The IoT: Tech revolution or privacy nightmare?

Written by

The objects around us are becoming smarter by the day. Our computers and smartphones are no longer the only things hooked up to the internet; we now have connected cars, security systems, energy meters and even traffic lights. It’s early days, too; the future is bright and the potential untold.

Consumers and businesses are sold on the idea that this colossal network of devices and sensors will make their lives easier, cheaper and less busy. Bearing in mind some of the evidence we’ve already seen, it’s difficult to argue, but there is another view that must be considered.

Privacy in the digital age

Privacy is already a major concern for people living and companies operating in a wholly digital society. As the number of web-connected touchpoints continues to grow, though, how much privacy can we realistically expect?

The issue – if you believe one exists – lies in the harvesting of data. In order to be useful, every sensor has to collect information. It could be as simple as a person’s physical movement, or as complex as their driving style over the course of a year, but these devices are learning about us. They’re essentially watching us.

What then happens with this data? This is the main question that Edith Ramirez, chairwoman of the United States’ Federal Trade Commission, thinks we should be asking. “As more and more of our devices become smarter and smarter, it is essential we know as much about them as they know about us; that we understand what information the devices are collecting and how it is being used or shared,” she said.

An open policy is essential

Whether or not the IoT is fully embraced, and subsequently whether it fulfils its huge potential, though, comes down to how businesses go about handling data. There first must be the understanding that data collection is imperative for the IoT to work, but users must also be able to trust that their information is used only in ways that benefit them.

Step back 20 years and the data stored by businesses would be personal information readily provided by customers; hand-written names, numbers and addresses, used only for making contact. When everything is collected, though, it becomes much harder – if not, impossible – to track. This is why we can’t rely only on legislation to maintain security and privacy.

Cora Han, from the FTC’s privacy and identity protection division, thinks beneficiary businesses need to be as open as possible. “Your device may well need to collect information, and that’s fine, but you should be up front about it, and think about if you need to collect all that information, and how you store it, and whether it makes sense to dispose of it when you no longer need it,” she said.

The answer could be to incentivise the collection of data; give consumers a monetary reason to give up certain info. At least this way people understand what’s going on, and can relax knowing they’re benefiting directly.

What’s hot on Infosecurity Magazine?