- Google Glass tracks your eye movements and makes data requests based on where you're looking. This means the device collects information without active permission. Eye movements are largely unconscious and have significant psychological meanings. For example, eye movements show who you're attracted to and how you weigh your purchase options when shopping.
- How many of you will turn off your Glass while punching in your PIN? How about when a person's credit card is visible from the edge of your vision? How about when opening your bills, filing out tax information, or filing out a health form? Remember that computers can recognize numbers and letters blazingly fast - even a passing glance as you walk past a stranger's wallet can mean that the device on your face learns her credit card number. All of this information can be compromised with a security breach, revealing both the information of the one using Glass and the people they surrounds themselves with.
- On July 4th 2013, Chris Barrett, a documentary filmmaker, was wearing Glass for a fireworks show in Wildwood, N.J., when he happened upon a boardwalk brawl and subsequent arrest. The fact the glasses were relatively unnoticeable made a big difference: "I think if I had a bigger camera there, the kid would probably have punched me," Barrett told. The hands-free aspect of using Glass to record a scene made a big difference.
Privacy is entering a time of flux, and social norms and legal systems are trying to catch up with the changes that digital technology has brought about. Privacy is a complex construct, influenced by many factors, and it can be difficult to future-proof business plans so they keep up with evolving technological developments and consumer expectations about the topic.
One way to ensure there are no surprises around privacy is by seeing it not as a right, but rather as an exchange between people and organizations that is bound by the same principles of trust that facilitate effective social and business relationships. This is an alternative to the approach of ‘privacy as right,’ that instead positions privacy as a social construct to be explicitly negotiated so that it is appropriate to the social context within which the exchange takes place.
The lengthy privacy policies, thick with legalese that most services use now will never go away, but better controls will probably emerge. Whatever the tools are used to protect and collect personal data in the future, it will be important for companies like Facebook and Google to educate their consumers and to provide them with options for all levels of privacy.
Yves will be addressing these issues and others at the 2013 European Computer Audit, Control and Security (EuroCACS) / Information Security and Risk Management (ISRM) conference that will take place at Hilton London Metropole on the 16th - 18th September 2013.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.