Software Development
Cybersecurity / Ethics

Surveillance tech and cyber attacks are commonplace. Here’s where they show up in daily life

In a time dominated by protests and a pandemic, here's what experts from La Salle and Drexel universities say is most important for the average citizen to be aware of regarding these technologies.

Cybercriminals are at work. (Photo by Pexels user, used via a Creative Commons license)

In 2021, surveillance is inevitable, and the ethics of how it’s applied are constantly being debated. From protesters rallying for justice following the murder of George Floyd by police, to college students working on projects remotely, surveillance technology is increasingly being used to track the lives of people who may be otherwise unaware of its existence.

Concurrently, with the pandemic relegating many workers to their homes, maintaining a high level of cybersecurity has a heightened importance, as these workers’ digital setups are more vulnerable to attack.

Understanding these concepts can provide answers as well as raise new questions on the state of our society. Here’s what two experts say is most important for the average citizen to be aware of regarding these technologies’ presence in their daily lives.

Precision and consent in facial recognition

As an assistant professor of computer science and graduate-level program director for computer information systems and IT programs at La Salle University, Margaret “Peggy” McCoey has extensive experience in explaining what surveillance technology looks like in 2021 and the ethical dilemmas that come with it.

According to McCoey, surveillance technology has gained prominence among the general public after only being identified as an expensive tool used by law enforcement. It’s important to understand what surveillance technology can be used for and who it may affect, as well as where consent plays in, she said.

La Salle University assistant professor Margaret “Peggy” McCoey. (Courtesy photo)

Using the popular (and controversial) Ring doorbell camera as an example, McCoey explained that contrary to popular belief, whoever owns a device owns the footage it records.

“Suppose I have a camera on my home,” she told Technical.ly. “Technically, I own that footage because I have that device. In order for that to be used in a legal sense, they have to get my consent.”

In other words, law enforcement must McCoey for her permission to use that footage. If she says no, the only way that footage can be used is if there is more than just a suggestion of a crime. Only law enforcement has the ability to get a warrant for a device. Additionally, if consent is not provided to law enforcement, then her lawyer can dispute the case.

Law enforcement also uses the photos found on those sites such as Facebook to track down criminals, and in some cases, protesters at events. When considering the use of facial recognition as a tool for law enforcement to find people of interest, McCoey explained the complications that often arise, such as the recent lawsuit a Michigan man levied against Detroit police after he was accidentally targeted by the technology.

“If the information is public, they’re not doing anything incorrect,” she said. “However, the issue you run into is how correct the results are of the facial recognition. It might be a fairly good match, but it’s not an exact match.” (And, as illustrated in the documentary “Coded Bias,” AI can reflect existing race and gender bias.)

False positives in facial recognition and public identification of otherwise innocent individuals can damage their credibility. Facial recognition can be a tool to help law enforcement in their searches, but it should not be the only tool used to hold individuals accountable, McCoey said.

A need for better cybersecurity

Cyber attacks happen much more often than when you hear about the big-name data breaches of cities and other institutions.

Drexel University cybersecurity expert Robert D’Ovidio said that after more than a year of people working from home, a need for adequate cybersecurity is more important than ever. Many companies moved workers home at the beginning of the pandemic and without control of their networks, potentially opened themselves up to digital threats.

“From an enterprise level, like what system administrators or network administrators can do to best protect a company and its infrastructure, virtual private networks [VPNs] are really important,” he said. “Companies that can deploy a VPN for its employees can go a long way in safeguarding the data they hold, especially if they hold personal identifiable information [PII] about potential customers. If it’s local government and they have PII on taxpayers, it’s highly valued for identity thieves and in the dark web.”

(This need for data safeguarding is part of the reason why Center City-based Connectify’s Speedify VPN saw its users double in 2020.)

Robert D’Ovidio. (Photo via Twitter)

D’Ovidio understands that all people working from home may not be computer savvy, and has a solution: automating software updates. By putting settings on “automatic” for antivirus or system updates, users don’t even need to think about when new updates are available or how to make them happen. But that’s just one part of ensuring that your device is safe.

“The other thing is to be smart about what you click on,” he said. “More and more, we’re seeing phishing schemes being used as the method to inject some sort of malware into your system. A little awareness and a little precaution can go a long way. If you don’t have trust in the person sending your message, don’t open the file.”

Employees don’t have to bear the burden of maintaining their cybersecurity on an ongoing basis. To keep up with new digital threats and techniques used by criminals, D’Ovidio emphasized that companies should focus on maintaining regular security awareness training sessions. Large and mid-sized companies can add these trainings to their ongoing professional development, and bounty programs can help companies address blind spots in their cybersecurity strategies.

“With bounty programs, where employees can report known issues, are important,” he said. “You can incentivize them. Companies can send out test phishing emails. Companies are doing these and it’s important that we get more and more companies. It’s a challenge to the mom and pop organizations that don’t have a dedicated marketing unit, but there are ways those companies can outsource to provide that similar functionality.”

With phishing and smishing — that’s phishing scams happening via text — as the biggest threats against cybersecurity, D’Ovidio said that solid cybersecurity can oftentimes be a matter of awareness.

Michael Butler is a 2020-2022 corps member for Report for America, an initiative of The Groundtruth Project that pairs young journalists with local newsrooms. This position is supported by the Lenfest Institute for Journalism.
Companies: Drexel University / La Salle University
Engagement

Join the conversation!

Find news, events, jobs and people who share your interests on Technical.ly's open community Slack

Trending

How venture capital is changing, and why it matters

What company leaders need to know about the CTA and required reporting

The ‘Amazon of science stores’ and 30 other vendors strut their stuff for Philly biotech

Why the DOJ chose New Jersey for the Apple antitrust lawsuit

Technically Media