Consumer electronics products are expected to hit the market this year with a number of innovations. In particular, it is clear that the combination with artificial intelligence is becoming a major trend and establishing itself in this field. In addition, they do not pay much attention to privacy and data security.
[보안뉴스=네이트 넬슨 IT 칼럼니스트] Computers and phones store much of our most sensitive information. It’s full of things you don’t want to show others, such as financial information, photos, and text messages you’ve exchanged with someone. However, a product that gives a dizzying feeling that is not like losing a computer or phone appeared at CES this year. This is a bathroom mirror equipped with artificial intelligence.
[이미지 = gettyimagesbank]
At CES 2024 held in Las Vegas, USA this week, all kinds of amazing products appeared and caught the attention of visitors. But among them, Bmind Smart Mirror stood out. It is a mirror with advanced technologies such as natural language processing, generative artificial intelligence, and computer vision, and it can understand facial expressions, gestures, and even the words of the person looking into it. The manufacturer explains that this mirror was created for psychotherapy purposes. Thanks to a mirror that speaks kind and warm words, people’s stress is relieved, their mood improves, and the quality of their sleep improves. It is even said that you can enjoy a kind of ‘mild’ psychological counseling effect.
Such effects may or may not be real. But what is certain is that this equipment remembers all the frizz, skin problems, and the faces reflected at ‘awkward’ angles in the mirror. It is not unlikely that associated data is stored somewhere in an unstable state. That place could be the manufacturer’s server or a public cloud.
Today’s consumer electronics manufacturers tend to promote their products with a significant emphasis on privacy and security. But beyond that, modern technologies usually collect a lot of data from users. Although aspects of privacy and security have certainly been strengthened, the increase in data taken far outweighs the improvement. In particular, this phenomenon is becoming more evident as artificial intelligence is placed here and there. This is because the technology known as artificial intelligence itself requires a large amount of data. However, we do not yet have a legal basis to stop the actions of these manufacturers. That’s why items that seem so obvious to invade privacy appear at events like CES.
Various devices and privacy based on artificial intelligence
Sylvain Guilley, CTO of security company Secure-IC, said, “We all know how much of a threat to our society is stealing sensitive user information from devices with cutting-edge technology.” He said. “How many devices with artificial intelligence are coming out these days? Because artificial intelligence must be used, data usage will be incredibly high. Manufacturers do not necessarily strengthen security to the maximum. “Attackers eagerly welcome these devices as they continue to appear on the market.”
When manufacturers develop cutting-edge equipment, they do not yet take security seriously. There is no noticeable improvement in performance when focusing on security or privacy, but this is because the budget has to be increased. “But there are definitely benefits to be gained from increased security and privacy. That means we can reduce the potential for users to use artificial intelligence incorrectly.”
Nick Amundsen, product manager at security company Keeper Security, has a similar view. “We have to be very careful in providing artificial intelligence to our users. This is because artificial intelligence models are created by absorbing all kinds of data. The data that users input has a clear impact on artificial intelligence. “Artificial intelligence is a demanding technology to fully open up to consumers.”
Meanwhile, to assuage users’ concerns, BeMind explained in a promotional blog post on January 6 that Smart Mirror “collects information without invasive technology,” and that its underlying operating system, ‘CareOS,’ “”It is a privacy protection platform that stores personal information locally and does not share it with any party without the user’s specific request and consent,” he claimed.
Legal mechanisms are still significantly lacking.
However, not every device on display at this year’s CES event promises ‘privacy protection’. Because there’s no need for that. In the United States, there are few personal information protection laws that consumer electronics manufacturers must comply with. While there are protection laws for health data (HIPAA), financial data (GLBA), and government data (Privacy Act of 1974), there are still no laws directly regulating consumer IoT or artificial intelligence, according Loyola University of Chicago School Law Professor Charlotte Tschider notes:
Aware of this problem, the White House announced last July a cybersecurity labeling program for smart devices. The intention was to motivate manufacturers to build security from the design stage into the making and sale of equipment, but it was not mandatory.
The IoT Cybersecurity Improvement Act of 2020 and California Senate Bill 327 specify the security essentials for connected devices, and the Illinois Biometric Information Privacy Act (BIPA) covers devices such as the usual iPhone It directly targets smart mirrors. But the biggest thing connected device manufacturers should keep in mind is the Children’s Online Privacy Protection Act (COPPA).
COPPA was designed to help give parents more control over what information companies can collect from children. “COPPA is one of the toughest laws,” Amundsen said. “Companies may not realize they are coming under the influence of COPPA when they launch connected products and products with AI capabilities, but that does not remove their responsibility to comply with COPPA.”
The first IoT electronics company to learn these lessons was Hong Kong consumer electronics manufacturer VTech. The Federal Trade Commission (FTC) in 2018 accused an app called Kid Connect of “collecting personal information from children without direct parental notification and consent and failing to take reasonable steps to secure and secure the data it collected.” He was ordered to pay a fine of $650,000 a year.
The fine itself was not that big for a company called Vtech to pay. But the incident reminded manufacturers everywhere that America’s most effective tool for regulating data privacy in modern consumer devices is a law created 25 years ago. Of course, this only applies to users under 13 and is not perfect. Therefore, more devices are needed.
The law still needs to be improved
“There is nothing in COPPA that actually strengthens privacy obligations,” Chaider said. “So there are still many devices on the market that are not fully equipped or hardened with privacy protection features. This is because it is cheaper to pay a fine when something goes wrong than to invest in something like that. Although fines are undesirable, companies believe it is better than investing in personal information or privacy. And COPPA inadvertently informs that opinion. “It needs a more stringent review.”
Meanwhile, Chaider said, “The current personal information protection model is based on user or parental consent,” and criticized it as “a bit useless.” “Few users carefully read and understand the company’s regulations or notices related to personal information. There are too many items. It would take more than 100 days a year to read all the privacy notices and regulations. Therefore, approaching the personal information protection team by saying, ‘We have provided information, and users read it and agree to it, so there is no problem’ turns a blind eye.”
So Chaider believes that the Health Insurance Portability and Privacy Act (HIPAA) and cybersecurity regulations related to financial services in New York State should be used as good references. “There are also good laws in other continents, regions and countries that can be referred to. The Internet of Things and artificial intelligence are rapidly converging, but the law should not be too sluggish or hold on to ineffective regulations.”
Written by Nate Nelson, IT Columnist
[국제부 문정후 기자(globoan@boannews.com)]
www.boannews.com) Reproduction and redistribution is prohibited >
#주말판 #CES #home #appliances #peak.. #data #privacy #security
