Further Reading: Chapter 15 — Smart Devices and the Internet of Things

1. Zuboff, Shoshana. The Age of Surveillance Capitalism. PublicAffairs, 2019. (Chapters 9–12: "The Elaboration of Surveillance Capitalism")

Zuboff's analysis of the extension of surveillance capitalism from web data into physical space — including her examination of smart home devices, wearables, and the aspiration to "behavioral modification at ubiquitous scale." The specific chapters on the IoT expansion are among the most important in the book for this chapter's themes.

2. Hill, Kashmir. "Automakers Are Sharing Consumers' Driving Behavior With Insurance Companies." The New York Times, March 11, 2024.

The primary investigative journalism source for the GM/OnStar data case. Hill's reporting is methodically documented and includes specific customer testimonials about the insurance consequences of driving data sharing. Essential primary source for Case Study 15.2. Freely available from nytimes.com.

3. Mozilla Foundation. "*Privacy Not Included: Cars." 2023.

The comprehensive privacy review of 25 automobile brands that found all 25 failed minimum privacy standards. The methodology and findings are publicly available at foundation.mozilla.org. Provides the most comprehensive assessment of automobile data privacy practices from a consumer-facing research organization.

4. Krebs, Brian. "Who Makes the IoT Things Under Attack?" Krebs on Security, October 3, 2016.

A clear-eyed account of the Mirai botnet attack and the default-credential vulnerability that enabled it. Krebs's security journalism on IoT vulnerabilities is authoritative and accessible. This article and his subsequent coverage of IoT security provide the best journalistic account of the security dimensions of the IoT problem.

5. Verizon 2023 Data Breach Investigations Report. verizon.com/business/resources/reports/dbir/

Verizon's annual DBIR reports provide the most comprehensive statistical overview of data breaches, including those involving IoT devices. The reports break down breach patterns, attacker methods, and target industries. Essential empirical grounding for understanding the IoT security landscape.

6. Federal Trade Commission. Internet of Things: Privacy and Security in a Connected World. FTC Staff Report, January 2015.

An early but still relevant FTC analysis of IoT privacy and security, with policy recommendations. Predates many of the developments described in the chapter but provides the regulatory framework and the FTC's conceptual approach to IoT oversight. Freely available from ftc.gov.

7. Chan, Melissa. "Your Smart TV Knows What You're Watching." Time, February 15, 2019.

An accessible account of smart TV ACR technology, the Vizio FTC settlement, and the broader smart TV data landscape. A good companion to the chapter's treatment of ACR for readers who want a journalistic narrative alongside the analytical framework.

8. Buolamwini, Joy, and Timnit Gebru. "Gender Shades: Intersectional Accuracy Disparities in Commercial Gender Classification." Proceedings of the Conference on Fairness, Accountability, and Transparency (2018).

While focused on facial recognition rather than IoT specifically, this foundational study of how AI-powered surveillance systems perform differently across demographic groups is directly relevant to understanding how smart home and wearable AI systems may encode and reproduce inequality. Essential reading for the connection to Chapter 36.

9. Tene, Omer, and Jules Polonetsky. "A Theory of Creepy: Technology, Privacy, and Shifting Social Norms." Yale Journal of Law and Technology 16 (2013): 59–102.

A legal and behavioral analysis of when technology feels "creepy" — a concept that captures the subjective response to surveillance that theoretical frameworks sometimes miss. Particularly relevant for understanding how the IoT's physical intimacy changes the phenomenology of surveillance compared to web tracking. Accessible to non-lawyers.

10. Statt, Nick. "Amazon's Alexa Recorded a Private Conversation and Sent It to a Random Contact." The Verge, May 24, 2018.

The primary news account of the Portland false-activation incident described in Case Study 15.1. The article includes Amazon's explanation of the technical sequence that produced the inadvertent recording and transmission. Freely available online; a useful concrete illustration of the always-on architecture's failure modes.

Further Reading | Chapter 15 | Part 3: Commercial Surveillance