Face Computers: Privacy Violation by Pupil Dilation? 

Smartwatches, holograms, self-driving vehicles — we may have just rung in the year 2022, but here on Earth, we’ve started to live (blindly) like the Jetsons in 2062. The latest technological advancement coming out of Orbit City, err, Silicon Valley is the face computer, wearable tech that will plunge users into the notorious “metaverse.” 

Just saying the word metaverse makes me throw up a little in my mouth. Though similar technology has been in the works for quite some time, rumor has it that Apple may be launching an augmented reality headset (face computer) sometime soon. And where Apple goes, hundreds of millions of followers go. I am one of them. So, what does this mean for you and me? 

Is it time to embrace the next gen digital lifestyle à la the Jetsons? Well, you might want to pause before strapping into a newfound face supercomputer and diving headfirst into the metaverse. Here’s what the rise of face computers may mean for your privacy, and how we should begin to implement boundaries that protect both our data and our security… before it’s too late. 

Pitfalls of Not Prioritizing Privacy 

As a society, we often become distracted by all of the fancy bells and whistles advertised by emerging technology and software programs. We watch a two-minute highlight reel of the ‘latest thing,’ whether it’s a new smartphone or social media network, and hop right in — reserving the hard-hitting questions for later.

Historically, that’s never worked out well. When we embrace new technology first and lay the ground rules for it second, we essentially open ourselves to inherent privacy risks. Don’t believe me? Think about Facebook and Instagram, which are both continuously under fire for predatory practices surrounding user data, yet 1.93 billion people use the platforms every day regardless. 

When privacy and security concerns take a backseat, the decisions surrounding new technology are ultimately driven by the technology companies themselves — much like we see with Meta, the Facebook parent company. Even when we do engage with the company, like by deactivating our accounts or signing public petitions, we don’t engage with the same robust financial backing of the organization, and consequently the deep pockets of Big Tech completely drown out our voice. 

Want the government to step in? Well, Congress has passed a few cybersecurity bills; however, the majority focus on emerging malware risks and other data breaches helmed by cybercriminals… not face computers. And as we can see with the media frenzy surrounding the Facebook whistleblower trial, Congress is not currently in a place where they will legislate in a bipartisan way on solutions. 

Potential Implications of a Face Computer 

So, what is the worst thing that could happen if we all strapped into a new face supercomputer with little to no restrictions? Picture it as having an Alexa device that doesn’t just listen to your every conversation, but also tracks your autonomic responses, like pupil dilation, respiratory rate and pulse. Then, your device sells that data to the third-party highest bidder for incredibly targeted advertising, which is then inevitably breached by Russian or Chinese state-sponsored hackers who are paid to gather every detail about every American they can. 

Does your heart rate speed up when you look at the Tesla website? They’ve learned what’s on your gift wishlist. Does your favorite politician make your pupils dilate? Get ready for an onslaught of political advertisements. From a privacy and security lens, these face supercomputers operate more like a biometric movie like the Matrix than they do a helpful media device. 

Prepare for Marketing in the Metaverse 

Face computers are poised to be the entryway into the highly prophesied metaverse. A metaverse is a fully-functioning virtual universe that allows real users to create, sell, own, and invest using personalized digital avatars. These virtual universes are always active and adhere to real-world timing, so the more users are involved, the more the metaverse will expand and evolve.

If you have a child or are partial to ‘sandbox style’ games, like Grand Theft Auto or Roblox, you’re already familiar with a type of metaverse. As virtual and augmented reality technologies become more popular, metaverses are penetrating the internet, with the folks at Meta predicting that the worldwide web will eventually transition into the ‘worldwide metaverse.’ 

As you could predict, advertisers are already hard at work infiltrating various metaverses. For instance, Bidstack, a video game ad tech company, has begun placing company ads on virtual billboards across games like Roblox and Fortnite. Even navigation platforms like Waze have gotten in on the action, delivering ads for brick-and-mortar businesses based on the route a driver takes. 

How to Prepare Now, So We Don’t Suffer Later

None of the above information is meant to intimidate you. In fact, it’s quite the opposite. In the cybersecurity industry, knowledge is power. The more we know and prepare for the introduction of face computers, the more we can implement ground rules that protect our right to privacy. I’m not in any way categorically rejecting the advent of face computers; I’m saying that we need to put limits on how our personal biometric data is collected, analyzed and sold. 

We should not delay educating ourselves and others about the potential impacts of this technology. Here’s how we can prepare for face supercomputers on an individual, company, and societal level.

1. Start with Background Education 

Threat trends are consistently evolving. From ransomware to the Internet of Things, most people are unaware of how privacy and security concerns shift with each type of technology introduced. When it comes to the latest data security threats, you can’t possibly do everything — but you must do the right things, starting with self-education. 

Consider educating your people with a cybersecurity crash course that provides a high-level, non-technical path through the complicated web of technological threats, human decision-making, network security, cloud computing, and more. The right cybersecurity keynote speaker for your event can help navigate emerging mobile technology with strategies grounded in fact, so you can feel more in control moving forward. 

2. Impose Company-Wide Policy 

Though face computers aren’t necessarily ‘workplace technology,’ it’s not a stretch to assume that these devices will soon make their way to boardrooms and break rooms alike. Mark Zuckerberg has already introduced the idea of virtual team meetings on the metaverse, and with remote work still going strong, a face supercomputer can help bridge the gap between dispersed teams.

However, as we learned with the recent shift to remote work, thousands of employees on one remote server can spell disaster for many organizations — and dozens of employees all using face computers to dive into the metaverse can provide a backdoor for cybercriminals. Now is the time to implement a company-wide policy for these types of technologies; start by Bulletproofing Your Business Against Breach  with a cybersecurity keynote speaker who has experienced the devastation of cybercrime. 

3. Make Your Powerful Voice Heard 

Much like we can’t stop the current technological evolution, we cannot prevent the introduction of face computer technology. In truth, that might be a good thing — there are dozens of incredibly valuable uses for this technology that range from public health to even climate control. However, we should encourage societal input to implement boundaries for our privacy. 

Now is the time to remember how much power we as consumers truly have. Society plays a massive role in the political power held by tech giants. We can help shape the media and other politically-relevant information that surrounds emerging technologies by continuing to educate ourselves and speaking amongst others to ensure consumers understand the full concept of face computers and not just the bells and whistles. 

Seek Peace of Mind with a Cybersecurity Keynote Speaker 

If all of this talk about supercomputers and virtual universes makes you feel like you’re living in a Matrix movie, you’re definitely not alone. Though we might not be ‘Jetson level’ futuristic, our society is slowly (but surely) getting there. To ease this latest technological transition, reach out to a trusted cybersecurity keynote speaker for peace of mind and protection. 

For nearly two decades, I have spoken to organizations including the Pentagon, Homeland Security, Pfizer, Charles Schwab, Visa, and the Federal Reserve Bank about how to safeguard their organizations from cybercrime. If you want to gear up for the latest evolution of smart headgear, contact The Sileo Group today to schedule your next cybersecurity keynote. 

New iPhone Setting Stops Apps & Ads from Stalking You (App Tracking Transparency)

Apple App Tracking Transparency is Finally Here!

With the release of iOS 14.5, Apple has given us the most powerful privacy tool for users in many years – it’s called App Tracking Transparency (ATT). The update also includes a lot of features that have Apple product users very excited, like new Siri voices and being able to open your iPhone with Face ID even when wearing a mask—IF AND ONLY IF you have an Apple watch.

But as a privacy advocate, the element that matters the most to me is the App Tracking Transparency (ATT) feature. This means that apps like Facebook, Instagram and Google will no longer be able to track or gather your surfing habits on other apps or websites without getting your permission. For example, if you worked out on the Peloton app this morning, Facebook can buy that information and advertise exercise clothing to you based on your exercise type, size, weight, etc.

This is a serious blow to Facebook and other “free” services that depend on gathering your intimate personal and behavioral data to sell to their advertising clients. Of course, these services have never actually been free, as we have always been paying by giving them our information.

Specifically, the update changes the Identifier for Advertisers (IDFA), which is a unique random number assigned to each iPhone and allows advertisers and developers to track user behavior on that device. This includes not only app usage but also web browsing behavior that is often used to target advertisements to your psychographic profile. Apple says this change will provide transparency and give users an easier way to choose if their data is tracked.

Needless to say, Facebook, Google, and other big tech firms are not happy with the change. Facebook was so upset they placed a full-page ad in The New York Times in December claiming that the change would negatively affect small businesses who will see a drop of over 60% in sales. Facebook was unable to substantiate that claim, but their claim that it will force developers to enable in-app purchases or force subscriptions to make up for lost revenue is most likely true.

What will this look like for you as a consumer?

Basically, whenever you open any app that wants to access the IDFA, you will see a pop-up notification that asks for permission to track you across apps and websites by other companies and you’ll be able to opt in to allow tracking or not by choosing between “Allow Tracking” or “Ask App Not To Track.” Opting into data collection rather than having to opt out finally catches up with data privacy regulations such as the EU’s GDPR. It will be required by all software makers within a few months of the release.

So it comes down to a question of are you willing to pay for the extras provided by apps in order to have a little bit more privacy?

John Sileo is a privacy keynote speaker, award-winning author and media personality as seen all over TV. He keynotes conferences virtually and in person around the world. John is the CEO of The Sileo Group, a business think tank based in Colorado.

Is WhatsApp Privacy a Big Fat Facebook Lie? What You Need to Know.

WhatsApp privacy policy

WhatsApp Privacy: Facebook’s New “Data Use” Policy

I have been getting a ton of questions on the privacy of your personal data that is sent through WhatsApp. Is Facebook, who owns WhatsApp, sharing everything you write, including all of your contacts, messages and behaviors? It’s not quite that simple, but neither is Facebook.

Facebook announced a new WhatsApp privacy policy recently which created A LOT of confusion and user backlash. The changes caused such an uproar that they ultimately have decided to delay release of the new WhatsApp privacy agreement from Feb. 8 to May 15 while they sort themselves out. So let me give you a head start!

Behind all of this, WhatsApp is trying to break into the world of messaging for businesses (to compete with Slack and other programs). That way, when you communicate with a business, Facebook will see what you’re saying and use that information for advertising purposes.

Your Data That Can Be Accessed By Facebook

Facebook contends that your private messages will remain encrypted end-to-end, including to them, but Facebook & WhatsApp will have access to everything they’ve had access to since 2014:

  • Phone numbers being used
  • How often the app is opened
  • The operating system and resolution of the device screen
  • An estimation of your location at time of usage based on your internet connection

Purportedly, Facebook won’t keep records on whom people are contacting in WhatsApp, and WhatsApp contacts aren’t shared with Facebook. Given Facebook’s miserable history with our personal privacy, I don’t actually believe that they will limit information sharing to the degree that they promise. I think that this is one of those cases where they will secretly violate our privacy until it is discovered and then ask forgiveness and lean on the fact that we have no legislation protecting us as consumers. But please be aware that if you utilize Facebook, you are already sharing a massive amount of information about yourself and your contacts. WhatsApp may just add another piece of data into your profile.Watch The Social Dilemma on Netflix if you’d like to learn more about how you are being used to power their profits.

Highly Private Messaging Alternatives to WhatsApp

So, while it is mostly a “cosmetic change” to the WhatsApp privacy policy, if you are uncomfortable using it, you may want to consider the following:

    • There are alternative messaging apps, including Signal and Telegram, both of which have seen huge new user sign-ups since the announcement. I personally use Apple Messages (daily communications) and Signal (highly confidential communications).
    • WhatsApp says it clearly labels conversations with businesses that use Facebook’s hosting services. Be on the lookout for those.
    • The feature that allows your shopping activity to be used to display related ads on Facebook and Instagram is optional and when you use it, WhatsApp “will tell you in the app how your data is being shared with Facebook.” Monitor it and opt out.
    • If you don’t want Facebook to target you with more ads based on your WhatsApp communication with businesses, just don’t use that feature.
    • Trust the WhatsApp messaging app as much as you trust Facebook, because ultimately, they are the same company.

John Sileo is a cybersecurity expert, privacy advocate, award-winning author and media personality as seen on 60 Minutes, Anderson Cooper and Fox & Friends. He keynotes conferences virtually and in person around the world. John is the CEO of The Sileo Group, a business think tank based in Colorado

Telemedicine: Are Virtual Doctor Visits a Cyber & Privacy Risk?

The Trump administration has relaxed privacy requirements for telemedicine, or virtual doctor visits: medical staff treating patients over the phone and using video apps such as FaceTime, Zoom, Skype and Google Hangouts. The move raises the chances that hackers will be able to access patient’s highly sensitive medical data, using it, for example, to blackmail the patient into paying a ransom to keep the personal health information (PHI) private.

This relaxation in privacy regulations about telemedicine is necessary, as treating coronavirus patients in quick, safe, virtual ways is a more critical short-term priority than protecting the data. That may sound contradictory coming out of the keyboard of a cybersecurity expert, and that exposes a misconception about how security works.

Security is not about eliminating all risk, because there is no such thing. Security is about prioritizing risk and controlling the most important operations first. Diagnosing and treating patients affected by Covid-19 is a higher priority than keeping every last transmission private.

Put simply, the life of a patient is more important than the patient’s data. With that in mind, protecting the data during transmission and when recordings are stored on the medical practice’s servers is still important.

  • Doctors should utilize audio/video services that provide full encryption between the patient and the medical office during all telemedicine visits
  • If the doctor’s office keeps a copy of the recording, it should be stored and backed up only on encrypted servers
  • Not all employees of the doctor’s office should have the same level of access to telemedicine recordings; all patient data should be protected with user-level access
  • Employees of the doctor’s office should be trained to repel social engineering attacks (mostly by phone and phishing email) to gain access to telemedicine recordings

Telemedicine and virtual doctor visits is just one way that the government is willing to accept increased risks during the pandemic. Many federal employees are also now working remotely, accessing sensitive data, often on personal computers that haven’t been properly protected by cybersecurity experts. This poses an even greater problem than putting patient data at risk, because nearly every government (and corporate) employee is working remotely for the foreseeable future. I will address those concerns in an upcoming post.

In the meantime, stay safe in all ways possible.

About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a privacy and cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker, and expert on technology, surveillance economy, cybersecurity and tech/life balance.

Private Eyes Are Watching You: What it Means to Live (and Be Watched) in the Surveillance Economy

face computer cybersecurity speaker John Sileo

What it is the Surveillance Economy

How do you feel about the fact that Facebook knows your weight, your height, your blood pressure, the dates of your menstrual cycle, when you have sex and maybe even whether you got pregnant? Even when you’re not on Facebook, the company is still tracking you as you move across the internet. It knows what shape you’re in from the exercise patterns on your fitness device, when you open your Ring doorbell app and which articles you check out on YouTube — or more salacious sites. 

Welcome to the surveillance economy — where our personal data and online activity are not only tracked but sold and used to manipulate us. As Shoshana Zuboff, who coined the term surveillance capitalism, recently wrote, “Surveillance capitalism begins by unilaterally staking a claim to private human experience as free raw material for translation into behavioral data. Our lives are rendered as data flows.” In other words, in the vast world of internet commerce, we are the producers and our digital exhaust is the product. 

It didn’t have to be this way. Back when the internet was in its infancy, the government could have regulated the tech companies but instead trusted them to regulate themselves. Over two decades later, we’re just learning about the massive amounts of personal data these tech giants have amassed, but it’s too late to put the genie back in the bottle. 

The game is rigged. We can’t live and compete and communicate without the technology, yet we forfeit all our rights to privacy if we take part. It’s a false choice. In fact, it’s no choice at all. You may delete Facebook and shop at the local mall instead of Amazon, but your TV, fridge, car and even your bed may still be sharing your private data. 

As for self-regulation, companies may pay lip service to a public that is increasingly fed up with the intrusiveness, but big tech and corporate America continue to quietly mine our data. And they have no incentive to reveal how much they’re learning about us. In fact, the more they share the knowledge, the lower their profits go. 

This is one of those distasteful situations where legislation and regulation are the only effective ways to balance the power. Because as individuals, we can’t compete with the knowledge and wallet of Google, Facebook and Amazon. David versus Goliath situations like this were the genesis of government in the first place. But in 2020, can we rely on the government to protect us? 

Unlikely. At least for now. For starters, federal government agencies and local law enforcement use the same technology (including facial recognition software) for collecting data and to track our every move. And unfortunately, those who make up the government are generally among the new knowledge class whose 401Ks directly benefit by keeping quiet while the tech giants grow. Plus, there are some real benefits to ethical uses of the technology (think tracking terrorists), making regulation a difficult beast to tackle. But it’s well worth tackling anyway, just as we’ve done with nuclear submarines and airline safety.

In a recent Pew study, 62% of Americans said it was impossible to go through daily life without companies collecting data about them, and 81% said the risks of companies collecting data outweigh the benefits. The same number said they have little or no control over the data companies collect. 

At some stage, consumers will get fed up and want to take back control from the surveillance economy, and the pendulum will swing, as it already has in Europe, where citizens have a toolbox full of privacy tools to prevent internet tracking, including the right to be forgotten by businesses. Europe’s General Data Protection Rule (GDPR) is a clear reminder that consumers do retain the power, but only if they choose to. It’s not inevitable that our every move and personal data are sold to the highest bidder. We’ve happily signed on, logged in and digitized our way to this point. 

When consumers (that means you) are outraged enough, the government will be forced to step in. Unfortunately, at that point, the regulation is likely to be overly restrictive, and both sides will wish we’d come to some compromise before we wrecked the system. 

In the meantime, you have three basic choices: 

  1. Decrease your digital exhaust by eliminating or limiting the number of social media sites, devices and apps you use. (I know, I know. Not likely.)
  2. Change your privacy and security defaults on each device, app and website that collects your personal information. (More likely. But it takes a time investment and doesn’t fully solve privacy leakage.)
  3. Give in. Some people are willing to bet that a loss of privacy will never come back to haunt them. That’s exactly the level of complacency big tech companies have instilled in us using neuroscience for the past decade.  

Loss of privacy is a slippery slope, and it’s important to take the issue seriously before things get worse. Left unchecked, the private eyes watching your every move could go from tracking your exercise habits and sex life (as if that’s not creepy enough) to meddling with your ability to get health insurance or a mortgage. And suddenly it won’t seem so harmless anymore.

About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a privacy and cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker, and expert on technology, surveillance economy, cybersecurity and tech/life balance.