How to save the world from IoT

Excutive summary

 

Why we should care about The Internet of Things

Data is now the foundation of many modern business models. Corporations are selling intelligent object for their costumers which are specifically designed for extracting valuable data about their behavior. This phenomenon has been coined the Internet of Things (IoT) and includes products like smart watches, phones, cars and fridges. It is a business practice that has been growing silently without being questioned in terms of its ethical consequences for the users of the intelligent objects. As a consequence; citizens, corporation and politicians are left unaware and paralyzed has to how exactly they are to respond to the internet of things so it fosters prosperity for society as whole.

The aim of Project Virtue-EU is to clearly identify the challenges of IoT and offers solutions to these so it nurtures prosperity for all affected stakeholders

Corporations are using data for betting segmenting, creating innovation and grow their business.

 

IoT describes the incorporation of intelligent objects in citizens daily life, such as smart watches, that can track and store data on their behavior.

 

This virtually invisible practice has been growing the last decade without being questioned in terms of their ethical consequences for citizens. The project VIRT-EU was thus launched to clearly identify the

 

Virt-EU is an project that addresses ethical implications of the Internet of Things (IoT) for EU citizens. IoT describes the incorporation of intelligent objects in citizens daily life, such as smart watches, that can track and store data on their behavior. By reviewing academic papers in the field of IoT, the project identifies three main ethical implication of IoT: (1) lack of personal data privacy (2) lack of data security (3) data being monetized without fair compensation. When addressing these implication the challenge is to balance corporation’s economic growth created by citizen’ data and the citizens data privacy and security. The project therefore argues for a solution that is composed in collaboration with several stakeholders, including corporation, legislators, citizens and the academic community.

The scientific community recommends corporations to adopt an “ethical design” in their products that by design secures the user’s data security and privacy. The aim is to contextualize new technological designs taking into consideration, the ethical, legal, economical and technical aspects of smart objects both addressing users and companies producing them. However, the project argues for legal measures to implement such ethical design if corporation are unwilling to comply. Legislations remains a very effective tool to secure the rights of citizens and can be necessary. The challenge is in this regard is to create awareness of the ethical implications of IoT, so it becomes an agenda among the politicians of EU.

Privacy Law is unprepared

Protecting user’s privacy when using Internet of Thing devices is challenging because of the ease of identifying personal information. Even if the data does not include name, address or other obvious information, it would be relatively easy to re-identify the person. Assuming you are using a smartphone or wearing a health tracking device, someone can easily determine your identity, simply based on the data they retrieve from sensors installed in smart phones or the devices. The reason is straightforward: each of us has a unique characteristic like the  style of walking and where we walk.

Research suggests that anonymization of Internet of Things data is extremely difficult to  achieve, and to re-identify user’s information is far easier than expected. Researchers at MIT recently analyzed data from 1.5 million cell-phone users in Europe over fifteen months. They found that it was relatively easy to extract complete location information about the individual from an anonymized dataset. Due to the fact that advances in computer science makes it possible to attack and identify supposedly ‘anonymized’ databases. Thous making it insufficient to protect privacy with anonymity.

Privacy do not catch the interest of authorities. Corporate counsel, regulators, and legislators have yet to face the reality that Internet of Things user’s private data may all be identifiable. In short, privacy law—both on the books and on the ground ???– is unprepared for the threats created by the Internet of Things. To address this issue, a set of regulation should be prepared.

Some researchers suggest that we should distinguish information of user interacting with Internet of Thing to personal identifiable information and other data that is presumed not to reveal identity. This way, we can clearly identify which data that should be protected by rules, through a radical re-working of current laws and practices.

Conclusions

Overall the perfect solution has not yet been found why it demands more research within all stakeholders ranging from corporations, legislators, citizens and the academic community. One thing stands clear, we need to keep momentum, increase awareness and most importantly make the general public and its contributors care about privacy in relation to IoT. Over time we see an agreement by all shareholders rejoining in using one type of privacy methodology in how we will use and collect data in the future.

Advertisements

Why Privacy is important and why its relevance is crucial to the Internet of things

Virt-EU and IoT

Virt-EU is a shortening of Virtual Europe and is an project that addresses the ethical implications of the Internet of Things (IoT) for EU citizens.. By reviewing academic papers in the field of IoT, the project identifies three main ethical implication of IoT: (1) lack of personal data privacy (2) lack of data security (3) how the user is affected and what that could be done to address this. When addressing these implication the challenge is to balance corporation’s economic growth created by citizen’ data and the citizens data privacy and security. The project therefore argues for a solution that is composed in collaboration with several stakeholders, including corporation, legislators, citizens and the academic community.                                                                                                                                                                                  

The user

Protecting user’s privacy when using Internet of Thing devices is challenging because of the ease of identifying personal information. Even if the data does not include name, address or other obvious information, it is relatively easy to re-identify the person. If you are using  a smartphone or wearing a health tracking device, your identity can be determined, based on the data retrieved from sensors installed in smart phones or the devices. The reason is straightforward: each of us has a unique characteristic like the  style of walking and where we walk.

Privacy

Privacy do not catch the interest of authorities. Corporate counsel, regulators, and legislators have yet to face the reality that Internet of Things user’s private data may all be identifiable.

Research suggests that it is extremely difficult to achieve anonymization data of the Internet of Things, and to re-identify user’s information  easier than expected. Researchers at MIT recently analyzed data from 1.5 million cell-phone users in Europe over fifteen months. They found that it was relatively easy to extract complete location information about the individual from an anonymized dataset. Due to the fact that advances in computer science makes it possible to attack and identify supposedly ‘anonymized’ databases. Thous making it insufficient to protect privacy with anonymity.

Security

Some researchers suggest that we should distinguish information of user interacting with Internet of Thing to personal identifiable information and other data that is presumed not to reveal identity. This way, we can clearly identify which data that should be protected by rules, through a radical re-working of current laws and practices.

Conclusions

The scientific community recommends corporations to adopt an “ethical design” in their products that by design secures the user’s data security and privacy. The aim is to take technological designs into consideration, the ethical, legal, economical and technical aspects of smart objects both addressing users and companies producing them. The project argues for legal measures to implement such ethical design if corporation are unwilling to comply. Legislations remains a very effective tool to secure the rights of citizens and can be necessary. The challenge is to create awareness of the ethical implications of IoT, so it becomes an agenda among the politicians of EU.

In short, privacy laws  is unprepared for the threats created by the Internet of Things. To address this issue, a set of regulation should be prepared.

Overall the perfect solution has not yet been found why it demands more research within all stakeholders ranging from corporations, legislators, citizens and the academic community. One thing stands clear, we need to keep momentum, increase awareness and most importantly make the general public and its contributors care about privacy in relation to IoT. Over time we see an agreement by all shareholders rejoining in using one type of privacy methodology in how we will use and collect data in the future.

Barbaraninocarreras

Summary

This text is a critique to the paper Ethical Design in the Internet of Things by Gianmarco Baldini, Maarten Botterman, Ricardo Neisse and Mariachiara Tallacchini published in 2016. The paper, open to everyone, covers privacy issues related to IoT (Internet of Things). Firstly the authors explain the concept of IoT and its perceived challenges, later they introduce the idea of Ethical Design and lastly they introduce Seckit as a tool for users and to approach regulatory purposes.

Critique

Opaque reflections on the process

At the beginning the authors provide two definitions of IoT (p. 2) but, why do they pick these ones? A guidance through their process could have help the reader understand why the authors write about Ethical Design in the first place and why do they pick this specific definitions? An example were the intentions of the writer remain unclear is when they express ‘the pervasiveness of Iot’. If the paper addresses everyone, why would they use this word instead of ‘widespread’ is there a negative connotation of the word?

Education to the users/citizens

The text explains very well the different aspects around IoT: new regulations (p. 3), the idea of context (p.5). Though, they do not focus on the education processes that can help users/ citizens today and how this ones relate to IoT. Its seems that this idea appears spread in different sections of the paper, for example, when the authors carefully illustrate on page 7, aspects related to the nature of the users and their capacities and how more qualified users are able to better control their privacy than others. Thus, interesting concepts arise: Incomplete information on the ‘consequence of data disclosure’, ‘Psychological biases’, ‘Accountability’, ‘on-line and off-line identity’ and ‘digital divide’. All these could conform a section focused on the user and education.

Reader considerations

As a reader, the first part of the paper becomes easy to read, the contextualisation bring strong arguments on why one should read it. Reflecting on regulations around privacy or referencing to surveillance mark the relevance of the subject. Nevertheless the lack of reflections or explanations behinds the author´s wishes or goals with this paper create certain distrust in the proposed tool at the end of the paper. It may seem that the paper is made to argument the tool, rather than the tool becoming a part of the possible approaches to the problem.