Virt-EU and IoT
Virt-EU is a shortening of Virtual Europe and is an project that addresses the ethical implications of the Internet of Things (IoT) for EU citizens.. By reviewing academic papers in the field of IoT, the project identifies three main ethical implication of IoT: (1) lack of personal data privacy (2) lack of data security (3) how the user is affected and what that could be done to address this. When addressing these implication the challenge is to balance corporation’s economic growth created by citizen’ data and the citizens data privacy and security. The project therefore argues for a solution that is composed in collaboration with several stakeholders, including corporation, legislators, citizens and the academic community.
Protecting user’s privacy when using Internet of Thing devices is challenging because of the ease of identifying personal information. Even if the data does not include name, address or other obvious information, it is relatively easy to re-identify the person. If you are using a smartphone or wearing a health tracking device, your identity can be determined, based on the data retrieved from sensors installed in smart phones or the devices. The reason is straightforward: each of us has a unique characteristic like the style of walking and where we walk.
Privacy do not catch the interest of authorities. Corporate counsel, regulators, and legislators have yet to face the reality that Internet of Things user’s private data may all be identifiable.
Research suggests that it is extremely difficult to achieve anonymization data of the Internet of Things, and to re-identify user’s information easier than expected. Researchers at MIT recently analyzed data from 1.5 million cell-phone users in Europe over fifteen months. They found that it was relatively easy to extract complete location information about the individual from an anonymized dataset. Due to the fact that advances in computer science makes it possible to attack and identify supposedly ‘anonymized’ databases. Thous making it insufficient to protect privacy with anonymity.
Some researchers suggest that we should distinguish information of user interacting with Internet of Thing to personal identifiable information and other data that is presumed not to reveal identity. This way, we can clearly identify which data that should be protected by rules, through a radical re-working of current laws and practices.
The scientific community recommends corporations to adopt an “ethical design” in their products that by design secures the user’s data security and privacy. The aim is to take technological designs into consideration, the ethical, legal, economical and technical aspects of smart objects both addressing users and companies producing them. The project argues for legal measures to implement such ethical design if corporation are unwilling to comply. Legislations remains a very effective tool to secure the rights of citizens and can be necessary. The challenge is to create awareness of the ethical implications of IoT, so it becomes an agenda among the politicians of EU.
In short, privacy laws is unprepared for the threats created by the Internet of Things. To address this issue, a set of regulation should be prepared.
Overall the perfect solution has not yet been found why it demands more research within all stakeholders ranging from corporations, legislators, citizens and the academic community. One thing stands clear, we need to keep momentum, increase awareness and most importantly make the general public and its contributors care about privacy in relation to IoT. Over time we see an agreement by all shareholders rejoining in using one type of privacy methodology in how we will use and collect data in the future.