Most of us feel safe and secured when we’re at home.  But how safe are we from prying eyes when it comes to the onslaught of connected devices expected to invade our homes in the coming years?

CIA sees all

With the dawn of smart homes, you’d think that your life would be a lot easier.  Like your refrigerator telling you you’re running out of ice cream and ordering another pint of Chunky Monkey for you, or your washing machine telling you which laundry detergent to use for a particular garment’s type of fabric.    But what if all this extra data running through your home’s devices, your privacy ends up compromised?

While talking at a summit earlier this month for In-Q-Tel, the Central Intelligence Agency’s venture capital firm, CIA Director David Petraeus expressed his excitement over having all your household devices being used for spying.

“Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters — all connected to the next-generation internet using abundant, low-cost, and high-power computing,” Petraeus said, “the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing.”

These connected devices can be used for spying just by gathering geolocation data.  Though the CIA has restrictions when it comes to spying, gathering geolocation data is a different matter, especially after the 2008 carve-outs to the Foreign Intelligence Surveillance Act.

But that’s not the only thing intriguing Petraeus about the internet of things; he also wants to use this technology in creating new online identities for his undercover spies and sweeping away the “digital footprints” of agents who suddenly need to vanish.

But creating new identities for his agents is quite difficult, since proud parents are quick to announce that their sons will be CIA agents on social media platforms.  But social media isn’t such a downfall for the CIA, and it turns out Facebook’s new Timeline can help.  Petraeus is especially happy with Facebook’s Timeline since it tells almost the complete story of your life, including your activity in the various locations you’ve been to.  It helps to easily create a new identity by backdating or filling in new items for every year.

Organized spying? 

In July of last year, the Motion Picture Association of America, Recording Industry Association of America and other copyright holders, have signed an agreement with AT&T, Cablevision, Comcast, Time Warner Cable and Verizon to curb piracy.  The agreement stated that the ISPs agree to send “copyright alerts” to subscribers whose Internet connections are used for copyright infringement.  Repeat offenders will not be disconnected from the Internet, but could be slowed down instead.

Most people laugh at the notion, but seriously, were they just giving out an empty threat to ward off pirates?  Apparently not.

According to RIAA CEO Cary Sherman, the ISPs are still on board with the program and it will be implemented by July 1, 2012.

“Each ISP has to develop their infrastructure for automating the system,” Sherman said. They need this “for establishing the database so they can keep track of repeat infringers, so they know that this is the first notice or the third notice. Every ISP has to do it differently depending on the architecture of its particular network. Some are nearing completion and others are a little further from completion.”

So how does this work?  The “graduated response” program requires ISPs to send out one or two educational notices that informs their customers that they are being accused of downloading copyrighted content illegally.  If the customer ignores their warnings, the ISP sends out “confirmation notices” asking their customer to confirm if they have received previous notices, while also informing the customer of the risks they incur if they don’t stop pirating material.  If the customer doesn’t stop pirating materials on the web, the ISPs can choose from a list of penalties, or what the RIAA calls “mitigation measures,” which include throttling down the customer’s connection speed and suspending Web access until the subscriber agrees to stop pirating, pressuring the customer to comply.  If their customer complies, then the mitigating measures can be waived by the ISPs.

Previous anti-piracy measures were of course trashed, and it will be interesting how pirates, hackers and hacktivists will react to the RIAA and ISPs looking at their customers’ web activities.

photo credit: Pensiero via photopin cc