Privacy Corner

The value of privacy in the age of Internet of Things

by Monica Rozenfeld, IEEE, May 11, 2014

Will the The Internet of Things create a completely new scenario for privacy? Let's find out

The Internet of Things promises many advances, such as the ability for consumers to keep track of their energy usage on their phones or receive alerts when milk is running low. Everything, including our homes and our heartbeats, will be monitored to make our lives easier and healthier.

But with the IoT, or what some call the “Internet of Everything,” companies are planning to turn information about our every move into valuable market data. Soon, personalized ads—like those that follow online users from one website to the next—are likely to follow us in text messages and on face-scanning screens as we walk down store aisles. Information such as the purchases we make, our genders and ages, and the places we frequent will be collected to inform us—whether we care to know or not—what we might want to buy next. Although some argue that this brings added value by personalizing the shopping experience, others believe such uses of the IoT are invasions of privacy.

“Privacy as we know it will have to be completely redefined,” says IEEE Senior Member Raul Colcher, CEO of Questera, an information technology consulting company in Rio de Janeiro. He advises businesses on how to handle privacy and security as the IoT evolves.

“The Internet of Things will create a completely new scenario for privacy and security that will need to be addressed,” Colcher says. He adds that we are already dealing with related issues, including companies collecting information about us from our online activity. But with the IoT, more of our information will be available. We’re likely to be sent reminders that, for example, we’re running low on shampoo or are overdue for a vacation.

The Future is here

Many IoT applications are already here. Sensor technology products for smarter homes, for example, can provide families with peace of mind, as their ads suggest. With just a click on a mobile device, users can activate a security system in a home, turn off lights while away on vacation, turn up the thermostat on a cold night while still an hour from home, or lock the front door from the driveway. Signals from all those sensors travel through a wireless network to be stored in the cloud, with the information analyzed and acted upon. And that can sometimes be problematic.

“Who is controlling what’s in the cloud? Do I trust my cloud-computing system?” asks IEEE Senior Member Neeli Prasad, vice president at SAI Technology, a developer of mobile cloud network systems in Santa Clara, Calif. “Do I trust the people who have access to my information?”

If privacy is of great concern, individuals may have to become their own service providers, says Prasad. She sees a trend toward home cloud-computing systems in which individuals store their information privately instead of relying on companies. “That way, we can choose what information leaves our homes and becomes part of the public cloud and what doesn’t.”

Many new products on the market, including the video-streaming service Hulu and the Nike Fuelband, which monitors exercise activity, give consumers the option to sync those products with their social networks and mobile phones, essentially storing that information in cloud systems and databases. Thus, they can share information with the public about what TV shows they watch or how much they exercise. Or not. “Users can deny this option,” Prasad says. One example is the recent news that consumers will be able to opt out of Wi-Fi tracking that allows companies to collect information about the places people visit and the purchases they make through their smartphones.

Concern over unauthorized access to private information is not increasing, she says. There is just more of it to worry about. “Sometimes the shadow of a new technology and its applications are scarier than the thing itself,” she says. Moreover, not every application is intended to sell us something or observe our private lives. For example, law enforcement can track a missing person by accessing the GPS coordinates in a smartphone. (So can relatives and friends who have security access via a mobile app, such as Find My iPhone.)

A precautionary tale

Not all are as optimistic as Prasad about the future of the IoT. While users may have control over who in the general public sees their information, the bigger concern for consumer privacy expert Katherine Albrecht is the question of who owns the data. She is an executive with StartPage, a search engine that does not collect or share personal information, and StartMail, an encrypted e-mail service.

An article coauthored with IEEE Senior Member Katina Michael, “Connected: To Everyone and Everything,” in the Winter 2013 issue of IEEE Technology and Society Magazine, puts Albrecht’s concern bluntly: “[Consumers] may think we’re in charge of our shopper cards and our mobile apps and our smart fridges—but … let’s not fool ourselves. [The information] is not ours. It belongs to Google, and IBM, and Cisco Systems…and the global Mega-Corp that owns your local supermarket. If you don’t believe us, just try removing ‘your’ data from their databases.”

Michael is the associate dean international of the University of Wollongong Faculty of Engineering and Information Sciences, in Australia, and editor in chief of IEEE Technology and Society Magazine.

To prepare for the interconnected future, businesses and governments are outlining measures to be taken while new policies are developed. The European Union, for example, outlined such measures in its report “IoT Privacy, Data Protection, Information Security,” published in January 2013. One recommendation is to develop privacy-friendly default settings on IoT products and services that would give users more control over what information is shared with others. Furthermore, it suggests that IoT networks give individuals the rights to their own data. In 2012, participants at the Open IoT Assembly—an initiative to envision a future with the IoT—developed an “IoT Bill of Rights” at a two-day conference in London that calls for transparency of IoT processes and the preservation of privacy. It also calls for people to have access to their personal data.

Despite potential risks to privacy, companies are betting their customers will see the advantages that the IoT will bring them, says Colcher. But some groups advocate that consumers have the power to slow down or even stop the advancement of the IoT. Not Colcher. “The inclusion of the IoT all around us is inevitable,” he says. “The only thing to do now is to prepare the best we can.”


Source: IEEE

comments powered by Disqus

Subscribe for Newsletter

Stay connected to the best business technology content every week. Subscribe to our daily newsletter now!

Slide Shows

Upcoming Webcast

What the next generation firewall should be!

Cisco invites you to participate in an interesting, informative webinar focused on Cisco’s latest firewall services. This session focuses on enabling you to understand the new capabilities, including Application Visibility and Control (AVC), Intrusion Prevention (IPS), and Web Security Essentials (WSE), to the ASA 5500-X Series demonstrated by Cisco experts. They will take you through the unique traits of Cisco ASA that will help you to be prepared for the advanced challenges. Speakers: Srikanta Prasad, Subject Matter Expert – Security,Cisco Date & Time: October 10, 2014, 3:00pm India Time