Four years ago, CIA Director David Patraeus implied that the government could begin to spy on American citizens using items that they own belonging to the Internet of Things (IoT). The IoT is defined as “the network of physical objects—devices, vehicles, buildings and other items embedded with electronics, software, sensors, and network connectivity—that enables these objects to collect and exchange data.” Patraeus’ sentiments were reinforced in a recent testimony, published in the “Worldwide Threat Assessment of the U.S. Intelligence Community” report, by U.S. Director of National Intelligence James Clapper.
In the Harvard report, which was delivered to the Senate Armed Services Committee earlier this month, Clapper testified:
“Smart” devices incorporated into the electric grid, vehicles—including autonomous vehicles—and household appliances are improving efficiency, energy conservation, and convenience. However, security industry analysts have demonstrated that many of these new systems can threaten data privacy, data integrity, or continuity of services. In the future, intelligence services might use the IoT for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.
All-in-all, this means that the government will be able to conduct surveillance on citizens through baby monitors, smart TVs, IP cameras, home automation products (i.e. smart thermostats and smoke detectors), smart toys (i.e. Hello Barbie or Elf on a Shelf), the Amazon Echo, connected cars, smartphones, fitness trackers (a recent report showed that a woman’s Fitbit detected her pregnancy before she or her husband knew), refrigerators, crock-pots, motion detectors, even pregnancy tests.
“Appliances and products ranging from televisions and toasters to bed sheets, light bulbs, cameras, toothbrushes, door locks, cars, watches and other wearables are being packed with sensors and wireless connectivity,” the report detailed. “Law enforcement or intelligence agencies may start to seek orders compelling Samsung, Google, Mattel, Nest or vendors of other networked devices to push an update or flip a digital switch to intercept the ambient communications of a target.”
Now, if the technology companies adopt encryption, like smartphone manufacturers, there wouldn’t be much that the government could do if (like Apple did recently) they refuse to comply. Encryption will be even further protected should the ENCRYPT Act, which was recently introduced to the US House of Representatives, goes through. According to Reuters, The ENCRYPT Act would “prevent any state or locality from mandating that a ‘manufacturer, developer, seller, or provider’ design or alter the security of a product so it can be decrypted or surveilled by authorities.”
Read the full “Worldwide Threat Assessment of the U.S. Intelligence Community” report here.