Security experts have raised privacy concerns after a new report revealed that British police are looking to tap IoT data logs to verify alibis and help with investigations.
Metropolitan Police head of digital and electronic forensics, Mark Stokes, claimed that detectives are being trained to track digital trails created by the smart devices that are an increasingly pervasive part of daily life.
“Wireless cameras within a device such as the fridge may record the movement of suspects and owners,” he told The Times.
“Doorbells that connect directly to apps on a user’s phone can show who has rung the door and the owner or others may then remotely, if they choose to, give controlled access to the premises while away from the property. All these leave a log and a trace of activity.”
However, doing so could raise privacy fears, especially for those innocently caught up in investigations.
The UK already has some of the most intrusive surveillance laws in the world - thanks to the Snoopers’ Charter, or Investigatory Powers Act - which legalizes the hacking of suspects’ computers and smartphones by the authorities.
The non-profit prpl Foundation recently released a report on the smart home, detailing the extent of IoT devices and the associated security and privacy dangers.
“People need to be aware that many of the connected devices they use in the home are always on, which means they are always listening, watching or collecting data. This is obviously two-fold, as it could mean that if the worst happens, there is a digital trace for forensics to follow. But the flip side is that others with perhaps fewer morals may be able to gain access to spy on people,” prpl Foundation chief security strategist Cesare Garlati told Infosecurity.
Manufacturers need to fix this at a development level to ensure there’s separation of critical components within the device, preventing lateral movement and therefore making it harder for third parties to remotely control devices, he added.
“And users need to be aware that connected devices can potentially infringe on their privacy and make sure they take proper steps within the device and home gateway settings to make sure they follow the most basic security advice to make it harder for hackers to compromise them,” Garlati concluded.