Abstract
The growing use of computer technologies, devices and communication platforms in everyday life create a paradox. The Internet-of-Things (IoT) based on interconnected devices makes everyday life smarter, more convenient and more efficient and everyone benefits from this technological development, albeit with little understanding of the security concerns. The increased use of the Internet-of-Things migrates away from the laptop, the tablet and the smartphone, and the security features on these internets linked devices such as GPSs, VRDs, cameras, cars, businesses and home automation, sensors and alarm systems lag far behind. Smart devices or the Internet-of-Things are not sufficiently updated, and security measures are lacking, which creates a surveillance wonderland for several actors. The European General Data Protection Regulation (GDPR) was introduced in 2018, and the regulation established rules for data processing and controlling of identifiable personal data. Despite this regulation, data collection is booming for various reasons. Due to the lack of transparency about data collection, the online IoT users are often unable to identify the countless number of actors involved in the data collecting and processing procedures despite the transparency requirement in the GDPR. This chapter focuses on the challenges related to the IoT market and the security of the devices. The predominant focus is on smart TVs and the use of surveillance measures in a public and private context. The chapter discusses the security problems related to the Internet-of-Things, the lack of regulation and awareness of the security threat.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Berkman Centre for Internet and Society (BCIS). (2016). Don’t Panic. Making Progress on the “Going Dark” Debate [Online] Available at: https://cyber.harvard.edu/pubrelease/dont-panic/Dont_Panic_Making_Progress_on_Going_Dark_Debate.pdf [Accessed 12 October 2019].
Bradley, T. (2018, March 3). Security Experts Weigh in on Massive Data Breach of 150 Million MyFitnessPal Accounts [Online] Available at: https://www.forbes.com/sites/tonybradley/2018/03/30/security-experts-weigh-in-on-massive-data-breach-of-150-million-myfitnesspal-accounts/#7f9968cd3bba [Accessed 15 August 2019].
Brandom, R. (2017, April 24). Here’s How to Use the CIA’s ‘weeping angel’ Smart TV Hack [Online] Available at: https://www.theverge.com/2017/4/25/15421326/smart-tv-hacking-cia-samsung-weeping-angel-vulnerability [Accessed 12 October 2019].
Cimpanu, C. (2017, March 29). About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals [Online] Available at: https://www.bleepingcomputer.com/news/security/about-90-percent-of-smart-tvs-vulnerable-to-remote-hacking-via-rogue-tv-signals/ [Accessed 13 October 2019].
CNet. (2018, September 28). California Governor Signs Country’s First IoT Security Law [Online] Available at: https://www.cnet.com/news/california-governor-signs-countrys-first-iot-security-law/ [Accessed 15 August 2019].
Costello, S. (2019, September 7). Smart TV Security: What You Need to Know [Online] Available at: https://www.lifewire.com/what-you-need-to-know-about-smart-tv-security-4768087 [Accessed 13 October 2019].
CSA. (2018). Recommendations for IoT Firmware Update Processes [Online] Available at: https://downloads.cloudsecurityalliance.org/assets/research/internet-of-things/recommendations-for-iot-firmware-update-processes.pdf [Accessed 10 November 2019].
Dennis, J. (2014, August 14). The Internet of Things: Highlighting the Legal Issues [Online] Available at: http://www.gordondadds.com/insights/the-internet-of-things-highlighting-the-legal-issues/ [Accessed 14 August 2019].
Department for Digital, Culture, Media & Sport (DDCMS). (2018). Secure by Design: Improving the Cyber Security of Consumer Internet of Things Report [Online] Available at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/775559/Secure_by_Design_Report_.pdf [Accessed 9 November 2019].
Department for Digital, Culture, Media & Sport (DDCMS). (2019a, June 6). Secure by Design [Online] Available at: https://www.gov.uk/government/collections/secure-by-design [Accessed 15 August 2019].
Department for Digital, Culture, Media & Sport (DDCMS) (2019b, June 4). ETSI Industry Standard Based on the Code of Practice [Online] Available at: https://www.gov.uk/government/publications/etsi-industry-standard-based-on-the-code-of-practice [Accessed 16 August 2019].
ENISA. (2014). Privacy and Data Protection by Design—From Policy to Engineering [Online] Available at: https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design [Accessed 9 November 2019].
ENISA. (2017). Defining and Securing the Internet of Things: ENISA Publishes a Study on How to Face Cyber Threats in Critical Information Infrastructures [Online] Available at: https://www.enisa.europa.eu/news/enisa-news/defining-and-securing-the-internet-of-things [Accessed 9 November 2019].
ENISA. (2018). Good Practices for Security of Internet of Things in the Context of Smart Manufacturing [Online] Available at: https://www.enisa.europa.eu/publications/good-practices-for-security-of-iot [Accessed 16 August 2019].
ENISA. (2019). Industry 4.0 Cybersecurity [Online] Available at: https://www.enisa.europa.eu/publications/industry-4-0-cybersecurity-challenges-and-recommendations [Accessed 16 August 2019].
EU GDPR. (2019). GDPR Key Changes [Online] Available at: https://eugdpr.org/the-regulation/ [Accessed 9 November 2019].
European Commission. (2019). Digital Single Market [Online] Available at: https://www.enisa.europa.eu/publications/good-practices-for-security-of-iot [Accessed 18 August 2019].
European Union. (2016). Regulation (EU) 2016/679 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of such Data, and Repealing Directive 95/46/EC (Data Protection Directive) [Online] Available at: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN [Accessed 9 November 2019].
Gartner. (2017, February 7). Gartner Says 8.4 Billion Connected “Things” Will Be in Use in 2017, Up 31 Percent From 2016 [Online] Available at: https://www.gartner.com/newsroom/id/3598917 [Accessed 16 March 2018].
Gov.UK. (2016). Investigatory Powers Act [Online] Available at: https://www.gov.uk/government/collections/investigatory-powers-bill [Accessed 8 February 2020].
Harding, L. (2014). The Snowden Files. London: The Guardian Books, Faber & Faber.
Hollister, S. (2017, March 8). Weeping Angel: Did the CIA Really Hack into TVs? [Online] Available at: https://www.cnet.com/news/weeping-angel-hack-samsung-smart-tv-cia-wikileaks/ [Accessed 13 October 2019].
Holt, T. J., Bossler, A. M., & Siegfried-Spellar, K. C. (2018). Cybercrime and Digital Forensics: An Introduction. Abingdon: Routledge.
Information Commissioner’s Office (ICO). (2020). Data Protection by Design and Default [Online] Available at: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/data-protection-by-design-and-default/ [Accessed 9 February 2020].
ITU, 2019. Internet of Things Global Standards Initiative. [Online] Available at: https://www.itu.int/en/ITU-T/gsi/iot/Pages/default.aspx [Accessed 09 11 2019].
Kan, M. (2016, October 26). DDoS Attack on Dyn Came from 100,000 Infected Devices [Online] Available at: https://www.computerworld.com/article/3135434/security/ddos-attack-on-dyn-came-from-100000-infected-devices.html [Accessed 9 June 2019].
Liberty. (2020). The Snooper’s Charter [Online] Available at: https://www.libertyhumanrights.org.uk/human-rights/privacy/snoopers-charter [Accessed 8 February 2020].
Lyon, D. (2015). Surveillance after Snowden. Cambridge, UK: Polity Press.
MacAskill, E., Thielman, S., & Oltermann, P. (2017, March 7). WikiLeaks Publishes ‘Biggest Ever Leak of Secret CIA Documents’ [Online] Available at: https://www.theguardian.com/media/2017/mar/07/wikileaks-publishes-biggest-ever-leak-of-secret-cia-documents-hacking-surveillance [Accessed 13 October 2019].
Montalbano, E. (2019, September 19). Smart TVs, Subscription Services Leak Data to Facebook, Google [Online] Available at: https://threatpost.com/smart-tvs-leak-data/148482/ [Accessed 12 October 2019].
Munk, T. (2018). Policing Virtual Spaces: Public and Private Online Challenges in a Legal Perspective Den Boer. In Monica (Ed.), Comparative Policing from a Leal Perspective. Cheltenham: Edward Elgar.
Murgia, M. (2019, September 18). Smart TVs Sending Private Data to Netflix and Facebook [Online] Available at: https://www.ft.com/content/23ab2f68-d957-11e9-8f9b-77216ebe1f17 [Accessed 8 February 2020].
Ng, A. (2019, October 12). As Smart TVs Become the Only Option, Your Privacy Choices Fizzle Out [Online] Available at: https://www.cnet.com/news/as-smart-tvs-become-the-only-option-your-privacy-choices-fizzle-out/ [Accessed 12 October 2019].
President Committee Advisor for Science and Technology (PCAST). (2014). Report to the President Big Data and Privacy: A Technological Perspective [Online] Available at: https://bigdatawg.nist.gov/pdf/pcast_big_data_and_privacy_-_may_2014.pdf [Accessed 16 August 2019].
PrivSec Report. (2018, March 6). The Data Protection Directive Versus the GDPR: Understanding Key Changes [Online] Available at: https://gdpr.report/news/2018/03/06/data-protection-directive-versus-gdpr-understanding-key-changes/ [Accessed 9 November 2019].
Perez, S. (2020, January 6). Fire TV Edition Expands to More Soundbars, Plus Cars, Cable Boxes and More [Online] Available at: https://techcrunch.com/2020/01/06/fire-tv-edition-expands-to-more-soundbars-plus-cars-cable-boxes-and-more/ [Accessed 8 February 2020].
Raja, A. (2019, March 6). IoT Security by Design [Online] Available at: https://www.iotforall.com/iot-security-by-design/ [Accessed 15 August 2019].
Rosner, G., & Kennealy, E. (2018). Clearly Opaque: Privacy Risks of the Internet of Things [Online] Available at: https://www.iotprivacyforum.org/wp-content/uploads/2018/06/Clearly-Opaque-Privacy-Risks-of-the-Internet-of-Things.pdf?d8bd54&d8bd54 [Accessed 14 August 2019].
Rouse, M. (2018). IoT Devices (Internet of Things Devices) [Online] Available at: https://internetofthingsagenda.techtarget.com/definition/IoT-device [Accessed 7 February 2020].
Samsung (2019). Samsung Global Privacy Policy - SmartTV Supplement [Online] Available at: https://www.samsung.com/uk/info/privacy-SmartTV/ [Accessed 8 November 2019].
Senate Armed Service Committee (SASC). (2016). Statement for the Record. Worldwide Threat Assessment of the US Intelligence Community [Online] Available at: https://www.armed-services.senate.gov/imo/media/doc/Clapper_02-09-16.pdf [Accessed 12 October 2019].
Simberkoff, D. L. (2016, August 17). Privacy and Security by Design: The New Default under GDPR [Online] Available at: https://www.avepoint.com/blog/protect/privacy-and-security-by-design-gdpr/ [Accessed 9 November 2019].
Storm, D. (2016a, February 10). Government May Tap into Your IoT Gadgets and Use Your Smart Devices to Spy on You [Online] Available at: https://www.computerworld.com/article/3032172/government-may-tap-into-your-iot-gadgets-and-use-your-smart-devices-to-spy-on-you.html [Accessed 13 October 2019].
Storm, D. (2016b, February 1). Going Dark Debunked: Boundless Surveillance Opportunities via the Internet of Things [Online] Available at: https://www.computerworld.com/article/3028077/going-dark-debunked-boundless-surveillance-opportunities-via-the-internet-of-things.html [Accessed 13 October 2019].
Stouffer, K. et al. (2017). Cybersecurity Framework Manufacturing Profile [Online] Available at: https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8183.pdf [Accessed 15 August 2019].
Tene, O. (2011, February 1). Privacy: The New Generations [Online] Available at: https://doi.org/10.1093/idpl/ipq003 [Accessed 14 August 2019].
The Guardian. (2013). NSA Files: Decoded [Online] Available at: https://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa-files-surveillance-revelations-decoded#section/1 [Accessed 8 November 2019].
The US Department of Homeland Security. (2016). Strategic Principles for Securing the Internet of Things [Online] Available at: https://www.dhs.gov/sites/default/files/publications/Strategic_Principles_for_Securing_the_Internet_of_Things-2016-1115-FINAL….pdf [Accessed 14 August 2019].
Thielman, S. (2016, February 10). The Internet of Things: How Your TV, Car and Toys Could Spy on You [Online] Available at: https://www.theguardian.com/world/2016/feb/10/internet-of-things-surveillance-smart-tv-cars-toys [Accessed 12 October 2019].
Towers-Clark, C. (2019, May 2). Forbes [Online] Available at: https://www.forbes.com/sites/charlestowersclark/2019/05/02/uk-to-introduce-new-law-for-iot-device-security/#f8f37c3579dd [Accessed 16 August 2019].
Weber, R. H., & Studer, E. (2016). Cybersecurity in the Internet of Things: Legal Aspects. Computer Law and Security Review, 32, 715–728.
Willcox, J. K. (2019, September 27). How to Turn Off Smart TV Snooping Features [Online] Available at: https://www.consumerreports.org/privacy/how-to-turn-off-smart-tv-snooping-features/ [Accessed 13 October 2019].
Yar, M., & Steinmetz, K. F. (2019). Cybercrime and Society (3rd ed.). London: Sage.
Zittrain, J. (2016, February 1). The Good News and the Troubling News: We Are Not Going Dark [Online] Available at: https://www.lawfareblog.com/good-news-and-troubling-news-were-not-going-dark [Accessed 12 October 2019].
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s)
About this chapter
Cite this chapter
Munk, T. (2021). The Internet-of-Things: A Surveillance Wonderland. In: Owen, T., Marshall, J. (eds) Rethinking Cybercrime. Palgrave Macmillan, Cham. https://doi.org/10.1007/978-3-030-55841-3_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-55841-3_10
Published:
Publisher Name: Palgrave Macmillan, Cham
Print ISBN: 978-3-030-55840-6
Online ISBN: 978-3-030-55841-3
eBook Packages: Law and CriminologyLaw and Criminology (R0)