Menu

Wearable devices pose threats to privacy and security

GoogleGlassAP.jpg

AP Photo

Wearable technology is going mainstream. Consulting firm Deloitte predicted recently there will be 100 million wearable cameras, smartwatches, fitness trackers and other gadgets on the market by 2020. The analyst firm Canalys says there could be as many as 17 million smartwatches sold this year alone.

Cameras like the Narrative and Autographer snap photos automatically during the day; the Samsung Galaxy Fit has a sleek touch display and tracks your steps; Google Glass creates an interface in front of you, showing a map and your email as pop-ups.

But this explosive growth in wearables could lead to a security nightmare, many experts say. When you wear a gadget on your clothes, your wrist, around your neck or right in front of your eyes, you’re letting everyone know you own it, making you an easy target for hackers. Even worse, wearable gadgets that snap photos, shoot videos and record your location in public places have the potential to strip away the already diminishing privacy of others.

“Wearable gadgets will be banned in courts, hospitals, law offices, government buildings, public bathrooms, schools and anyplace where confidentiality is important,” says consumer analyst Rob Enderle of the Enderle Group in San Jose, Calif. “The problem will quickly become how you identify folks using them as they become far more concealable.”

There is a Catch-22 to wearable technology, Enderle says. Companies like Google and Samsung know wearables have to be dead-simple for consumers who want easy access to things like email – not multiple steps of authentication and complex passwords. But that simplicity means the devices are not very secure.

With the Narrative camera, for example, a hacker could determine the location of a business executive during a cloud backup and expose insider information about a business deal based on the GPS tracking, said Joe Siegrist, CEO and founder of the password management company LastPass.

And the potential for abuse is even worse for the Samsung Fit, he said.

“Imagine figuring out that your partner is having an affair with a secretary based on GPS location of their office,” he said. “You could see that your partner is not in motion, while their heart rate follows a specific pattern typically seen while having sex.”

He said people will have to remember to put the gadgets away during awkward conversations, or to take them out when things get interesting.

Protecting the consumer

But not everyone is worried about privacy. “At some point, social change will lead to acceptance,” said J. P. Gownder, research analyst and vice president of tech research firm Forrester. “The reality is that we already live in a panopticon already, and smartphones record all sorts of behaviors. People will adjust.”

Gownder says a few simple changes could help ease people’s minds. With Google Glass, for example, a simple flashing light could let everyone know you are recording.

But privacy issues may be less serious than security issues, because no tech gadget is 100 percent hacker-proof.

Several wearable tech companies have taken steps to avoid security problems. Martin Kallstrom, CEO of Narrative, says users are required to register their e-mail and create complex passwords, because just wearing the device makes it visible as a recording gadget.

Google released a public statement about Google Glass: “We take security very seriously, and we put simple but strong protections in place for Glass users.” A company spokesman told FoxNews.com that Glass is designed for short interactions in public, and the lens screen lights up when it is in use.

Can the problem be solved?

IDC analyst Bryan Ma argues that the solution to wearable tech privacy is to use them mostly in commercial settings -- such as a construction crew that needs to learn a procedure or snap building photos. In those settings, privacy is already tightly controlled. However, that’s not going to solve the problem of unethical hacking into consumer devices to steal data.

Enderle says wearable tech privacy and security will only get worse, in fact, as the gadgets become more concealed in our clothing, more powerful, and yet do not rely on strong encryption technology or authentication.

Security expert Winn Schwartau even suggests that the companies who make wearable tech don’t care that much about privacy and security. “Whether it is Apple or Nike, they are going to screw this up.”  

Says Tony Bradley, an analyst with Bradley Strategy Group in Houston: “We should be vigilant about potential threats and use common sense about which companies or services are trusted to access or store sensitive personal information, and think twice about installing apps or allowing third-party companies to access information on wearable devices.”

In the end, there’s a clear warning: as wearables become more popular, they become a bigger target for abuse. Companies like Google, Samsung, and Apple should start with tight security, not add it on later.