New Hampshire’s questionable alert system   Recently updated !

This entry was posted in Commentary and tagged New Hampshire privacy technology on by

The state of New Hampshire has a system where you can sign up to get emergency alerts. In itself, that’s a good thing, but the way it’s run raises red flags. The registration site is on genasys.com, and registering requires providing more personal information than necessary. The probability is close to 1 that Genasys sells this information. It’s also easy to exploit the system to annoy people.

When you register, you’re required to give your first and last name and exact street address. There’s no reason for either. A Zip code would be sufficient to localize information. You can give false information and it won’t complain; I gave just initials (not mine) and the address of a public building in my area. You also have to give an email address and a phone number. I provided my spam-trap email address and real phone number. Some kind of contact information is necessary if you want alerts, but that brings us to the second problem.

The email I received from the system said “Registration successful! Your registration has been successfully completed, and you are now part of our network, helping us keep our community informed and safe. If at any point you wish to update your preferences or unsubscribe from specific alerts, you can easily manage your settings by logging into your portal.”

Notice what’s missing? Any attempt to confirm it was me who registered. Someone could engage in petty harassment by signing up people for unwanted alerts. Since they didn’t create the account and its password, they can’t log in. The best they can do is block email from that sender. Well-run sites always ask for confirmation by email when they get a subscription request.

Websites that collect personal information often sell it. When information from multiple sites is aggregated, it can provide extensive information about individuals. Genesys’s privacy policy offers no reassurance. They share information “to our customers” and “as part of a corporate business transaction.” They do say “We do not sell or share your personal information for direct marketing purposes,” but that still leaves a lot open. You can be sure they aren’t collecting your name and address just to increase their database storage requirements. In particular, nothing stops them from handing your information to an evil government agency.

Genasys also makes long range acoustic devices (LRAD) which Russia has tested as “sound cannons” on dogs, apparently with an eye to using them to disrupt protests. However, Genasys doesn’t seem to have been directly involved in this use of its devices.

If you sign up in spite of these concerns, I suggest giving a nickname, a nearby public street address, and a throwaway email address. Avoid giving someone else’s home address. And don’t install their app.

Leave a comment

Your email address will not be published. Required fields are marked *