The Information Commissioner’s Office (ICO) has issued a warning regarding the potential risks associated with smart devices that collect personal data. The ICO also revealed plans to take action against manufacturers who fail to meet their data security obligations.
This warning comes in response to a recent report from Which? that conducted an audit of various connected devices. It was discovered that nearly all of these devices required location data, even though it was not necessary for their functionality. The report also revealed that certain brands of speakers automatically share customer data with platforms such as TikTok and Meta, while smart TVs insist on knowing viewers’ habits.
According to the Which? report, Ezviz, a Chinese brand sold by popular retailers like Argos, had the most tracking firms active. These included Pangle (TikTok’s business marketing unit), Huawei, Google, and Meta. Every brand examined by Which? used tracking services from Google, and companies like Blink and Ring were also connected to their parent company, Amazon. Google’s Nest product even requires users to provide personal information such as their full name, email, date of birth, and gender.
Andy Ward, the VP International at Absolute Software, emphasized the importance of data security when it comes to connected devices. He stated that while these devices are essential in modern workplaces, they also pose significant security risks. Malicious third parties can potentially eavesdrop, steal passwords, and access confidential information. Therefore, organizations must carefully consider the implementation of new devices and ensure robust cyber defenses are in place. Additionally, the ability to track, locate, and freeze devices in the event of loss or theft is crucial.
ICO chief Stephen Almond, Executive Director of Regulatory Risk, highlighted the need for transparency and consumer trust in these products. He emphasized that individuals should be able to enjoy the benefits of using connected devices without having excessive amounts of personal data collected. To maintain trust, companies must be transparent about the data they collect and how they use it. It is crucial to ensure that data is not used or shared in unexpected ways.
Oseloka Obiora, the CTO of RiverSafe, a cybersecurity company, warned about the risks associated with smart devices and the importance of data privacy and cyber risk. While smart offices bring exciting advancements, they also present various security challenges, such as potential eavesdropping and offering hackers a backdoor into businesses. Obiora stressed the need for caution when adopting new devices, with thorough data policies and proper protection of confidential information.
Overall, the ICO’s warning serves as a reminder that individuals and organizations must be vigilant when using smart devices. It is essential to prioritize data security, implement robust cyber defenses, and ensure transparency regarding the collection and use of personal data. With increasing connectivity, it is crucial to balance convenience with privacy and take proactive measures to minimize the risks associated with smart devices.