Cutting-edge surveillance tech took center stage at the Consumer Electronics Show in Las Vegas, Nevada this past week. But just as many tech enthusiast praised the technology as something to marvel, privacy advocates voiced concern.
Many security experts are sounding the alarm that the annual tech show’s emphasis on smart cameras and facial recognition is glorifying a dangerous surveillance culture. They believe CES, an annual lovefest for gadgets and innovation, should have focused less on hype and more on the security and privacy implications of new surveillance features unveiled at the show.
It’s not hard to understand why privacy activists are getting the jitters. Among a bevy of surveillance cameras in the CES spotlight was a mass-market ($90) Blurams smart doorbell that uses AI and facial recognition to send a text-based alert to homeowners about who is at the door – be it a recognizable face or a delivery person.
Also buzzing around the CES show floor was Sunflower Labs’ Bee autonomous drone. The company claims it’s the first residential “autonomous security drone” that can detect motion and then autonomously fly to the activity and report on it.
When it comes to surveillance technology, “It is no longer just a matter of protecting people’s freedom or dignity, but of controlling the commercial use of the personal data that the people themselves have agreed to transfer,” said Rui Lopes, engineering and technical support manager at Panda Security told Threatpost in an email.
Facial Recognition Goes Mainstream
Surveillance cameras have emerged as hot products, particularly with rapid developments in facial recognition technology, which is being actively used by police forces and even at the White House. In 2017, U.S. Customs and Border Protection launched a “Traveler Verification Service” that applies face recognition to all airline passengers, including U.S. citizens, boarding flights exiting the United States. China has also launched several artificial intelligence-enabled surveillance applications this year.
The popularity of surveillance devices was clear at CES. Among the products on the show floor were three new “Blue by ADT” smart cameras and doorbells.
Smart home security company abode systems also unveiled a new smart camera for both indoor and outdoor use, which uses “computer vision” to tell authorized users apart from unauthorized ones, as well as alert users of strangers and intruders ($199).
Data Disaster Waiting to Happen
While the use of security cameras are booming, critics point to privacy issues with various aspects of surveillance, such as facial recognition and the issue of consent. Products on display at the CES show floor have had their own security and privacy issues.
IoT camera maker Wyze, on display at the CES showfloor, in December came into hot water after one of its Elasticsearch databases was exposed and leaking connected device information and emails of millions of customers. And, multiple high-severity vulnerabilities have also been discovered in Amazon-owned Blink XT2 security camera systems –previously launched at CES 2018 –which if exploited could give attackers complete control over them.
Concerns also exist around the privacy of the subjects being captured by security cameras. Ring connected devices have also had their share of concerns, including several disturbing stories emerging in December about hackers hijacking Ring devices and talking to strangers through them, as well as concerns around Ring’s acknowledgement that it’s partnering with more than 600 police departments across the country to allow them to request access to camera footage from camera owners.
Ramping up to Regulate
Beyond these products, the privacy implications of connected cameras is top of mind for regulators, and already San Francisco and Somerville, MA have both passed bans on facial recognition. Others in the tech space, such as Microsoft, have called for regulation of the technology, citing heightened concerns around privacy and consent.
The California Senate meanwhile in 2019 passed a bill (in a 22-15 vote) banning the use by law enforcement of body cams that use facial recognition. The bill states that police officers and agencies will be “prohibited from installing, activating or using any biometric surveillance system in connection with an officer camera or data collected by an officer camera.”
While CES has historically shied away from privacy, the topic had a larger presence at this year’s show, with several panels (including “Chief Privacy Officer Roundtable: What Do Consumers Want?” hosted by execs at Apple, Facebook and more) touching on privacy. Looking to the year ahead, security experts say that consumers always need to keep data privacy in mind when purchasing products.
“As we become conditioned to accepting the consequences of using these technologies in exchange for the value they bring to our lives, we need to continue holding the product developers accountable for keeping our data safe,” Jack Mannino, CEO at nVisium, said in an email to Threatpost.
Concerned about mobile security? Check out our free Threatpost webinar, Top 8 Best Practices for Mobile App Security, on Jan. 22 at 2 p.m. ET. Poorly secured apps can lead to malware, data breaches and legal/regulatory trouble. Join our experts to discuss the secrets of building a secure mobile strategy, one app at a time. Click here to register.