Is IoT going to be squashed because of privacy concerns?
- Authorities getting edgy about privacy - on both sides of the Atlantic
- Chrome browser always 'listening' claim
- IoT take-up already affected by privacy concerns
Online privacy and security is always box-ticked as a concern by the experts previewing any new network application or technology, but tends only to discomfort the user in the street when the systems in question are up and running and abstract notions have turned into concrete threats.
IoT, along with online privacy generally, now appears to be hitting the concrete with moves to regulate under way in Europe while worries over snooping products and services are being brought to the attention of the US Federal Trade Commission (FTC).
Public interest groups such as EPIC (the Electronic Privacy Information Center) have taken up the privacy issue and are urging the FTC to action. EPIC cites a some apparently egregious current examples in its submissions, and points out that “Always On” consumer devices will continue to be a privacy threat unless checked.
“In the past weeks, EPIC has learned that Google’s Chromium browser contains code that routinely captures private communications. According to Rick Falkvinge, the founder of Sweden’s Pirate party, “Without consent, Google’s code had downloaded a black box of code that – according to itself – had turned on the microphone and was actively listening to your room… Google has conceded that the browser contained this code… and constantly “listens” to the user using the computer’s built-in microphone, and when the user speaks the words “OK Google,” Chromium activates a voice-to-text search function. This means that Chromium users are subject to constant voice recording in their private homes, without their permission or even their knowledge. “
It also cites other products and services, including Nest Cam, which will detect activities in users' homes by monitoring background noise, and Amazon's Echo,
In fact worries over privacy have been obvious - in a low key sort of way - since the beginning of the current phase of the IoT craze, but until very recently nobody seemed to get particularly upset about it.
At the beginning of the year at CES we noted that Samsung had announced a sweeping new IoT strategy: “Samsung CEO, BK Yoon… was enthusiastic about the upcoming ability to track IoT users and then sell them goods and services. His company would be investing over US$100 million to fund developers and create an open system in IoT, which of course Samsung would be curating and presumably harvesting the data.
Whether consumers will want their expensive gizmos to be digital spies, reporting back to Samsung on potential sales opportunities, is something the likes of BK Yoon seems not to have thought of.”
Maybe you have to see it to be scared of it - a verbal description of a Great White Shark attack is nothing. A hi res video of the same… another thing entirely.
On the other hand, I’ve always wondered what drives the mania for pixelating car licence plates in online pictures. These are, after all, supposed to be publically displayed as that’s their function. If your car’s number plate appears online, what bad things might happen that couldn’t happen in the real world (answers below).
So if naked license plates are a worry, how much more concerning - once the security possibilities become obvious - are those snooping gadgets and toys reporting back to Samsung? And what affect might all this concern have on the burgeoning IoT/M2M market.
According to Matt Hatton of M2M/IoT specialist, Machina Research, privacy regulation has been anticipated for some time, particularly in the EU, and Machina has already allowed for these issues in its IoT forecasts.
“But that is not to say that [security concerns] haven't slowed down adoption,” says Matt. “In many European countries, Germany for instance, it has resulted in a substantially slower adoption of smart metering. But that has been clear for a little while.”
TelecomTV also recently reported a marked slowdown at the fluffy end of the IoT market - people have already had enough (it seems) of home IoT gadgets, so those privacy worries might already be hitting hard.
But it’s the knock-on effect of the regulation that worries Matt Hatton.
“The big challenge with privacy-related regulation related to IoT is the uncertainty. Rules are largely being compiled with PC-based internet access in mind, rather than the IoT, and it's often not clear what the implications might be for IoT. For instance, the new EU General Data Protection Regulation (GDPR) talks about rules applying to any information on an "identified natural person", but it's unclear exactly how far that extends. Does it, for instance, cover a driver of a vehicle that uses a fleet management system?” asks Hatton.