New Bill Would Force Hardware Makers To Disclose Hidden Mics, Cameras

from the watching-you-watching-me dept

Back in February, you might recall that Google took some heat from owners of their Nest home security platform, after they suddenly discovered that the Nest Secure home security base station contained a hidden microphone the company had never publicly disclosed. The reveal came via a Google announcement sent to Nest customers informing them the hidden mic would soon be turned on, allowing the integration of Google Assistant on the platform. Given tech's shaky history on privacy, some folks were understandably not amused:

While Google ultimately admitted the "error" and updated its hardware spec sheet, the episode did a nice job illustrating the fact that whether we're talking about products getting better or worse, you don't really own the products you buy, and your agreement with the manufacturer in the firmware-update era can pivot on a dime, often with far less disclosure than we saw here, or none whatsoever. When it comes to privacy (especially given the flimsy security in many IOT devices), that's kind of an important conversation to be having.

Likely responding to the resulting fracas, Senator Cory Gardner has introduced the Protecting Privacy in our Homes Act, which would require tech companies to include a label on products disclosing the presence of recording devices. Gardner's been trying to shore up the internet of broken things for a few years now, though the efforts usually stall in process and his IOT Cybersecurity Act, introduced last Spring, has struggled to gain much traction in a distracted and well lobbied Congress. Says Gardner of this latest effort:

"Consumers face a number of challenges when it comes to their privacy, but they shouldn’t have a challenge figuring out if a device they buy has a camera or microphone embedded into it. This legislation is about consumer information, consumer empowerment, and making sure we’re doing everything we can to protect consumer privacy."

Outside of legislation, there's not a whole lot being done to ensure the millions of devices we've connected to the internet annually have reasonable security and privacy safeguards in general. Like so many issues, the IOT industry doesn't much care -- they're on to selling the next greatest thing and have little interest in retroactive security and privacy updates. Consumers often don't care -- in part because they're completely clueless to the scope of the problem (especially if functionality is hidden). And lobbying ensures government usually doesn't much care either.

That has left much of the problem in the laps of consumer groups, researchers, and activists, though many of these efforts (like Consumer Reports quest to shame companies for bad security and privacy practices in product reviews) can only accomplish so much without industry and government's help. Ultimately this just means we're going to see a lot more hacking, privacy violations, and related scandals (and even potentially tragedies) before we start taking the problem of IOT privacy, security, and transparency seriously.

Filed Under: assistant, cameras, cory gardner, hidden microphones, iot, microphones, privacy
Companies: google


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    Wyrm (profile), 16 Oct 2019 @ 3:04pm

    Re: Re: Re: All I'm going to say about this,

    The example in the article is different. The microphone was left inactive. Not waiting for a trigger (motion, schedule) but for a full firmware update. The microphone was not recording nor transmitting anything for years.
    So you buy your product, test it, nothing is found short of actually opening the device to physically look for microphone.
    Then, a year later, firmware update and "Boom", you're spied on unknowingly... unless you regularly test all your devices just for this kind of case.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.