Prof encourages people to understand privacy risks after Saskatoon surveillance scare
There is always a risk data from home security cameras could end up in the wrong hands, says Alec Couros
Privacy breaches like one experienced by a Saskatoon woman — in which a stranger had front-row access to her life through the security cameras installed in her home — are not uncommon among security system providers, warns a professor at the University of Regina.
Saskatoon's Shelan Faith was notified of the privacy breach through a letter the stranger had written to her. The letter indicated the writer had somehow been given access to the security cameras in Faith's home — one on her doorstep and another she used as a baby monitor in her child's bedroom.
Both people were clients of Vivint Home Security, which said human error caused the breach and apologized.
But Alec Couros, a professor of educational technology and media at the U of R, says that's the gamble of using the technology.
"You are basically broadcasting a part of your life to the internet. These devices use protocols that can be accessed globally. That's the convenience," he said.
"But there's always the risk that you can run into, that there could be some sort of hacking."
The person who contacted Faith said she didn't intentionally try to gain access to the cameras, but was given the access through a mix-up with email addresses used to log in to the system.
The writer sent the letter to warn Faith about the breach, but Couros warned it might not always be a well-intentioned person who comes into contact with your data.
He said he understands the appeal of a home-security system, especially as a parent.
"It does provide you with a unique window in to your home, and that's all fine if it's only you receiving that information," he said.
Choose camera placement carefully
Couros encouraged people to be mindful of where they put security cameras in case the information they're gathering does become public.
Obvious places to avoid are areas where someone might undress, but he also cautioned against putting them in the garage or by doors.
"If someone's looking to break into your home, they know when you typically leave, when your doors have opened, when they typically close," he said.
"If anyone had access to the types of videos or just the notifications — you're providing a lot of information to someone who could use it in a negative way."
Privacy can be breached in several ways beyond human error, Couros said.
For example, a computer or security system can be compromised if someone gains access to your Wi-Fi network or gains physical access to a device.
There are also phishing and social engineering tactics to help hackers guess passwords.
Couros doesn't want people to give up on or toss out technology — rather, he wants people to understand the tools they use to mitigate the risks.
"We've kind of entered a phase in the world where there really is not privacy, that we're 100 per cent online all the time."
He said consumers need to weigh privacy against convenience, and pointed to smart home listening devices like Amazon's Alexa or Google Home.
"They're constantly providing data to some company that uses it to sell us products," he said.
"It's important to really have an educated view on the ability of these tools, whether they're listening to us or not."
No jurisdiction, says privacy commissioner
Saskatchewan's information and privacy commissioner, Ron Kruzeniski, received numerous calls regarding what happened to Faith in Saskatoon.
However, his office doesn't have jurisdiction over private firms operating in the province.
He called the incident concerning and encouraged consumers to be cautious.
"In the digital age, we'll constantly be thinking about, 'How do we reduce the risks of something negative?'" he said.
"Guarantees that something won't happen, I just don't think, are on."
Kruzeniski said managers and supervisors need to build mechanisms and implement protocol to ensure information is kept safe.