Two hands pointing to a laptop screen

From growing digital footprints to AI: Check out reflections from 2024 Data Privacy Day

Have you recently purchased a new washing machine, refrigerator, or TV? If any of these devices are “smart” or require connection to your WiFi, then there is a good chance they are collecting data about you.

"Does a washing machine actually need to have daily data,” asked Donna Kidwell, ASU’s Chief Information Security and Digital Trust Officer during her welcome address at Arizona State University’s highly anticipated annual Data Privacy Day. 

For the third consecutive year, Arizona State University (ASU) hosted the virtual event, in association with the National Cyber Security Alliance (NCSA).

“The speculation around washing machines collecting data raises questions about the ethics of [Internet of Things] devices and the necessity of such extensive data gathering," Kidwell continued.

And what happens to this massive amount of data collected about us? The event surfaced discussions about how today’s rules and regulations governing data privacy in the United States tend to favor the companies collecting this data over individual privacy. 

“The influence of lobbyists, particularly in big tech, also contributes to the delay in passing privacy laws,” noted Joe Conley, Chief Privacy Officer at the University of Arizona. “Overcoming these challenges is crucial to establishing a unified approach to privacy at the federal level."

However, we do know that our “digital footprints” – the data collected over time from our online interactions – are becoming larger, while more and more personal data about us is being circulated with and without our knowledge.

Gathering to learn more about the subtle yet pervasive ways personal data can influence and shape the technology we rely on every day, over 215 participants joined the event, which included New York Times bestselling author Kashmir Hill, as well as a special tri-university collaboration between ASU, Northern Arizona University and the University of Arizona. 

Listed below are the high points from the discussions that emerged yesterday around needs and concerns related to emerging facial recognition technology, the prevalence of data gathering and what can and should be done regarding our online privacy. 

Kashmir Hill on the complexity of AI and privacy: "In 2019, I uncovered a startup company that created a facial recognition app using a database of billions of faces scraped from public internet sources,” Hill said. “The technology was extraordinary, linking unknown individuals to their names and social media profiles, even photos they didn't know existed…raising critical questions about the ethical implications of widespread facial recognition."

Chris Graver on comprehensively legislating data privacy in the United States: "Considering different viewpoints on data privacy worldwide, the question arises: should the U.S. incorporate ideas from various privacy frameworks into a hybrid model,” noted Graver. “While some perspectives may be extreme, merging different privacy principles could create a comprehensive approach. The challenge lies in uniting diverse viewpoints within the U.S. to form a cohesive and effective data privacy legislation that addresses the complexities of the digital age."

Siyuan “Meimei” Li on potential positive applications of facial recognition technology: “How about moving that from a deficit-based approach to one that is more asset-based?” Li asked. “The technology could try to identify what the student is doing, rather than on what the student is not doing. And then build the model on top of that. Maybe help the instructor identify when a student is bored, or maybe identify where students are curious, and then build their model around those things. That information can inform the instructor to focus more on what the students’ asset opportunities, capabilities, and potential are.” 

Donna Kidwell on the importance of protecting data: "At the end of the day, this discussion highlights the need to protect our data,” Kidwell said. “Whether it's speculation about crypto miners or a botnet of washing machines…[today’s discussion] emphasizes the importance of safeguarding our personal information in the evolving world of IoT. It's crucial to consider the implications and take intentional steps to ensure data privacy."

Every year, ASU hosts Data Privacy Day as part of the larger efforts by the National Cybersecurity Alliance to #StayingSafeOnline in recognition of Data Privacy Week. 

The annual event is a continuation of the work ASU does to promote more conscious digital consumers, and builds upon the university’s ongoing commitment to educating communities – both at ASU and beyond – on the importance of secure online practices.