How tech companies deceive you into giving up your data and privacy | Finn Lützow-Holm Myrstad
133,693 views ・ 2018-11-21
請雙擊下方英文字幕播放視頻。
譯者: Lilian Chiu
審譯者: Yanyan Hong
00:13
Do you remember when you were a child,
0
13040
2416
你是否記得,在小時候,
00:15
you probably had a favorite toy
that was a constant companion,
1
15480
3576
你可能有個最愛的玩具,
總是陪在你身邊,
00:19
like Christopher Robin
had Winnie the Pooh,
2
19080
2616
就像克里斯多夫羅賓和維尼熊,
00:21
and your imagination
fueled endless adventures?
3
21720
2800
且你的想像力創造出了
無盡的冒險旅程?
00:25
What could be more innocent than that?
4
25640
2400
還有什麼比那更純真的?
00:28
Well, let me introduce you
to my friend Cayla.
5
28800
4800
讓我介紹我的朋友
凱拉給各位認識。
00:34
Cayla was voted toy of the year
in countries around the world.
6
34600
3456
凱拉是全世界各國
票選出來的年度玩具。
00:38
She connects to the internet
and uses speech recognition technology
7
38080
3576
她能連上網路,使用聲音辨識技術
00:41
to answer your child's questions,
8
41680
2136
來回答你的孩子問的問題,
00:43
respond just like a friend.
9
43840
1960
就像個朋友一樣做出回應。
00:46
But the power doesn't lie
with your child's imagination.
10
46920
3656
但力量並不是來自
你的孩子的想像力。
00:50
It actually lies with the company
harvesting masses of personal information
11
50600
4536
力量是來自背後的公司
取得你的家人在安全的家中
00:55
while your family is innocently
chatting away in the safety of their home,
12
55160
5536
很無心地從聊天中釋出的
大量個人資料,
01:00
a dangerously false sense of security.
13
60720
2480
這是一種很危險的虛假安全感。
01:04
This case sounded alarm bells for me,
14
64840
2656
這個案例讓我有所警戒,
01:07
as it is my job to protect
consumers' rights in my country.
15
67520
3200
因為我的工作就是要保護
國內消費者的權益。
01:11
And with billions of devices such as cars,
16
71800
3496
預計在 2020 年,
有數十億種裝置都會上網,
01:15
energy meters and even vacuum cleaners
expected to come online by 2020,
17
75320
5096
包括汽車、電度錶,
甚至真空吸塵器,
01:20
we thought this was a case
worth investigating further.
18
80440
3936
因此,我們認為這個案例
值得進一步調查。
01:24
Because what was Cayla doing
19
84400
1896
因為,凱拉知道了這麼多
01:26
with all the interesting things
she was learning?
20
86320
2536
有趣的資訊之後,會拿來做什麼?
01:28
Did she have another friend she was
loyal to and shared her information with?
21
88880
3640
她還對另一位朋友忠誠,
且會分享資訊給他嗎?
01:33
Yes, you guessed right. She did.
22
93640
2776
是的,你猜對了,就是這樣。
01:36
In order to play with Cayla,
23
96440
2096
如果要和凱拉玩,
01:38
you need to download an app
to access all her features.
24
98560
3000
你就必須要下載一個應用程式
來使用她的特色功能。
01:42
Parents must consent to the terms
being changed without notice.
25
102280
3840
父母必須要同意一些條款,
這些條款有改變時不會通知。
01:47
The recordings of the child,
her friends and family,
26
107280
3776
孩子、孩子的朋友
及家人被錄下的對話
01:51
can be used for targeted advertising.
27
111080
1960
可以被用來做精準廣告投放。
01:54
And all this information can be shared
with unnamed third parties.
28
114080
4960
所有這些資訊都可以
和不知名的第三方分享。
01:59
Enough? Not quite.
29
119760
2120
夠了嗎?還不只如此。
02:02
Anyone with a smartphone
can connect to Cayla
30
122880
4296
任何有智慧手機的人,
都可以在一定的距離內
和凱拉連線。
02:07
within a certain distance.
31
127200
1600
02:09
When we confronted the company
that made and programmed Cayla,
32
129560
4576
我們質問製造凱拉
和為她設計程式的公司,
02:14
they issued a series of statements
33
134160
2256
他們發佈了一系列的聲明,
02:16
that one had to be an IT expert
in order to breach the security.
34
136440
4120
宣稱只有資訊科技專家
才有可能危及其安全性。
02:22
Shall we fact-check that statement
and live hack Cayla together?
35
142039
3921
我們應該要驗證這個聲明,
同時在現場駭入凱拉的系統嗎?
02:29
Here she is.
36
149920
1200
這就是她。
02:32
Cayla is equipped with a Bluetooth device
37
152200
3376
凱拉有內建藍芽裝置,
02:35
which can transmit up to 60 feet,
38
155600
2216
傳輸距離是 60 英呎,
02:37
a bit less if there's a wall between.
39
157840
2616
如果有牆壁阻隔的話,
距離會再短一點。
02:40
That means I, or any stranger,
can connect to the doll
40
160480
5296
那就表示,我,或任何陌生人,
能和凱拉娃娃連線,
02:45
while being outside the room
where Cayla and her friends are.
41
165800
3736
就算不和凱拉及她的朋友
在同一房間中。
02:49
And to illustrate this,
42
169560
2176
為了說明這一點,
02:51
I'm going to turn Cayla on now.
43
171760
2136
我現在要把凱拉啟動。
02:53
Let's see, one, two, three.
44
173920
1800
咱們來看看,一、二、三。
02:57
There. She's on. And I asked a colleague
45
177040
1976
好了,她開機了。
我請個同事帶著智慧手機站在外面,
02:59
to stand outside with his smartphone,
46
179040
2096
03:01
and he's connected,
47
181160
1240
他連線了,
03:03
and to make this a bit creepier ...
48
183320
2096
還可以再做到更毛骨悚然一點……
03:05
(Laughter)
49
185440
4056
(笑聲)
03:09
let's see what kids could hear Cayla say
in the safety of their room.
50
189520
4920
咱們來看看孩子們在安全的房間中
能聽到凱拉說什麼。
03:15
Man: Hi. My name is Cayla. What is yours?
51
195920
2896
男子:嗨,我是凱拉,
你叫什麼名字?
03:18
Finn Myrstad: Uh, Finn.
52
198840
1320
芬恩默斯塔:呃,芬恩。
03:20
Man: Is your mom close by?
53
200960
1296
男子:你媽媽在附近嗎?
芬恩:不在,她在店裡。
03:22
FM: Uh, no, she's in the store.
54
202280
1480
03:24
Man: Ah. Do you want
to come out and play with me?
55
204680
2376
男子:啊。你想要出來跟我玩嗎?
03:27
FM: That's a great idea.
56
207080
1480
芬:好主意。
03:29
Man: Ah, great.
57
209720
1200
男子:啊,太好了。
03:32
FM: I'm going to turn Cayla off now.
58
212480
2136
芬恩:現在我要把凱拉關機了。
03:34
(Laughter)
59
214640
1200
(笑聲)
03:39
We needed no password
60
219080
2736
我們不需要密碼,
03:41
or to circumvent any other
type of security to do this.
61
221840
3560
也不用規避任何其他
安全機制就能做到這樣。
03:46
We published a report
in 20 countries around the world,
62
226440
3816
我們在全世界二十個國家
刊出了一篇報導,
03:50
exposing this significant security flaw
63
230280
2976
揭露出這項重大的安全瑕疵,
03:53
and many other problematic issues.
64
233280
1760
以及許多其他有問題的議題。
03:56
So what happened?
65
236000
1240
所以,結果呢?
03:57
Cayla was banned in Germany,
66
237840
1640
德國下了對凱拉的禁令,
04:00
taken off the shelves
by Amazon and Wal-Mart,
67
240480
3216
亞馬遜和沃爾瑪都將它全面下架,
04:03
and she's now peacefully resting
68
243720
3056
現在,她很安詳地在柏林的
04:06
at the German Spy Museum in Berlin.
69
246800
3456
德國間諜博物館中長眠。
04:10
(Laughter)
70
250280
2776
(笑聲)
04:13
However, Cayla was also for sale
in stores around the world
71
253080
4296
然而,在我們的報告刊出之後,
有超過一年的時間,
04:17
for more than a year
after we published our report.
72
257400
3576
在全世界其餘的店家裏
仍然可以買到凱拉。
04:21
What we uncovered is that
there are few rules to protect us
73
261000
4256
我們發現的是,
保護我們的規則非常少,
04:25
and the ones we have
are not being properly enforced.
74
265280
3360
而存在的那些規則
又沒有被妥當執行。
04:30
We need to get the security
and privacy of these devices right
75
270000
3856
在這些裝置進入市場之前,
我們得先把它們的
安全性和隱私性做好,
04:33
before they enter the market,
76
273880
2856
04:36
because what is the point
of locking a house with a key
77
276760
3976
因為,如果任何人都能
透過連結的裝置來進入房子,
04:40
if anyone can enter it
through a connected device?
78
280760
2920
那用鑰匙把房子鎖上又有什麼意義?
04:45
You may well think,
"This will not happen to me.
79
285640
3296
你可能會想:
「這不會發生在我身上。
04:48
I will just stay away
from these flawed devices."
80
288960
2600
我會和這些有瑕疵的
裝置保持距離。」
04:52
But that won't keep you safe,
81
292600
2056
但那並不表示你就是安全的,
04:54
because simply by
connecting to the internet,
82
294680
3176
因為只要連上網路,
04:57
you are put in an impossible
take-it-or-leave-it position.
83
297880
4576
你就被放在一個
「不要就拉倒」的困難位置上。
05:02
Let me show you.
84
302480
1200
讓我展示給各位看。
05:04
Like most of you,
I have dozens of apps on my phone,
85
304400
3096
跟大部分人一樣,我的手機上
有一大堆應用程式,
05:07
and used properly,
they can make our lives easier,
86
307520
2856
妥當使用它們可以讓生活更簡易、
05:10
more convenient and maybe even healthier.
87
310400
2440
更方便,可能還會更健康。
05:13
But have we been lulled
into a false sense of security?
88
313960
3520
但我們是否被誤導入
一種虛假的安全感呢?
05:18
It starts simply by ticking a box.
89
318600
2440
一開始只是簡單的勾選動作。
05:21
Yes, we say,
90
321880
1776
是的,我們宣稱已閱讀過條款了。
05:23
I've read the terms.
91
323680
1440
05:27
But have you really read the terms?
92
327240
3040
但你真的閱讀過條款嗎?
05:31
Are you sure they didn't look too long
93
331200
2296
還是其實是:條款看來太長了,
05:33
and your phone was running out of battery,
94
333520
2056
你的手機快要沒電了,
05:35
and the last time you tried
they were impossible to understand,
95
335600
3216
且上次你試著閱讀條款,
實在無法看懂,
05:38
and you needed to use the service now?
96
338840
1840
而你現在就需要用這項服務?
05:41
And now, the power
imbalance is established,
97
341840
3656
權力的不平衡就這麼建立了,
05:45
because we have agreed
to our personal information
98
345520
3656
因為我們已經同意讓個人資訊
05:49
being gathered and used
on a scale we could never imagine.
99
349200
3120
被以我們永遠無法想像的
規模來收集和使用。
05:53
This is why my colleagues and I
decided to take a deeper look at this.
100
353640
3696
這就是為什麼我和我同事
決定要深入了解這個狀況。
05:57
We set out to read the terms
101
357360
3336
我們開始閱讀一般手機上的
06:00
of popular apps on an average phone.
102
360720
2696
熱門應用程式的條款。
06:03
And to show the world
how unrealistic it is
103
363440
3736
為了讓世界看到,
認為消費者會真的閱讀條款
06:07
to expect consumers
to actually read the terms,
104
367200
3216
是多麼不切實際的期望,
06:10
we printed them,
105
370440
1496
我們便把條款印出來,
印了超過九百頁,
06:11
more than 900 pages,
106
371960
1840
06:14
and sat down in our office
and read them out loud ourselves,
107
374800
3600
坐在辦公室中,自己大聲讀出來,
06:19
streaming the experiment
live on our websites.
108
379800
2536
在我們的網站上直播這項實驗。
06:22
As you can see, it took quite a long time.
109
382360
2536
如各位所見,做這件事
花了好長的時間。
06:24
It took us 31 hours,
49 minutes and 11 seconds
110
384920
4416
我們花了 31 小時 49 分鐘 11 秒
06:29
to read the terms on an average phone.
111
389360
2576
才把一支一般手機上的條款讀完。
06:31
That is longer than a movie marathon
of the "Harry Potter" movies
112
391960
4376
這比《哈利波特》系列
加上《教父》系列的
06:36
and the "Godfather" movies combined.
113
396360
2496
電影馬拉松都還要久。
06:38
(Laughter)
114
398880
1400
(笑聲)
06:41
And reading is one thing.
115
401600
1936
且,閱讀只是閱讀,
06:43
Understanding is another story.
116
403560
1976
並不等於了解了。
06:45
That would have taken us
much, much longer.
117
405560
3576
了解要花的時間還要更長許多。
06:49
And this is a real problem,
118
409160
1776
這是個真實的問題,
06:50
because companies have argued
for 20 to 30 years
119
410960
3216
因為,二三十年來,
企業一直提出理由
06:54
against regulating the internet better,
120
414200
3056
反對將網際網路做更好的規制,
06:57
because users have consented
to the terms and conditions.
121
417280
3160
就是因為用戶已同意了條件和條款。
07:02
As we've shown with this experiment,
122
422520
1976
正如我們用這個實驗展示的,
07:04
achieving informed consent
is close to impossible.
123
424520
2880
要做到真的知情同意,幾乎不可能。
07:09
Do you think it's fair to put the burden
of responsibility on the consumer?
124
429080
3524
你們認為把責任的重擔
推給消費者是公平的嗎?
07:14
I don't.
125
434000
1736
我不認為。
07:15
I think we should demand
less take-it-or-leave-it
126
435760
3096
我認為,我們應該要求
減少「不要就拉倒」,
07:18
and more understandable terms
before we agree to them.
127
438880
3176
增加大家看得懂的條款,
然後我們才做出同意。
07:22
(Applause)
128
442080
1536
(掌聲)
07:23
Thank you.
129
443640
1200
謝謝。
07:28
Now, I would like to tell you
a story about love.
130
448200
4880
接著,我要跟各位說
一個關於愛的故事。
07:34
Some of the world's
most popular apps are dating apps,
131
454080
3536
有些世上最熱門的應用程式
是約會應用程式,
07:37
an industry now worth more than,
or close to, three billion dollars a year.
132
457640
4640
目前這產業的年產值
約是三十億美金。
07:43
And of course, we're OK
sharing our intimate details
133
463160
4176
當然,我們願意分享
我們的個人細節資訊
給自己的伴侶。
07:47
with our other half.
134
467360
1240
07:49
But who else is snooping,
135
469240
1976
但當我們在掏心掏肺
展露内心世界時,
07:51
saving and sharing our information
136
471240
2936
還有誰在窺探、儲存,
並分享我們的資訊?
07:54
while we are baring our souls?
137
474200
1640
07:56
My team and I decided to investigate this.
138
476520
2200
我和我的團隊決定要調查這件事。
08:00
And in order to understand
the issue from all angles
139
480920
3016
為了從各角度了解這個議題,
08:03
and to truly do a thorough job,
140
483960
2240
並真正做到透徹完整,
08:07
I realized I had to download
141
487400
1976
我知道我自己必須要下載
08:09
one of the world's
most popular dating apps myself.
142
489400
3440
世界上最熱門的約會
應用程式之一。
08:14
So I went home to my wife ...
143
494440
2296
所以我回家找我太太……
08:16
(Laughter)
144
496760
1936
(笑聲)
08:18
who I had just married.
145
498720
1656
我們才新婚。
08:20
"Is it OK if I establish a profile
on a very popular dating app
146
500400
4616
「我可不可以在一個非常熱門的
約會應用程式上建立個人檔案,
08:25
for purely scientific purposes?"
147
505040
1896
單純是科學研究用途?」
08:26
(Laughter)
148
506960
1856
(笑聲)
08:28
This is what we found.
149
508840
1496
這是我們的發現。
08:30
Hidden behind the main menu
was a preticked box
150
510360
3976
藏在主選單背後的,
是一個預先打勾的選項,
08:34
that gave the dating company access
to all my personal pictures on Facebook,
151
514360
6056
打勾表示這間約會公司可以取得
我在臉書上的所有個人照片,
08:40
in my case more than 2,000 of them,
152
520440
2856
我臉書上的照片就有兩千張以上,
08:43
and some were quite personal.
153
523320
2120
有些真的是很私人的。
08:46
And to make matters worse,
154
526400
2216
更糟糕的是,
08:48
when we read the terms and conditions,
155
528640
2056
當我們閱讀條件與條款時,
我們有下列發現,
08:50
we discovered the following,
156
530720
1376
08:52
and I'm going to need to take out
my reading glasses for this one.
157
532120
3120
這次我得要拿出我的閱讀眼鏡。
08:56
And I'm going to read it for you,
because this is complicated.
158
536400
2936
我會唸給各位聽,因為這很複雜。
08:59
All right.
159
539360
1200
好。
09:01
"By posting content" --
160
541440
1536
「凡是張貼出內容」——
09:03
and content refers to your pictures, chat
161
543000
1976
內容指的是你的照片、聊天對話,
和約會服務上的其他互動——
09:05
and other interactions
in the dating service --
162
545000
2216
09:07
"as a part of the service,
163
547240
1256
「做為服務的一部分,
就表示你自動允許本公司、
09:08
you automatically grant to the company,
164
548520
1976
09:10
its affiliates, licensees and successors
165
550520
2176
其附屬機構、授權者、繼承者
一項不可撤回的」——
09:12
an irrevocable" -- which means
you can't change your mind --
166
552720
3616
意思是你不能改變心意——
09:16
"perpetual" -- which means forever --
167
556360
2776
「永久」——意思是永遠——
09:19
"nonexclusive, transferrable,
sublicensable, fully paid-up,
168
559160
2896
「非獨家、可轉移、
可再授權、完全已付清、
09:22
worldwide right and license
to use, copy, store, perform,
169
562080
2696
全球性的權利和許可,
可以使用、複製、儲存、演出、
09:24
display, reproduce, record,
170
564800
1336
展示、重製、記錄、播放、
改編、修改,及發行該內容,
09:26
play, adapt, modify
and distribute the content,
171
566160
2216
製作該內容的衍生作品,
或把該內容整合到其他作品中,
09:28
prepare derivative works of the content,
172
568400
1936
09:30
or incorporate the content
into other works
173
570360
2016
並允許和授權將上述許可
09:32
and grant and authorize sublicenses
of the foregoing in any media
174
572400
3056
再授權給任何現在已知
或之後創造出的媒體。」
09:35
now known or hereafter created."
175
575480
1560
09:40
That basically means
that all your dating history
176
580640
3816
基本上,意思就是你的
所有約會歷史記錄
09:44
and everything related to it
can be used for any purpose for all time.
177
584480
5080
以及其相關的一切,
隨時都能被用在任何目的上。
09:50
Just imagine your children
seeing your sassy dating photos
178
590520
4976
想像一下,
你的孩子在二十年後,
在生育控制廣告上
09:55
in a birth control ad 20 years from now.
179
595520
2560
看到你的狂野約會照片。
10:00
But seriously, though --
180
600400
1216
但,說真的——
10:01
(Laughter)
181
601640
1600
(笑聲)
10:04
what might these commercial
practices mean to you?
182
604880
2360
這些商業的做法
對你而言有什麼意涵?
10:08
For example, financial loss:
183
608320
2240
比如,財務損失:
10:11
based on your web browsing history,
184
611480
1696
根據你的網頁瀏覽記錄,
10:13
algorithms might decide
whether you will get a mortgage or not.
185
613200
2960
演算法可以決定
你是否能取得抵押借款。
10:16
Subconscious manipulation:
186
616840
1480
潛意識操控:
10:19
companies can analyze your emotions
based on your photos and chats,
187
619560
3696
企業可以根據你的照片
和聊天對話來分析你的情緒,
10:23
targeting you with ads
when you are at your most vulnerable.
188
623280
3256
在你腦波最弱的時候,
針對你做精準廣告投放。
10:26
Discrimination:
189
626560
1496
歧視:
10:28
a fitness app can sell your data
to a health insurance company,
190
628080
3016
健身應用程式可以把你的資料
賣給健康保險公司,
10:31
preventing you from getting
coverage in the future.
191
631120
3056
使你未來無法投保某些保險項目。
10:34
All of this is happening
in the world today.
192
634200
2520
上述這些都是現今世界
正在發生的事。
10:37
But of course, not all uses
of data are malign.
193
637800
3336
但,當然,並非所有的
資料使用都是惡意的。
10:41
Some are just flawed or need more work,
194
641160
1976
有些只是有瑕疵或是需要再改善,
10:43
and some are truly great.
195
643160
1520
有些真的很棒。
10:47
And there is some good news as well.
196
647560
3696
也有一些好消息。
10:51
The dating companies
changed their policies globally
197
651280
3296
在我們提出法律投訴之後,
約會公司改變了它們全球的政策。
10:54
after we filed a legal complaint.
198
654600
1680
10:57
But organizations such as mine
199
657720
2696
但不可能到處都有像我的組織這種
11:00
that fight for consumers' rights
can't be everywhere.
200
660440
2976
為消費者權益奮戰的組織。
11:03
Nor can consumers fix this on their own,
201
663440
2536
消費者也無法靠自己解決這個問題,
11:06
because if we know
that something innocent we said
202
666000
3576
因為,如果知道我們無心說出的話
11:09
will come back to haunt us,
203
669600
1456
將來會回頭困擾我們,
我們就不會脫口而出了。
11:11
we will stop speaking.
204
671080
1896
11:13
If we know that we are being
watched and monitored,
205
673000
3376
如果我們知道自己被監看、監視著,
11:16
we will change our behavior.
206
676400
2096
我們會改變我們的行為。
11:18
And if we can't control who has our data
and how it is being used,
207
678520
3896
如果我們無法控制誰擁有我們的資料,
及資料會如何被使用,
11:22
we have lost the control of our lives.
208
682440
1840
我們就失去了我們人生的控制權。
11:26
The stories I have told you today
are not random examples.
209
686400
3496
今天我告訴各位的故事
並不是隨機發生的例子。
11:29
They are everywhere,
210
689920
1776
它們處處可見,
11:31
and they are a sign
that things need to change.
211
691720
2856
它們是一種徵兆,
表示改變是必要的。
11:34
And how can we achieve that change?
212
694600
2096
我們要如何達成那改變?
11:36
Well, companies need to realize
that by prioritizing privacy and security,
213
696720
5576
企業必須要知道,
如果它們把隱私和安全性
列為優先事項,
11:42
they can build trust
and loyalty to their users.
214
702320
2960
就能建立用戶的信任和忠誠度。
11:46
Governments must create a safer internet
215
706520
3096
政府必須通過確保執法和最新規則
11:49
by ensuring enforcement
and up-to-date rules.
216
709640
2880
以創造更安全的網際網路。
11:53
And us, the citizens?
217
713400
2216
那我們公民呢?
11:55
We can use our voice
218
715640
1816
我們能發聲來提醒世界,
11:57
to remind the world that technology
can only truly benefit society
219
717480
5096
科技若不能尊重基本權利,
12:02
if it respects basic rights.
220
722600
2600
就不可能真正讓社會受惠。
12:05
Thank you so much.
221
725720
1576
非常感謝大家。
12:07
(Applause)
222
727320
4080
(掌聲)
New videos
Original video on YouTube.com
關於本網站
本網站將向您介紹對學習英語有用的 YouTube 視頻。 您將看到來自世界各地的一流教師教授的英語課程。 雙擊每個視頻頁面上顯示的英文字幕,從那裡播放視頻。 字幕與視頻播放同步滾動。 如果您有任何意見或要求,請使用此聯繫表與我們聯繫。