The vision of the IoT that captures futurists is one where everything is interconnected. However there are some major obstacles to this vision being realised – privacy, security and transferring decision-making to machines.
The current stink over the US National Security Agency’s gathering of ‘meta-data’ from telco’s highlights the potency of the data privacy issue in terms of both hazard and outrage. People should be concerned about who has their personal information and what they do with it. But the outrage over what the U.S. Government is doing should be a prompt for people to consider who else has their personal information and under what terms. Furthermore, there needs to be greater awareness of the value of this private information, as huge businesses have evolved to take advantage of valuable data that people are providing effectively for free. Yep, that’s a multi-faceted rant only partly related to the issue at hand.
This is background to the real issue for the IoT, in that much of the data that is of value must be gathered within privacy constraints. Locational data for private individuals is both highly valuable and highly sensitive – this is why many smartphone applications will prompt users to acknowledge when their location is to be shared. For sensors which do not have a smartphone-like interaction with users, this acknowledgement is difficult to obtain, effectively preventing a more widespread rollout OR promoting less-scrupulous behaviour in terms of monitoring without permission. As an outcome, there are constraints on IoT businesses in terms of:
- What data they can capture without infringing upon people’s privacy
- Undertaking the challenge in gaining people’s (conscious) endorsement for use of their data
- Putting their business at risk of people’s outrage once they suspect their data is being captured or used against their wishes (regardless of whether this is the case)
Security is a similar issue but from the data gatherer’s perspective – what people/entities are going to gain access to their systems and what are they going to do when they get there? As an outcome, the IoT utopia of total connectivity is (rightly) impaired by protections applied to various data interactions.
As an example of the parallel nature of the privacy/security issues, consider the issue of home security. The perfect IoT solution may be a keyless security system that simply recognises the rightful occupants as they pass in an out of the residence, likely via their smartphone. This system may use a smartphone app that would monitor the movement of the residents – in a worse-case scenario this information may be used by organised crime to either gain access to unoccupied residences or even to facilitate an insurance fraud.
Verizon already offer a remote home security solution linked to an individual’s smartphone, which brings us to the next constraint – to what extent are people comfortable with handing control over to the machines?
For systems with national security implications this has long been a challenge that is dealt with by retaining ultimate control at human level. In the doomsday scenario, we simply can’t have the future of the planet being decided by a machine code “if/then” statement. By extension, individuals, companies and governments are unlikely to cede ultimate control over to machines – predominantly due to the perceived or real risks outlined above relating to privacy and security.
The outcome from this is a proliferation of standards and operating systems that are unique to each industry sector/application, that address issues specific to these sectors/applications, resulting in major obstacles to streamlined communication between devices, particularly at the total system level.
As the practical level I find that this translates to sector-specific solutions that may be addressed through integration hubs, but more often stop far short of the IoT vision that some would have you believe.
There’s still plenty of opportunity in the space however, which will be the subject of my next IoT post.