The second video in the VIRT-EU Ethical Unboxing Series considers four different fitness tracker smartwatches for kids. Here we ask: is it ethical to track your kids and quantify their everyday life? If yes, are there any potential risks that need to be accounted for? Although connected devices, such as smartwatches, are attractive and we do not discourage anyone from buying them, we believe that customers should be informed about the responsibilities they take on when buying these products. This video is intended to help people consider what to think about when deciding to purchase these.
INTRODUCING: THE DEVICES
In this video, VIRT-EU Team Members from London School of Economics (LSE); Alison Powell and Funda Ustek-Spilda, guide us through the kinds of questions we need to ask when purchasing and using IoT devices. Before filming, Funda Ustek-Spilda collaborated with Ed Johnson-Williams from Open Rights Group (ORG) to study trackers for children available in the market and decided to focus on the following four fitness tracker smartwatches in particular that have been specifically designed for children:
Although the purpose of this video is not to advertise these smartwatches, the discussions raise questions that may encourage parents to think about what devices they buy for their children and what the implications of buying those devices are.
Children represent an important user group that requires stronger safeguarding policies in place. Internet of things (IoT) devices that target kids are often presented as ensuring children’s safety, allowing parents to track and keep hold of their children at all times. This means, however, that constant surveillance is presented as a value in itself, and the potential risks and violation of children’s right to privacy receive less attention. What are the potential downsides of parents monitoring their children at all times? What are the ethical responsibilities of both buyers and sellers? In our review we find that many of the devices we consider do not have clear privacy policies and provide little information about where the data collected by such devices are stored. Read on to find out about the questions we asked and ways of thinking in terms of ethical responsibility or… just watch the video!
HACKING THREATS – PRIVACY POLICIES: DO YOU READ THEM?
While some of these devices may track the location of children, take photos or audio record them, there is no information in terms of how parents are able to know how the data are gathered or stored, apart from only one of the four smart watches reviewed in the video. Germany went so far as to ban the sale of “smart watches” for their infringement of national surveillance laws by, for example, listening in on classroom lessons. With all the cool features and bright colours that come with these smart devices, parents may not always be aware of the privacy issues, but how should they know? Privacy policies do not make for exciting reading – between the length, the jargon and the dryness of the text, it is not surprising that people tend not to read them. Alexis Madrigal estimates that reading the privacy policies encountered in a year would take 76 workdays if one spent 10 minutes on average reading each of them.
Screenshot: Reddit post
Ostensibly, the idea behind privacy policies for IoT products is to provide information about where the data will be stored, how long it will be stored and who will be able to access it – something VIRT-EU has been researching and published in Deliverable 4.4 (a VIRT-EU publication, section 2.2.4 The availability of privacy policies in purchased products, and 2.2.5 Ethical values within privacy policies).
In addition to transparency issues, risks such as the possibility of being hacked are of great concern when studying these devices. As Funda puts it: “If you can spy on someone, there is a possibility someone else could spy on you”. If a company that manufactures these gadgets does not take into account privacy and surveillance in their manuals and gives detailed information about their product, how can parents make sure that these companies protect their users against being hacked?
Parenting, play, and the quantification of everything
Moreover, the lack of privacy policies and transparency issues concerning connected IoT devices for kids are part of answering important questions: Is quantifying children’s everyday life necessary? And are there any consequences to doing so? What does it mean to quantify playing and parenting?
As an example of the kind of quantification that it is possible with these devices, Funda and Alison identify the following data being tracked by one or more of the above-mentioned devices:
Heart rate tracking
Tracking of chores and other pre-set activities
Camera and microphone
SOS functionality where the child can call pre-set numbers in case of emergency
SIM-card functionality (2G)
All of the features mentioned above seem attractive and fun, but what kind of scenarios would you imagine if these data were accessible to an unknown third-party user? What kind of parent-child relations will emerge? It may be easy to set up the device, especially if there is someone else setting it up for you, but what happens to the data and where is it located? What kind of new dynamics arise between kids and their parents and vice versa?
The idea of knowing your child’s whereabouts may seem attractive in that it provides a sense of control, but does it guarantee safety or good parenting? What kind of dependencies does these gadgets actually create once they become part of our everyday life?
The potential downsides of parents monitoring their children at all times are seldom explored but require attention as ethical responsibilities of both buyers and sellers. This is particularly important due to lack of privacy policies for many of these devices – and little information on where the data collected by such devices are stored. However, even if privacy policies existed for every single IoT device available, we might want to think about making the information more accessible and clearer.
One potential solution is that developers and designers to critically ask how the device interacts with the target user and the type of problems that might arise from the data that these gadgets process, collect and store. Moreover, as consumers it is crucial to look into privacy policies and rely on design that is responsible as an added value to the devices’ functionality, shape or colour.
We will continue our unboxing videos on our YouTube channel and our blogs on the VIRT-EU website. Please follow us and let us know if there are any internet of things devices you would like us to review.
A big thank you to Funda Ustek-Spilda and Ed Johnson-Williams for researching these devices and to Funda Ustek-Spilda and Alison Powell for presenting them.
Deliverable 4.4 : Final Report on PESIA, by VIRT-EU members Javier Ruiz, Ed Johnson-Williams (Open Rights Group) and Prof Marcella Sarale, Dr Maria Samantha Esposito, Prof Alessandro Mantelero (Politecnico di Torino), Published 30th April 2019