"Mom, Dad, who is our family's Chief Privacy Officer?"

by Vikram Venkatasubramanian

THAT the individual shall have full protection in person and in property is a principle as old as the common law; but it has been found necessary from time to time to define anew the exact nature and extent of such protection” – Louis D. Brandeis and Samuel D.Warren, Jr, Harvard Law Review, Dec 15, 1890.

130 years after this article was published, we have an increasingly urgent context to ‘define anew the exact nature and extent of such protection’ – the online privacy and security of all Americans. Now, don’t get me wrong – I am not a fan of big government regulation of our internet access nor do I think that government regulation alone would solve the problem. My position now is that violations of our privacy right now are so rampant that without a legal framework to lean on, we cannot hold to account the violators when we find them and identify them. Now, here is the sad part – it is NOT that hard to find and identify them! Many of them include some of the large companies whose services we depend on.

Ok, here is where I am coming at this from. The average American middle class household now has 25 internet connected devices according to Deloitte’s 2021 Connectivity and Mobile Trends Survey. My house has about 20. Lower than average but still a nice number. As part of Nandi Security’s research, we decided to track the activity of my connected home and understand what is happening on our home network.  Here is what we found when we looked at a whole month’s worth of data for September 2021.

Summary of findings:

  • My home accessed as many as 3600 unique domains(websites) per day (in green in the above chart)
  • Many of these sites were accessed multiple times a day which meant that the total number of website access requests could be over 50,000 requests per day
  • On some days, almost 400 different known trackers, ad networks, data brokers and surveillance marketers websites were accessed (in red in the above chart). That is almost 400 different companies that collected information about us THAT ONE DAY!
  • The chattiest device on my home network – a connected TV!
  • There were streaming apps on my TV that I had never launched, used or even knew about that were communicating back to their vendor’s servers
  • A network storage device was talking to a known malware site – yikes!! (Yes, I bounded up those stairs in 2.2 seconds flat and unplugged it!)

A few weeks ago, I was at my first in-person conference in almost 1.5 years. There was a whole track on cybersecurity. The CEO of a publicly traded cybersecurity company was on a panel and he waxed eloquent for an hour about the issues in cybersecurity that affects corporations. During Q&A, I asked him how he protects his home and his answer – “I assume that my home is a compromised network”. The sheer extent of resignation and tone of helplessness in that response from a person who is a leader of a top notch cybersecurity company made my stomach churn.

At Nandi Security, we are tired of this resignation. It is time to take our online privacy and security seriously and took back control of who gets access to our family’s information.

Terms of Use

@Copyright 2023, Nandi Security, Inc