Question

Hello, Need my paper proof read, I have problems with my paper structure. I need help with my flow as I feel as if my analysis is not iter mixing with the my paper. For example currently I have citation, citation, example, then my analysis. I need help restructure my paper for better flow. I have copied and pasted my paper for review below:

Smart home devices have been a growing trend in the Canadian market with approximately 18% of Canadians investing in these devices in late 2018. It is estimated that by 2023, 35.1% of Canadians will use smart home devices (Ross, 2019). The rapid growth of these devices in Canada poses both a privacy and a cybersecurity risk to all citizens using these devices, as they are connected to the “internet of things” or IoT. Currently, Canadian laws offer little to no protection with these devices because privacy laws are nowhere near substantial enough for regulations to be implemented. This gives the opportunity for smart home manufacturers to regulate their own privacy and security policies, which creates a significant risk to consumers using their devices. With no regulations, manufacturers are emboldened to continue with this practice, and therefore, it is imperative that the Canadian Government creates laws and regulations that protect the privacy of citizens, and develops regulations for companies that offer IoT devices to fulfill the right of privacy.

In modern-day technology, most electronic devices such as smart home devices, fitness trackers, and even smart televisions use an online framework called “the internet of things” or IoT. The internet of things devises the networking of electronic devices, allowing them to connect through the internet, and enabling them to send and receive data (Maras, 2017). The IoT framework also has the capabilities to collect, store, and transmit vast amounts of data linked to your personal activities, such as your everyday routine, including your personal information (Ernst & Young, 2017). With IoT frameworks technology expanding, it provides consumers with more convenience and a technology-based lifestyle, but also has created an unprecedented consequence as it is getting harder to control third-party hackers from gaining access to connected devices (Ernst & Young, 2017). With the added issues of outdated laws and regulations that are intended to protect the privacy and security of personal information, it has created breaches in Canada’s technology sector.

Take for example, an organization called “Scalar Decisions,” a team of ethical hackers who hack smart home devices to showcase their flaws. In a study conducted by “CBC Marketplace,” ethical hackers were hired to hack numerous families with smart home devices (Denne, 2018). In one instance, the hackers managed to gain access to a family’s home wireless network where devices such as thermostats were linked to the network. After breaching the wireless network, they controlled the thermostats and also could gain access to other devices, such as smart door locks. The study also identified websites like “Insecam” that live-stream thousands of wireless security cameras that are connected to the IoT framework and found the site hosting approximately 300 Canadian feeds, broadcasting online for anyone in the world to see.

These examples of security and personal breaches show the current issues we have in Canada in regards to personal privacy and security. If manufacturers are selling these products in the Canadian market, the government must enforce regulations and standards to protect the individuals who use such devices. The study conducted by CBC Marketplace shows how rough the situation currently is in Canada. The Canadian Government should put in resources to better combat the fast-changing technology sector, to decrease the limit of occurrences and patch any gaps in our current privacy laws. This raises the question of why the Canadian Government has not put in the resources to update current privacy and security laws and also raises the question of who should be liable for these issues: the manufacturers, hackers, or the Canadian Government.
Perhaps one of the main issues in Canada is the current Personal Information Protection and Electronic Documents Act (PIPEDA). The PIPEDA “is the federal privacy law for private-sector organizations, which sets out the ground rules for how businesses must handle personal information in the course of commercial activity” (Office of the Privacy Commissioner of Canada, 2018). However, even with this act, most manufacturers do not follow these regulations, and thus the reason why we see a variety of different privacy policies across companies. This is mainly due to the PIPEDA conception in the year 2000, and with 19 years of technology advancements, the original act focuses on early versions of IoT framework, and it is no surprise that the current IoT framework no longer applies to the act due to the outdatedness of its policies.

For instance, the outdated PIPEDA was recognized by the former Privacy Commissioner Jennifer Stoddart; she expresses an opinion that the current PIPEDA is outdated and needs a major overhaul and further asserts that the privacy framework is much more complex than a decade ago (Allison, 2018). Furthermore, the current Privacy Commissioner Daniel Therrien stated that privacy concerns are reaching near-crisis levels and is calling the federal government for an immediate reform (Office of the Privacy Commissioner of Canada, 2018).

The current PIPEDA is nowhere near strong enough to regulate companies to follow specific privacy laws in Canada, weakening the privacy of Canadians. If the federal government took the initiative to reform the PIPEDA based on the Privacy Commissioner’s concerns, companies would have laws and regulations they must follow. If there is no clear regulation and law set out in the act, it is no surprise that companies such as smart home manufacturers are using this to their advantage to enforce their own privacy policies, as there are no updated regulations or laws these companies have to follow and therefore they are not being penalized. This can be put into context in society, imagine if there were no laws that citizens must follow, this would cause significant consequences as there would be no order kept in society. This connects in the same way with current smart home manufacturers as they have no law or regulations to follow, therefore creating no order in the technology sector. If there are any existing laws or regulations, they are outdated and no longer valid for the current IoT framework.

Smart home device manufacturers' privacy and security policies pose a multitude of concerns. When smart home users first set up their devices, they have limited control over the type of data the manufacturer may collect, and most manufacturers are located within the United States, resulting in data being stored in servers in the U.S. (Biocco, 2018). Manufacturers use smart home data to build profiles of users for marketing and advertising purposes to generate revenue (Biocco, 2018). However, this creates security risks as third-party hackers may gain access to personal information by obtaining unencrypted information generated by these devices by using wireless data intercept tools and over radio-frequency protocols (Fichtner, 2018). Most manufacturers' privacy policies do not have an option for users to “opt-out” of personal data collection or manage data sharing preferences (Zhang, 2016). In conjunction with privacy policies, smart home privacy policies are tough to read and comprehend; within the policies, opt-out procedures are non-existent or tedious to execute (Biocco, 2018).

Take for example, a company called “Ring,” which manufactures smart doorbells and cameras. In its privacy policy, it states that they refuse to let users opt-out of personal data collection because it offers payment services and is beyond the standard package (Ring LLC, 2018). Users have no choice but to agree and hand over their personal information to allow this company to collect data. Another instance is a company called “Google.” Google states on its privacy policy that it does not sell your personal data; however, it collects and manages personal data, including smart home devices such as the “Google Home,” and uses that data within its systems to show advertisers to generate revenue (Popken, 2018).

The statements in both Ring’s and Google’s privacy policies show that currently, companies have control over how personal data are used and managed. However, both of these companies are located within the United States, and if personal data is being stored in a different country than the user, this creates further implications in Canada that we have no control over the data being sent to these companies. If Canada had strict regulations and laws that companies must follow, such as being transparent on data management, we would not see the current monopoly in the technology sector.

With technology advancements in the IoT framework, laws and regulations must be passed on companies offering services in Canada. Without laws and regulations, companies will enforce their own policies due to the aging PIPEDA act in Canada. The federal government must take the initiative to update the policies within this act, allowing companies to follow specific regulations in regard to privacy and security. They must also govern resources to keep up to date with the sophisticated IoT framework and fulfill the privacy and security rights of all Canadian citizens, which are currently not being met.

Answer 1

In modern-day technology, most electronic devices such as smart home devices, fitness trackers, and even smart televisions use an online framework called “the internet of things” or IoT. The internet of things devises the networking of electronic devices, allowing them to connect through the internet, and enabling them to send and receive data (Maras, 2017). The IoT framework also has the capabilities to collect, store, and transmit vast amounts of data linked to your personal activities, such as your everyday routine, including your personal information (Ernst & Young, 2017).

Smart home devices have been a growing trend in the Canadian market with approximately 18% of Canadians investing in these devices in late 2018. It is estimated that by 2023, 35.1% of Canadians will use smart home devices (Ross, 2019). The rapid growth of these devices in Canada poses both a privacy and a cybersecurity risk to all citizens using these devices, as they are connected to the “internet of things” or IoT. Currently, Canadian laws offer little to no protection with these devices because privacy laws are nowhere near substantial enough for regulations to be implemented. This gives the opportunity for smart home manufacturers to regulate their own privacy and security policies, which creates a significant risk to consumers using their devices. With no regulations, manufacturers are emboldened to continue with this practice, and therefore, it is imperative that the Canadian Government creates laws and regulations that protect the privacy of citizens, and develops regulations for companies that offer IoT devices to fulfill the right of privacy.

With IoT frameworks technology expanding, it provides consumers with more convenience and a technology-based lifestyle, but also has created an unprecedented consequence as it is getting harder to control third-party hackers from gaining access to connected devices (Ernst & Young, 2017). With the added issues of outdated laws and regulations that are intended to protect the privacy and security of personal information, it has created breaches in Canada’s technology sector.

Take for example, an organization called “Scalar Decisions,” a team of ethical hackers who hack smart home devices to showcase their flaws. In a study conducted by “CBC Marketplace,” ethical hackers were hired to hack numerous families with smart home devices (Denne, 2018). In one instance, the hackers managed to gain access to a family’s home wireless network where devices such as thermostats were linked to the network. After breaching the wireless network, they controlled the thermostats and also could gain access to other devices, such as smart door locks. The study also identified websites like “Insecam” that live-stream thousands of wireless security cameras that are connected to the IoT framework and found the site hosting approximately 300 Canadian feeds, broadcasting online for anyone in the world to see. These examples of security and personal breaches show the current issues we have in Canada in regards to personal privacy and security. If manufacturers are selling these products in the Canadian market, the government must enforce regulations and standards to protect the individuals who use such devices.

The study conducted by CBC Marketplace shows how rough the situation currently is in Canada. The Canadian Government should put in resources to better combat the fast-changing technology sector, to decrease the limit of occurrences and patch any gaps in our current privacy laws. This raises the question of why the Canadian Government has not put in the resources to update current privacy and security laws and also raises the question of who should be liable for these issues: the manufacturers, hackers, or the Canadian Government.
Perhaps one of the main issues in Canada is the current Personal Information Protection and Electronic Documents Act (PIPEDA).

The PIPEDA “is the federal privacy law for private-sector organizations, which sets out the ground rules for how businesses must handle personal information in the course of commercial activity” (Office of the Privacy Commissioner of Canada, 2018). However, even with this act, most manufacturers do not follow these regulations, and thus the reason why we see a variety of different privacy policies across companies. This is mainly due to the PIPEDA conception in the year 2000, and with 19 years of technology advancements, the original act focuses on early versions of IoT framework, and it is no surprise that the current IoT framework no longer applies to the act due to the outdatedness of its policies.

For instance, the outdated PIPEDA was recognized by the former Privacy Commissioner Jennifer Stoddart; she expresses an opinion that the current PIPEDA is outdated and needs a major overhaul and further asserts that the privacy framework is much more complex than a decade ago (Allison, 2018). Furthermore, the current Privacy Commissioner Daniel Therrien stated that privacy concerns are reaching near-crisis levels and is calling the federal government for an immediate reform (Office of the Privacy Commissioner of Canada, 2018).

The current PIPEDA is nowhere near strong enough to regulate companies to follow specific privacy laws in Canada, weakening the privacy of Canadians. If the federal government took the initiative to reform the PIPEDA based on the Privacy Commissioner’s concerns, companies would have laws and regulations they must follow. If there is no clear regulation and law set out in the act, it is no surprise that companies such as smart home manufacturers are using this to their advantage to enforce their own privacy policies, as there are no updated regulations or laws these companies have to follow and therefore they are not being penalized. This can be put into context in society, imagine if there were no laws that citizens must follow, this would cause significant consequences as there would be no order kept in society. This connects in the same way with current smart home manufacturers as they have no law or regulations to follow, therefore creating no order in the technology sector. If there are any existing laws or regulations, they are outdated and no longer valid for the current IoT framework.

Smart home device manufacturers' privacy and security policies pose a multitude of concerns. When smart home users first set up their devices, they have limited control over the type of data the manufacturer may collect, and most manufacturers are located within the United States, resulting in data being stored in servers in the U.S. (Biocco, 2018). Manufacturers use smart home data to build profiles of users for marketing and advertising purposes to generate revenue (Biocco, 2018). However, this creates security risks as third-party hackers may gain access to personal information by obtaining unencrypted information generated by these devices by using wireless data intercept tools and over radio-frequency protocols (Fichtner, 2018). Most manufacturers' privacy policies do not have an option for users to “opt-out” of personal data collection or manage data sharing preferences (Zhang, 2016). In conjunction with privacy policies, smart home privacy policies are tough to read and comprehend; within the policies, opt-out procedures are non-existent or tedious to execute (Biocco, 2018).

Take for example, a company called “Ring,” which manufactures smart doorbells and cameras. In its privacy policy, it states that they refuse to let users opt-out of personal data collection because it offers payment services and is beyond the standard package (Ring LLC, 2018). Users have no choice but to agree and hand over their personal information to allow this company to collect data. Another instance is a company called “Google.” Google states on its privacy policy that it does not sell your personal data; however, it collects and manages personal data, including smart home devices such as the “Google Home,” and uses that data within its systems to show advertisers to generate revenue (Popken, 2018).

The statements in both Ring’s and Google’s privacy policies show that currently, companies have control over how personal data are used and managed. However, both of these companies are located within the United States, and if personal data is being stored in a different country than the user, this creates further implications in Canada that we have no control over the data being sent to these companies. If Canada had strict regulations and laws that companies must follow, such as being transparent on data management, we would not see the current monopoly in the technology sector.

With technology advancements in the IoT framework, laws and regulations must be passed on companies offering services in Canada. Without laws and regulations, companies will enforce their own policies due to the aging PIPEDA act in Canada. The federal government must take the initiative to update the policies within this act, allowing companies to follow specific regulations in regard to privacy and security. They must also govern resources to keep up to date with the sophisticated IoT framework and fulfill the privacy and security rights of all Canadian citizens, which are currently not being met.