text (no encryption), making it fairly simple for cybercriminals to hack into an application to retrieve your account information.
Check the privacy policy before you register.
In the U.S., the Online Privacy Protection Act of 2003 requires that any entity that collects or manages PII create a privacy policy that is displayed prominently and is easily located. Privacy policies also should be understandable to anyone that is not in the legal profession. Data collected must only be used for the intended original purpose.Researchers have noted that more than 50 percent of self-tracking applications fail to have a privacy policy, while 48 percent have privacy policies that are so generic that they do not explain how they would protect PII.
Privacy policies should clearly answer the following questions:
- Who is collecting the data?
- What is being collected?
- When is data collected?
- For what will the data be used?
- How long will the data be kept?
- How can the user access and control the data?
- Will the data be shared with third parties?
Tips to protect yourself:
- Use a screen lock or password to prevent unauthorized access to your device.
- Do not reuse the same username and password for different sites.
- Use very strong passwords preferably 8-12 characters with lower and uppercase letters, symbols and numbers.
- Turn off Bluetooth and Wi-Fi when not required.
- Avoid sharing location information on social media sites.
- Avoid apps and self-tracking services that do not prominently display their privacy policy.
- Read and fully understand the privacy policy.
- Make sure to update the device's operating system when updates are available.
- Use device based security solutions.
- Use full encryption on your devices.
No comments:
Post a Comment