Hi Bob,
The NSA activities have certainly gotten a lot of attention. Of course it would be interesting to consider those in the security and privacy write-up (somehow).
There are, however, challenges in what one would exactly suggest.
To pick your Internet-enabled scale, as an example, it is obviously important to deal with security and privacy protection for the communication from the scale
to the Web-based service where the weight (and potentially other information) is stored. You also want to avoid unauthorized access to your data or that your scale is suddenly becomes part of a botnet, etc.
However, if the service provider is in the US then there may be little protection you can apply to avoid cases of lawful intercept since a government agency
could just walk over to the service provider and ask for the data.
It might, however, nevertheless be good to capture these aspects somewhere. Since the documents I had distributed in my earlier mail relate to discussions that
happened to those workshops I obviously cannot add them there since we did not discuss this aspect.
Ciao
Hannes
From: community-bounces@kantarainitiative.org [mailto:community-bounces@kantarainitiative.org]
On Behalf Of ext Bob Pinheiro
Sent: Thursday, June 13, 2013 2:23 AM
To: community@kantarainitiative.org
Subject: Re: [Kantara - Community] Kantara Response to FTC IoT Privacy and Security Implications
Here in the US, we've recently become aware that the government (that is, the National Security Agency) is collecting metadata on every phone call made in the US. It's unclear the extent to which the NSA is also collecting information
about other forms of electronic communications such as emails, tweets, text messages, web browsing habits, etc..
Many people seem to be OK with this if it can help the government detect possible terrorist activities. Others are calling for more transparency and less secrecy with respect to government policies for conducting electronic surveillance of its citizens (and
others).
Now we have the Internet of Things, which proposes that all of our everyday devices should be connected to the Internet. It's not hard to imagine that the possibilities for additional surveillance are increased when all our devices are networked and talking
to each other.
Before I'm going to allow my bathroom scale to talk to my refrigerator, I want to know whether the government might be listening in. If the government can override my personal privacy preferences in the name of safety or national security, I'd like to know
about it. If we're going to have an Internet of Things, I'd call for the same transparency with respect to government surveillance policies that may exist for interconnected consumer devices that I believe should exist for other kinds of electronic surveillance
of citizens that the government may feel is necessary.
Bob Pinheiro
On 6/12/2013 4:24 AM, Joni Brennan wrote: