By Mark Abbott, Courthouse Libraries BC – Information Services
The EU’s General Data Protection Regulation (GDPR), a new global standard for privacy law, came into effect on May 25, 2018. The GDPR gives citizens of the European Union (EU) more control over their personal information and how organizations all over the world can use their data. The regulation is far-reaching, applicable to Canadian organizations if they offer goods and services to and/or monitor the behaviour of EU citizens.
This new law comes at an interesting time as news stories circulate of large data breaches in both the public and private sectors. Our lives are inextricably intertwined with and operating in the digital ether. One example of this is the growing adoption of “Smart Home Technology”. Smart Home Technology allows various types of devices to connect to the internet, to offer automation services that either provide convenience, efficiency, and/or security.
In this new world of opportunity, how can we protect our personal data? We consulted BC and Canadian privacy and security experts for tips on how you can take preventive measures against having your data stolen and some precautions to take with smart home technology.
What is Smart Home Technology?
Smart Home Technology includes devices connected to the internet that exchange data with each other, commonly referred to as the “Internet of Things,” or IoT. Examples range from dimmer light switches, monitored thermostats, wireless speaker systems, to smartphones, Amazon Echo (powered by Alexa) and Google Home.
Precautions and Awareness
Before you start using smart home technology, there are some important considerations, according to Vincent Gogolek, former executive director of the BC Freedom of Information and Privacy Association (BC FIPA). “The first precaution should be to look at whether the convenience offered by a particular device is of real use to you compared to the potential downside risks,” he says. “Does your toaster really need to be connected to the internet?”
In terms of awareness, Vincent suggests we keep ourselves informed about features we might not even realize are a potential problem. “Microphones that allow voice commands are able to record everything that goes on in that room, and it is often unclear when recording is on, how long it is stored, where it is shared and what may be done with the personal information it collects.”
Practical steps to protect yourself
Former Ontario Information and Privacy Commissioner Ann Cavoukian is a vocal and tireless advocate for data security and safeguarding our personal information. We spoke with Dr. Cavoukian about some practical steps you can take to protect yourself.
“At this point in time, refrain from bringing these connected devices into your home,” she says. “Your home is your last bastion of privacy and these devices completely erode that.” Dr. Cavoukian believes that in the wake of the GDPR coming into effect, there’s a better chance we’ll have greater protection.
If you simply can’t wait to have that Amazon Echo or smart refrigerator in your home, “you have to, unfortunately, read the Terms of Service these companies provide,” she cautions–even if those service agreements remain long and tedious–particularly if you want to know how your information is stored and used by third parties. Equipping yourself with this knowledge helps you make an informed decision as to whether or not you want to engage with the technology.
Learn more about your privacy rights
Clicklaw has a couple of resources available on the above topics:
- The Internet of Things: From the Office of the Privacy Commissioner of Canada, this introduction to privacy issues – with a focus on the retail and home environments – is a handy starter guide. You can read the entire guide on the webpage or download it as a pdf.
- Get Cyber Safe – Cyber Security Risks: From the Department of Public Safety and Emergency Preparedness site “Get Cyber Safe”: The Internet of Things (IoT) refers to physical devices (smart/connected devices) that connect to each other via the internet. This website helps you understand how to protect your privacy and security if you are using them at home. It also has a section for small/medium business owners.
BC Freedom of Information and Privacy Association (BC FIPA) published their report “Connected Cars” in the spring of 2015. Be on the lookout, as BC FIPA’s new executive director, Sara Neuert, said an updated report will likely be published by early fall. Read the report here.