Why Privacy is important and why its relevance is crucial to the Internet of things

Virt-EU and IoT

Virt-EU is a shortening of Virtual Europe and is an project that addresses the ethical implications of the Internet of Things (IoT) for EU citizens.. By reviewing academic papers in the field of IoT, the project identifies three main ethical implication of IoT: (1) lack of personal data privacy (2) lack of data security (3) how the user is affected and what that could be done to address this. When addressing these implication the challenge is to balance corporation’s economic growth created by citizen’ data and the citizens data privacy and security. The project therefore argues for a solution that is composed in collaboration with several stakeholders, including corporation, legislators, citizens and the academic community.                                                                                                                                                                                  

The user

Protecting user’s privacy when using Internet of Thing devices is challenging because of the ease of identifying personal information. Even if the data does not include name, address or other obvious information, it is relatively easy to re-identify the person. If you are using  a smartphone or wearing a health tracking device, your identity can be determined, based on the data retrieved from sensors installed in smart phones or the devices. The reason is straightforward: each of us has a unique characteristic like the  style of walking and where we walk.

Privacy

Privacy do not catch the interest of authorities. Corporate counsel, regulators, and legislators have yet to face the reality that Internet of Things user’s private data may all be identifiable.

Research suggests that it is extremely difficult to achieve anonymization data of the Internet of Things, and to re-identify user’s information  easier than expected. Researchers at MIT recently analyzed data from 1.5 million cell-phone users in Europe over fifteen months. They found that it was relatively easy to extract complete location information about the individual from an anonymized dataset. Due to the fact that advances in computer science makes it possible to attack and identify supposedly ‘anonymized’ databases. Thous making it insufficient to protect privacy with anonymity.

Security

Some researchers suggest that we should distinguish information of user interacting with Internet of Thing to personal identifiable information and other data that is presumed not to reveal identity. This way, we can clearly identify which data that should be protected by rules, through a radical re-working of current laws and practices.

Conclusions

The scientific community recommends corporations to adopt an “ethical design” in their products that by design secures the user’s data security and privacy. The aim is to take technological designs into consideration, the ethical, legal, economical and technical aspects of smart objects both addressing users and companies producing them. The project argues for legal measures to implement such ethical design if corporation are unwilling to comply. Legislations remains a very effective tool to secure the rights of citizens and can be necessary. The challenge is to create awareness of the ethical implications of IoT, so it becomes an agenda among the politicians of EU.

In short, privacy laws  is unprepared for the threats created by the Internet of Things. To address this issue, a set of regulation should be prepared.

Overall the perfect solution has not yet been found why it demands more research within all stakeholders ranging from corporations, legislators, citizens and the academic community. One thing stands clear, we need to keep momentum, increase awareness and most importantly make the general public and its contributors care about privacy in relation to IoT. Over time we see an agreement by all shareholders rejoining in using one type of privacy methodology in how we will use and collect data in the future.

Advertisements

Peer Review – PoliteInk

Summary – Ethical Design in the Internet of Things

The report describes the issues surrounding data collection done by The Internet of Things. Because of the easy access to WIFI, things is now able to accumulate data to databases through the internet. To ensure a minimum of security and privacy level, the author recommends a framework, inspired by Ethical design. This new approach will give help both the user and developer in navigating The Internet of Things.

Three Points of Critique

Firstly , the author uses the word “Things” several times, but do not describe what he means by it. “…in the evolution of the Internet to the Internet of Things (IoT) these risks are likely to become more relevant due to the large amount of data collected and processed by the ‘‘Things’’. (Page 1).

As a reader you start thinking “does the author actually know what things mean”. The consequence is that the authors understanding of things, might not be the same as the reader´s, which leads to a false interpretation of the text. A sentence where the author describes the meaning of things would be useful e.g. could be objects like a toaster with wifi, a bathroom scale with a LAN cable, or a thermometer with an USB connection.

Secondly, through the text, the author make statements, without reference. The introduction begins: “Public awareness of privacy risks in the Internet has increased while governing bodies are working on new sets of regulations to address concerns and gaps in the digital domain.” (page 2) Is this true? Maybe From the author’s point of view, maybe also his social circles, but this is not enough to state that this is the opinion of the general public. Having a “false” statement as the first sentence in the introduction, also make you think, where will it go from here.

Lastly, it seems like the author knows that the text is a bit heavy, and therefore tries to make the illusion of easy reading by adding an overview creating visualization: a table (page 8). But the table is wrongfully used, because it only provides a column for the headings, and a column for the text. This is no different than the normal way of ordering a text, and doesn’t provide anything, except the eyestrain of reading a fontsize 10 instead of that of 12 which used through the rest of the paper.