The COVID-19 pandemic has had a huge impact on travel, canceling business trips and vacations alike for almost a year. When it’s all over, we’ll return to physical meetings and finally book the trips we’ve been dying to take. Our pent-up need to get out and live again will likely drive a major recovery for the travel industry. That industry, however, has taken on a slightly different shape. COVID-19 has not only affected the physical aspects of travel but the digital, as well, introducing several new potential privacy risks to be aware of.
With the need to follow the spread of infection and monitor the pandemic, different methods of tracking people were introduced. Whether you have to register online to eat at a restaurant or write your name and address details on paper on entering a bar, you’re handing your personal data to unknown people. Even though the intended purpose is for medical professionals to have access to this data to fight the further spread of infection, we’ve seen unauthorized access to such data by venue staff as well as police. Unavoidable tracking of physical location poses a huge threat to privacy that has not been solved. In fact, criminals may also be able to access such data and use it to further attacks like phishing, spam or ransomware attacks.
What’s more, some countries require travelers to undergo medical tests or to share private information, sometimes by having them install tracking apps on their mobile devices, which can enable permanent, targeted surveillance. Such policies could remain long past the pandemic in some countries.
Tracking apps can allow various functionalities; they can acquire real-time location data, and also access the data on your smartphone. There may be other future uses for such tracking, such as within law enforcement. We’ll have to monitor how they are used later on.
In one interesting respect, the pandemic and subsequent restrictions may have actually removed a privacy risk. Last year, we conducted a study on “visual and audible hacking” (aka “shoulder surfing”), a common travel risk. With social distancing requirements and policies still active in many countries and aboard various modes of transportation, such snooping will be harder. Of course, if social distancing restrictions are relaxed, travelers will once again need to take precautions to avoid shoulder surfing.
Digitization of the travel industry didn’t just begin with the pandemic, nor is it relegated to the world of tracking COVID-19 infections. From buying tickets to the equipment in your hotel room, travel is becoming more and more digital—and introducing more and more risks. There are some other important considerations to keep in mind when leaving your home.
With the increase in smart technologies, you may already be overwhelmed by all the technology you have at home. It gets much worse in places you don’t own, since you have no control over the IoT-enabled devices around you, at all. Is there a smart TV with a camera in your room? What about smart air controls, voice assistants, entertainment offerings and all the other “little helpers” integrated in modern accommodations? All of them can be a threat to your privacy or cause a security problem if you connect your own devices to them. Even a power outlet with a USB port to charge your phone may be a risk, either in terms of security or the physical health of your device. Hotels and event locations are also using the current quiet period of reduced and/or restricted travel to renovate and upgrade their venues, which means we may see more such technologies when we return.
Free Wi-Fi is convenient, especially when you’re traveling. But did you ever wonder who controls the network you’re connected to? What type of data you share with the websites you’re opening? Connecting via unsecured Wi-Fi gives criminals an easy opportunity snoop on your traffic, collect sensitive data or even try to attack your devices. Using encryption, not only on your device, but also on your remote connections, should be as essential as your ticket while flying.
The Self-Service Concierge
Nowadays, hotels often offer publicly accessible self-service kiosks. These are usually tablets or a computer. The idea is simple: you log in to your email account (or wherever you may have stored your ticket), you open the digital ticket and print. But did you forget something? Logging out and clearing browsing data may easily be forgotten due to the stress of checking out. However, I’ve experienced many such devices that retain full access to all that data, like email, documents and calendars.
Even before the pandemic, ensuring that you were communicating with the right person in the digital world was difficult, and in many cases, phishers and other scammers took advantage of this vulnerability. People became even more vulnerable in 2020. Criminals jumped on the opportunity to use the pandemic to make a profit using social engineering to trick people into revealing information. There have been cases of fake emails regarding canceled flight refunds, fake messages from government entities and those pretending to sell N95 masks.
The pandemic forced the introduction of new restrictions and digital processes to protect citizens’ health, and this, in turn, has altered the future of travel. The effects will last far beyond the end of the pandemic. Protecting yourself in the physical and digital worlds when you get back on the road will be more important than ever.