In this week’s Security Ledger Podcast (Episode #89) we talk with Beau Woods of The Atlantic Council and the advocacy group I Am The Cavalry about the death of 49-year-old Elaine Herzberg, who was struck and killed by an autonomous vehicle operated by Uber. Also: following Facebook’s privacy meltdown with Cambridge Analytica, we’re joined by Konstantinos Komaitis, the Director of Policy Development at the Internet Society about what real social media privacy reforms should look like. And a new Ponemon Institute survey finds companies are convinced that insecure Internet of Things devices will result in them being hacked – but they’re not doing anything to stop it.
Part I: Beta Deaths
When an autonomous vehicle operated by ride sharing firm Uber struck and killed 49-year-old Elaine Herzberg as she walked her bicycle across a Tempe street, authorities investigating the incident were quick to say that neither Uber’s self driving car or its human attendant was to blame for the incident. Still, that didn’t stop Uber from pulling autonomous vehicles from the streets of Tempe, Pittsburgh, Toronto and other cities while the company and authorities investigate the Tempe incident.
[Like what you hear on our podcast? Subscribe by Email!]
The incident is the first in which a pedestrian in the U.S. was killed by an autonomous vehicle. And it raises important questions. Chief among them: ‘what do we know about the safety of autonomous vehicles that are popping up on US streets?’
We invited Beau Woods of The Atlantic Council and the group I Am The Cavalry in to talk with us. Beau said that the promise of autonomous vehicles is considerable. There are more than 30,000 fatalities in the US every year, with most attributed to human error. Autonomous, computer aided driving could eliminate many of those fatalities. So is there any down side to accelerating the transition to autonomous vehicles? Woods argues in this conversation that there is.
[You might also like to read: “Autonomous vehicles could save more lives than they take. That might not matter.“]
“We have to be thoughtful and intentional about how we develop autonomous vehicle systems,” he said. While we don’t know where the state of autonomous driving is compared to where it needs to be, the Tempe incident suggests that automakers and other players may be moving faster to implement the technology on public roads than the public is willing to accept.
Part II: Don’t Haze Me, Bro!
The dastardly business dealings between Facebook and the billionaire backed firm Cambridge Analytica have been making headlines since the New York Times revealed that the firm mined data on some 50 million Facebook users in order to manipulate the feelings and thoughts of Facebook users and tip the electoral scales in favor of the candidacy of Donald Trump.
That has prompted mea culpas from Facebook executives and calls for Facebook CEO Mark Zuckerberg to testify before Congress. But what will it really take to plug the gaping privacy hole at Facebook and other massive social media firms? In the second segment of our weekly podcast, we’re joined by Konstantinos Komaitis of The Internet Society says that a good first step would be for social media companies to start showing more care in the handling of user data. We talk with him about that group’s new list of recommendations to address lax privacy practices in the social media world, how the pending EU GDPR may bring some relief but why deleting your Facebook account probably won’t.
Part III: Enterprises at Sea with the IoT
A new survey out today from The Ponemon institute and The Santa Fe Group’s Shared Assessments program has some worrying data on risk and the Internet of things. Namely: a near universal concern among enterprises that they would suffer from an IoT-linked security event in the next couple years. While that might not be so surprising, the fact that few of the surveyed firms had any notion of how to prevent such an incident is. In the second part of our podcast, Charles Miller a SVP at the Santa Fe Group talks to us about the implications of the Ponemon survey. Among them: the need for risk management practices that can keep pace with technology adoption.