We've all heard the stories about consumers who were having a conversation in the privacy of their own homes near an Alexa device, and then later, when browsing online, they saw pop-up ads of the very thing they were talking about. Amazon has been slammed pretty hard about violating privacy laws with its "always listening" devices.
Our homes are littered with smart devices, from refrigerators and coffee makers to smart cars, speakers, and even TV remotes. Reports of TV remotes being hacked and criminals listening in on private conversations and using the information for identity theft or fraud are becoming commonplace.
There is no doubt that AI and machine learning makes our lives more convenient and even fun. But where is the line between being useful and helpful cross into an invasion of privacy that puts us at risk?
How Do These Technologies Pose a Risk?
AI and machine learning both require a lot of data (usually stored in the cloud) to be effective, learn, and create neural networks where the technology can change to meet consumers' needs. This data serves to help predict behaviors and assess how accurately the technology is working while also processing transactions.
Any large amount of data stored online may be hacked, putting users at risk by exposing sensitive or personal information about them. Scammers look for this information to use for identity theft and fraud. Treasure troves of these data buckets are sold, bought, and found on the dark web all the time.
Other ways these technologies pose a risk is in the hardware and software itself. As with any new technology, there may be vulnerabilities that hackers become aware of and abuse to take control. There have been some incidents of hackers taking control of self-driving cars putting the occupants at risk.
Most of these devices are connected to the internet either via Wi-Fi or a wireless carrier. Whenever a device is exposed online, it may be subject to hacking, abuse, or exploitation.
Some other big risks involve:
No Coding Standards
Because AI technology is in its infancy, there are no standards for coding and security protocols. Many of them need much stricter controls and additional layers of security to keep the bad guys out. According to CSO, some of these vendors use a "black box" system, which is too complex to explain, leaving them at extreme risk in terms of vulnerability. CSO explains, "In security, being able to explain what happened is a foundational component. If I can't explain why it happened, how can I fix it?"
Another component of these security issues is because these devices are "voice-controlled," what authentication do they use to make sure that the owner is the one controlling them? Some of them use third-party add-ons, software and may even connect to other cloud-based services leaving even more open doors for hackers to walk right in. CSO reports that "There's no such thing as an AI model that is free of security problems because people decide how to train them, people decide what data to include, people, decide what they want to predict and forecast, and people decide how much of that information to expose."
Data Corruption or Poisoning
Whenever a system uses stored data, there is the possibility that hackers could access the data and corrupt it with their own information making these devices work improperly or infect the system with malware. On top of that is the information stored about users. CSO explains, "It's a real threat down the line, but right now, the classic tools that attackers use to evade antivirus are still effective, so they don't need to get fancier."
How to Protect Your AI/ML Devices and Your Privacy
It's clear that the devices, technologies, and software need serious upgrades to protect consumers' privacy and security; however, in the meantime, here are some ways you can protect your privacy and keep things safe.
- On Alexa devices, you can now turn on/off the audio and video buttons so the device will only "listen" and "watch" when you want it to.
- Be mindful of talking about sensitive or private subjects when around smart home devices. Someone could be listening.
- Secure your Wi-Fi network with a strong password, encryption, and a firewall to keep hackers out.
- Check online to see if there are any firmware security patches or updates for TV remotes or other vulnerable devices.
- Always use strong passwords when securing all devices and accounts (a combination of letters, numbers, and symbols is best).
- Put tape over video cameras when not using them. You never know who might be watching.
Your best defense against hackers and those who wish to commit fraud is common sense.