FTC commissioner links internet of things to financial services

Julie Brill, a Federal Trade commissioner, recently gave a remarkable speech to an audience of prospective engineers, scientists, and computer hardware and software designers at Carnegie Mellon University.

Two points made it remarkable.

First, it showed that the U.S. government is acutely aware of the internet of things, how it works, and what potential it has—for both good and bad.

Second, she provided a direct illustration showing why banks must know and care about IotT.

“We are on the threshold of the Age of Omniscience, when everyone can know everything about everyone—and share that knowledge in real time with everyone else over our omnipresent devices. The burgeoning internet of things is our entryway,” Brill said.

Is it really about banks?

At first glance it’s not all that intuitive that the conglomeration of smart devices already developed and soon to be introduced have much to do with the financial services industry. For example, Brill recounted what she saw at last month’s Consumer Electronics Show: “Swarovski pendants and bracelets that double as health monitors; smart cars that steer you out of trouble before you even know you’re in it; sprinklers that conserve water; front doorbells that send a video of your visitor to your smart phone; garages that alert you when your teenager has left the door open … again; and outdoor grills that let you know when it’s time to turn the meat.”

Brill’s main point, though, is that the aggregated result of these and other devices is the production of incredible amounts of data—data that in the hands of sophisticated analysts can be used to infer very personal and highly accurate information about individuals. More than that, as the numbers and types of such technology proliferate, sooner or later we’ll all just accept this pervasive connectivity as normal.

“Much of this data will be deeply personal and say a great deal about us as individuals,” Brill said. “We already know that every time we swipe our smartphone screens to check Twitter or tap our phones to pay for coffee, we add to the swelling rivers of data that capture the details of what we do, what we buy, what we read, and where we go.”

Brill referred to statements by Eric Schmidt, chairman of Google, in which he observed that the mere idea of a network connection will become an anachronism.

“Just as you forget about shifting gears in your car once you have an automatic transmission, Schmidt predicts that you’ll forget about devices being in a connected state. Connectivity will just be part of how things work,” she said.

Reining in the data brokers

Which gets to how FTC becomes involved: to be concerned about potential abuses of such masses of data, one area of which has to do with data brokers.

“Data brokers—firms unknown to most consumers—collect and combine compendia of tens of thousands of bits of data about each of us, and morph them into startlingly accurate profiles,” she said. “When run through the big data mill, these data points can be woven together into predictions about personal behavior and characteristics. These profiles are quite valuable to data brokers’ clients, who want to know where we live, where we work, how much we earn—as well as our daily activities, both offline and online, and our interests.”

Such activity, she points out, could be either beneficial or harmful to consumers depending on how that information is used.

And that gets to the link between the internet of things and financial institutions.

Making fraudsters pay … but not justly

She described a recent complaint filed by the FTC against a company called LeapLab, which sold information about consumers who applied for payday loans to two kinds of customers. About 5% of the applications went to bona fide lenders, while the rest were sold to nonlenders—some of whom used the information to commit fraud.

“In this case, LeapLab knew that consumers were interested in payday loans. But some other company might just as well have created, through data analytics or based on a data brokers’ profile, a list of consumers who were likely interested in a payday loan,” said Brill. [Emphasis added.]

A list like this could be used in a way that benefits consumers, Brill said. For example, a bank might use such a list to target their advertising for safe, low-cost, entry level financial products, because such consumers might be more likely to be unbanked or financially vulnerable.

“But the same list could just as easily be used by other less scrupulous firms to target consumers with high-cost, short-term loans that lead consumers into a cycle of debt,” according to Brill.

“Both uses are, in some sense, marketing, but the outcomes for consumers who receive the bank’s ads could be quite different from those who receive ads from payday lenders,” Brill said.

What do we do about it?

Responses to such potentialities, she said, need to come from several sources. Companies themselves should limit collection and retention of data to the bare minimum needed; government agencies, such as the FTC, need to step up enforcement of current rules and regulations; Congress should pass appropriate data and privacy security protections; and designers and manufacturers of such devices should build in ways to protect the data, such as providing encryption and interfaces to let users determine what data can be collected.

Speaking to the Carnegie Mellon University student audience, Brill said: “Riding the wave of the internet of things and big data, you are ushering in the Age of Omniscience and, to a great extent, your work will determine whether this new Age shines brightly or fades to black.”