By Paul Rosenzweig, The George Washington University Law School
The underlying idea is something like the old joke about bacon: How all food is better if you add bacon—bacon on hamburger, bacon with eggs. In many ways, the rush toward Internet connectivity in consumer products is like the bacon impulse—everything, it seems we think, is better once it’s connected to the network in the ever increasing world of the Internet of Things.
During an internet hacker convention, known as DEF CON, two security researchers demonstrated they were able to crack the security on a standard insulin pump. (Image: ArnoldReinhold/Public domain)
Internet-Enabled Automatic Insulin Pump
Imagine a diabetic patient, hypothetically named, David. David’s a retired old man living in Florida. For a number of years, David’s been taking insulin as a way of regulating the sugar levels in his blood. Recently, he got himself a new device. It’s an Internet-enabled automatic insulin pump. He wears it on his hip.
It periodically tests his blood, and he can adjust the insulin dosage either mechanically, or from his mobile phone or tablet. Because the pump is connected to the network, it can also send David’s blood-sugar levels and other test results to his doctor, who can review those results, and make adjustments—without David even going into the office.
The doctor doesn’t have to be in the office either. He could be on the golf course, and use his smartphone to change David’s insulin dosage. This is truly a miracle of modern science. It increases efficiency and gives David more freedom and a better quality of life with respect to his insulin requirements.
This is a transcript from the video series The Surveillance State: Big Data, Freedom, and You. Watch it now, on Wondrium.
During an internet hacker convention in Las Vegas known as DEF CON, two security researchers demonstrated they were able to crack the security on a standard insulin pump—of exactly the sort that David is using.
They demonstrated that they could actually cause the pump to give the wearer a near-fatal dose of insulin. So not only does David have a life-changing, liberating medical device on his hip, he must also come to grips with the fact that he’s carrying around a personal assassination device that could be used to try and kill him.
Learn more about hacking and digital espionage.
Now, when David comes to know about this, he has a very sensible answer. He asks, “Why would anyone want to kill me?” And he continues to wear the new insulin pump.
In effect, David did a cost-benefit analysis of the direct dangers of this new technology and concluded that the near-certain benefits of a better lifestyle and ease of use outweighed the very small possibility that someone might try to kill him using his insulin pump as opposed to say running him down with a car.
The Accusation against Volkswagen
Volkswagen was accused of installing a switch to sense whether it was being tested for federal emissions standards. (Image: damiangretka/Shutterstock)
Devices like David’s insulin pump are changing the nature of how data is collected about us, and how we are informed about the data we’ve determined we need to know.
For instance, the German automaker Volkswagen, was accused by the Environmental Protection Agency of installing a switch or defeat device in supposedly clean-diesel vehicles to sense whether it was being tested for federal emissions standards, and if it was, to automatically switch from polluting to complying.
Nest’s Home Thermostat
There are, it seems, an endless number of ways in which information on the Internet is now collected—new ways that didn’t exist twenty years ago. CCTV cameras, biometric scanners, facial recognition cameras—these are but a few of the newer smart internet devices that collectively we refer to as the Internet of Things.
To take another example: Google has paid $3.2 billion for a little-known company called Nest, which describes itself as an architect of the thoughtful home. What does Nest do, exactly? One of its products is a home thermostat. But the Nest thermostat is considered a smart thermostat. Its program learns your habits and adjusts the thermostat accordingly.
Even more significantly, for our purposes, Nest’s thermostats are tied to the Internet so for example, one can tell it that they are coming home, and to turn on the heat in the house before they get there. It prompts a simple question: Why would Google pay $3.2 billion dollars for a thermostat company? After all, Google began as a company that builds search algorithms.
Well, the Nest thermostat is able to learn as it goes with the objective of helping one reduce the costs of heating and cooling in their home. That also means that Nest comes to know something about them and their family.
Learn more about the commercial collection and use of data.
A Challenge to Our Privacy and Civil Liberties
Nest will learn, for example, that when they leave the house at 7:30 in the morning on a weekday, it should not normally expect them back until 6 o’clock that night. But it will also know that when they leave the house at 7:30 in the morning on Saturday, they’ll be back—just in an hour or so.
Now, multiply that by the number of people in their house and think of all the things Nest might come to know about them. It could learn the school patterns of their children, or grandchildren—when and how they or their spouse travels, or even something about a maid, or a nanny, might have access to the house.
Google now knows it, as well. And they, in turn, can correlate that data with say geolocation information from their use of a navigation app to get to work or to go on vacation. That becomes very valuable information.
This is, thus, a textbook example of the proliferation of Internet of things. Eventually, these devices will profoundly change how we manage our lives and create even greater challenges not only to our privacy but also to our civil liberties.
Common Questions about the Proliferation of Internet of Things
Q: How does an internet-enabled automatic insulin pump work?
The internet-enabled automatic insulin pump periodically tests blood, allowing one to adjust the insulin dosage either mechanically, or from a mobile phone or tablet.
Q: What happened during an internet hacker convention in Las Vegas?
During an internet hacker convention in Las Vegas known as DEF CON, two security researchers demonstrated they were able to crack the security on a standard insulin pump.
Q: How does an internet-enabled automatic insulin pump help doctors?
As the pump is connected to the Internet, it can also send the blood-sugar levels and other test results to doctors, who can review those results, and make adjustments.