To GO or Not to GO?

Pokemon Go has become a delightful and disturbing experiment in the social impact of technology. This new “Free” software for smart phones implements an augmented reality, overlaying the popular game on the real world. Fans wander the streets, byways, public, and in some cases private spaces following the illusive characters on their smart phone to capture them, or “in world”, or to collect virtual items.  The uptake has been amazing, approaching Twitter in terms of user-hours in just days after introduction. It has also added $12 billion to Nintendo’s stock value (almost double).

Let’s start with “Free”, and $12 billion dollars. The trick is having a no-holds barred privacy policy. Not surprising, the game knows who you are and where you are. It also can access/use your camera, storage, email/phone contacts, and potentially your full Google account (email contents, Drive contents, etc.)  Them money comes because all of this is for sale, in real time. (“While you track Pokemon, Pokemon Go tracks you”, USA Today, 12 July 16) Minimally you can expect to see “Luremodules” (a game component) used to bring well vetted (via browser history, email, call history, disk content, etc.) customers into stores that then combine ad-promotions with in-store characters. Perhaps offering your favorite flavor ice cream, or draw you into a lawyer’s office that specializes in the issues you have been discussing on email, or a medical office that …well you get the picture, and those are just the legitimate businesses.  Your emails from your bank may encourage less honest folks to lure you into a back alley near an ATM machine .. a genre of crime that has only been rumored so far.

The July 13th issue of USA Today outlines an additional set of considerations. Users are being warned by police, property owners, and various web sites for various reasons. The potential for wandering into traffic is non-trivial while pursuing an illusive virtual target, or a sidewalk obstruction, or over the edge of the cliff (is there a murder plot hiding in here?) Needless to say playing while driving creates a desperate need for self-driving cars. Since the targets change with time of day, folks are out at all hours, in all places, doing suspicious things. This triggers calls to police. Some memorial sites, such as Auschwitz and the Washington DC Holocaust Memorial Museum have asked to be exluded from the play-map. There are clearly educational opportunities that could be built into the game — tracing Boston’s “freedom trail”, and requiring player engagement with related topics is a possible example. However, lacking the explicit consideration of the educational context, there are areas where gaming is inappropriate. Also, some public areas are closed after dark, and the game may result in players trespassing in ways not envisioned by the creators, which may create unhealthy interactions with the owners, residents, etc. of the area.

One USA Today article surfaces a concern that very likely was missed by Nintendo, and is exacerbated by the recent deaths of black men in US cities, and the shooting of police in Dallas. “For the most part, Pokemon is all fun and games. Yet for many African Americans, expecially men, their enjoyment is undercut by fears they may raise suspicion with potentially lethal consequences.”  Change the countries and communities involved and similar concerns may emerge in other countries as well. This particular piece ends with an instance of a black youth approaching a policeman who was also playing the game, with a positive moment of interaction as they helped each other pursue in-game objectives.

It is said every technology cuts both ways.  We can hope that experience, and consideration will lead both players and Nintendo to evolve the positive potential for augmented reality, and perhaps with a bit greater respect for user privacy.

If the Computer Said it, it must be True!

Well, maybe not.  “What Happens When GPS Can’t Find You?” is a commercial concern raised by a Wall St. Journal article.  Needless to say a business in today’s world is at risk if the GPS location associated with it is wrong, or just the path that is required to get there is not correct.  Consumers at best are frustrated, and may simply write off that operation.  In this case it is often not the business’s fault, but one in the GPS location service, or route mapping.

Behind this is a more pervasive and serious problem.  Often there is no way to “fix” these problems from the perspective of the consumer or the an affected business.  You may know the data is wrong, the route doesn’t work, and correcting the error(s) is not a straight forward path, and certainly not easy enough that the “crowd-source” solution would work. That is, many people might find the error, and if there were a simple way to “report” the problem, after the “nth” report, an automated fix (or review) could be triggered.

This is not just  GPS problem. I’ve found many web sites are validating addresses against equally flawed sources (perhaps even the USPS).  I can send mail to my daughter (and she gets it), I’ve even seen the mailbox on the side of her street. By one of the web sites I used to deliver items to her location is rejecting the address as “not known”… and of course there is no way to report the error. A related problem is entering an address in “just the right way” — am I in “Unit A101” or “Apt. A 101″ or maybe Apt A101”, note that the delivery folks can handle all of these, but the online ordering system can’t.  Technology design consideration: track such ‘failures’, and after some number, check the validation process, or better have a button such as “I know this is right, so please update the database”.

Online operations are losing business, as well as brick-and-mortar activities due to online “presumptions” of correctness .. and no corrective processes available.  It’s one thing when the word processor marks your spelling as “wrong”, but lets you keep it anyway.  It is another when medications or essential services can’t reach your location because the GPS or delivery address is not in the database, or is listed incorrectly.

Employee Cell Phone Tracking

An employee in California was allegedly fired for removing a tracking APP from her cell phone that was used to track her on-the-job and after-hours travel and locations.  The APP used was XORA (now part of Clicksoft).
Here are some relevant, interesting points.

  • Presumably the cell phone was provided by her employer.  It may be that she was not required to have it turned on when she was off hours.
    (but it is easy to envision jobs where 24 hour on-call is expected)
  • There are clear business uses for the tracking app, which determined time of arrival/departure from customer sites, route taken, etc.
  • There are more intrusive aspects, which stem into the objectionable when off-hours uses are considered: tracking locations, time spent there, routes, breaks, etc. — presumably such logs could be of value in divorce suits, legal actions, etc.

Consider some variations of the scenario —

  1. Employee fired for inappropriate after hours activities
  2. Detection of employees interviewing for other jobs,
    (or a whistle blower, reporting their employer to authorities)
  3. Possible “blackmail” using information about an employees off hour activities.
  4. What responsibility does employer have for turning over records in various legal situations?
  5. What are the record retention policies required?  Do various privacy notifications, policies, laws apply?
  6. What if the employer required the APP to be on a personal phone, not one that was supplied?

When is this type of tracking appropriate, when is it not appropriate?

I’ve marked this with “Internet of Things” as a tag as well — while the example is a cell phone, similar activities occur with in-car (and in-truck) monitoring devices, medical monitoring devices, employer provided tablet/laptop, and no doubt new devices not yet on the market.

Who is Driving My Car (revisited)

Apparently my auto insurance company was not reading my recent blog entry.  They introduced a device, “In-Drive” that will monitor my driving habits and provide a discount (or increase) in my insurance rates.

There are a few small problems. The device connects into the diagnostic port of the car, allowing it to take control of the car (brakes, acceleration, etc.) or a hacker to do this (see prior Blog entry). It is connected to the mothership (ET phones home), and that channel can be used both ways, so the hacker that takes over my car can be anywhere in the world.  I can think of three scenarios where this is actually feasible.

  1. Someone wants to kill the driver (very focused, difficult to detect).
  2. Blackmail – where bad guys decide to crash a couple of cars, or threaten to, and demand payment to avoid mayhem (what would the insurance company CEO say to such a demand?)  (Don’t they have insurance for this?)
  3. Terrorism – while many cyber attacks do not yield the requisite “blood on the front page” impact that terrorists seek, this path can do that — imagine ten thousand cars all accelerating and losing brakes at the same time … it will probably get the desired coverage.

As previously mentioned, proper software engineering (now a licensable profession in the U.S.) could minimize this security risk.

Then there is privacy.  The  insurance company’s privacy policy does not allow them to collect the data that their web page claims this device will collect — so clearly privacy is an after thought in this case.  The data collected is unclear – they have a statement about the type of data collected, and a few FAQ’s later, have a contradictory indication that the location data is only accurate within a forty square mile area, except maybe when it is more accurate.  What is stored, for what period of time, accessible to what interested parties (say a divorce lawyer) or with what protections is unclear.  A different insurance company, Anthem, encountered a major attack that compromises identity information (at least) for a large number of persons.  I’m just a bit skeptical that my auto insurance company has done their analysis of that situation and upgraded their systems to avoid similar breaches and loss of data. For those wondering what types of privacy policies might make sense, I encourage you to view the OECD policy principles and examples.  Organizations that actually are concerned with privacy  would be covering all of these bases at least in their privacy statements. (Of course they can do this and still have highly objectionable policies, or change their policies without notice.)

Too Close for Comfort? Detecting your presence.

A group of authors in the August 2014 issue of IEEE Computer outline some pros, cons and examples of proximity sensing technology that initiates advertising, action and may report your presence to some data collection process. The article is called The Dark Patterns of Proxemic Sensing.

There are simple examples which most folks have encountered: the faucet that turns on when you put your hands near it, followed by the automated hand dryer or paper towel dispenser.  This paper Identifies some current examples that many of us may not have encountered: the mirror that presents advertising, a wall of virtual “paparazzi” that flash cameras at you accompanied by cheering sounds, and urinals that incorporate video gaming. Some of these systems are networked, even connected to the internet.  Some interact anonymously, others are at least capable of face or other forms of recognition.

The article identifies eight “dark” aspects of this proximity interaction:

  1. Captive Audience – there is a concern of unexpected/undesired interactions in situations where the individual must go for other reasons.
  2. Attention Grabbing – detection and interaction allows these systems to distract the target individual.  Which may be problematic, or just annoying.
  3. Bait and Switch – initiating interaction with an attractive first impression, then switching to a quite different agenda.
  4. Making personal information public — for example, displaying or announcing your name upon recognition.
  5. We never forget – tracking an individual from one encounter to the next, even spanning locations for networked systems.
  6. Disguised data collection – providing (personalized) data back to some central aggregation.
  7. Unintended relationships – is that person next to you related in some way — oh, there she is again next to you at a different venue…
  8. Milk factor – forcing a person to go through a specific interaction (move to a location, provide information …) to obtain the promised service.

Most of these are traditional marketing/advertising concepts, now made more powerful by automation and ubiquitous networked systems.  The specific emerging technologies are one potentially  disturbing area of social impact.  A second is the more general observation that the activities we consider innocuous or even desirable historically may become more problematic with automation and de-personalization.  The store clerk might know you by name, but do you feel the same way when the cash register or the automatic door knows you?

Issues in this area area also discussed in the Summer 2014 issue of Technology and Society – Omnipresent Cameras and Personal Safety Devices being relevant articles in that issue.

Cell Phone WiFi Used to Track Your Location

The 14 Jan Wall St. Journal has an article noting that your cell phone is being used to track where you are, and not by the cell phone provider (well, ok, they do as well, but using the cell-tower location process).  This tracking occurs when you have  your WiFi enabled and pass a detection device.  Turnstyle Solutions and Apple iBeacon (BlueTooth) provide devices placed by shop-owners and others to detect, record and report your location.  Turnstyle works with your devices WiFi MAC address, and iBeacon with iOS on your phone. iBeacon provides location data for Aps, but also for the host location.

The good: Knowing you are there may allow you to pay for goods at checkout without having to get out your credit card.  It may provide you with immediate “discount coupons” or other offers.   The Apple concept with BlueTooth is promoted as a way to provide ‘fine tuned’ personal (identifiable) services such as payment, or any other service that your phone apps using location services may be able to provide.

The bad: Turnstyle is not tied to apps, your cell provider, or your phone OS. It simply uses your MAC address (which is part of the handshake that is periodically being transmitted by any WiFi device to identify possible connections.)  An intended service Turnstyle provides their customers is a composite of “what other locations your customers visit”.  A restaurant has offered branded workout shirts as a result of feedback that 250 of their customers went to the gym that month (or at least to a gym that was in the Turnstyle network.) One Turnstyle customer is quoted as saying “It would probably be better not to use this tracking system at all if we had to let people know about it.”   I find that insightful.

Turnstyle also offers free WiFi in various retail locations.  The information about your sites visited, searches, etc. can be used to further classify you as a consumer — without collecting “personally identity” information (maybe.)  Any number of combination of data-mining techniques can be used to get fairly personal here — via Apps, site usernames, email addresses disclosed, etc.

The ugly: In the context of the article, the example of a problematic location tracking might be your visits to a doctor, say the oncology clinic in a monitored area. Combine that with searches on selected drugs and diseases and what you thought was private medical information is now available, and perhaps bypassing heath privacy regulations.

Consider the “constellation” of radio beacons you either transmit or reflect.  My car keys have an RFID chip, some credit cards have these (and passports), you have unique cell phone ID, WiFi MAC address, BlueTooth id, Apps that may be sending data without your awareness, etc. While any one service may be protecting your anonymity the set of signals you transmit becomes fairly unique to you.  Connecting these with your identity is probably more a question of the abusers desire to know than it is a question of your rights or security measures.

These mechanisms can be used by paparazzi, stalkers, assassins, groupies, and other ne’er-do-wells for their nefarious purposes.

In the Harry Potter series the Marauder’s Map was used to track anyone, at least within Hogwarts. To activate this “Technology” you tapped it with a wand and declared “I solemnly swear that I am up to no good.

Where have your footprints been taking you lately? And who has been watching them?