Careful approaches to data use and privacy regulations are needed if the Internet of Things (IoT) is to thrive, according to a group of privacy, law and technology specialists.
A roundtable debate, hosted by data warehousing firm Teradata and attended by V3, concluded that there is no simple answer to solving some of the concerns and challenges about IoT data use and privacy and more debate is needed.
The experts highlighted several key concerns that need to be tackled if the IoT is to become the reality that the technology industry has promised it can be.
Failure so far
Gus Hosein, executive director of Privacy International, was scathing about how data use and privacy have been handled by governments and companies thus far, and warned that current approaches threaten the future of the IoT.
"Dumb actors are going to kill it. I want the IoT but if you think of the prime examples to date they've been the idiotic Samsung and LG TVs that collect information on their users even when they don't want them to. They don't even tell the user what's actually going on," he said.
"We're going to screw this up really badly because our track record is pretty pitiful. Unless somebody comes out with a more positive approach, where it is about empowering the individual, there are going to be awkward decisions to make."
Joanne Bone, a partner at law firm Irwin Mitchell, said good governance and regulations are vital in addressing such problems, as the industry needs to acknowledge that the IoT is a way of connecting people, not just devices, and needs to keep personal data safe and within an individual's control.
There was a consensus among the panel that companies working with IoT networks and harnessing the extracted data need to take responsibility for protecting the privacy and identity of citizens.
Stephen Brobst, chief technology officer at Teradata, said that companies must encrypt and protect the data they collect to the best of their ability.
"If you're going to collect the data it's your responsibility to protect the data, and part of that is through strong encryption," he said.
He added that this is not happening at the moment. "The reality is that, even with the existing tools that have been around for a long time, people aren't using them enough," he explained.
"In my view all data, not just social security numbers personal to the individual, must be encrypted, and for the most part it's not."
Michele Nati, technical leader of privacy and trust at the Digital Catapult, said technology firms should establish standards for privacy and data use to which they can all adhere.
"What is missing is some kind of regulation or trust framework that should run across different manufacturers," he said.
Meanwhile, Bone said that data regulations are trying to push the technology industry to establish a set of standards to effectively self-govern how data is used with the IoT.
She was adamant that companies need to do this to avoid governments stepping in and introducing overly restrictive laws and regulations which could stifle the potential of IoT deployments.
"Businesses should get their houses in order, because what I really wouldn't want to see is prescriptive steps from the European Union, which may be very bureaucratic and may not work in practice," she said.
Transparency of data use was a recurring topic throughout the debate, and the panel agreed that companies should be open and clear to their customers about how they will gather and use their data.
Bone said that transparency will underpin future policies relating to the IoT, as long-term regulations cannot be effective given the speed at which technology develops and outpaces legislation.
"I think very broad policies are going to become a thing of the past because one of the big things from the new [EU data] regulation, if it ever happens, is the emphasis on transparency," she said.
Bone added that this will be achieved by making sure that data and privacy policies are kept simple, clear and transparent, rather than offering long and obtuse documentation to which many people just agree automatically only to find that their data being used in a way they did not expect.
Brobst was a keen champion of transparency, saying that it will win favour with consumers while not subjecting data-driven companies to overly constraining regulations.
"As long as we're transparent the public can make decisions [on data use]," he explained.
This transparency can be supported by laws that hold companies to task if they are not transparent and breach clearly defined permissions on data use, according to Brobst.
"I think the key point [is] the need for transparency. That's a huge problem and that's where I think laws and regulations come into play to enforce transparency with appropriate retribution if that's not followed," he said.
Brobst added that emphasis on this transparency needs to come from companies working in the IoT space rather than being dictated by laws.
"I long subscribe to the idea that all companies when they are collecting and using data should say what they do and do what they say," he said.
"I view government intervention and laws and regulations as a last resort, as it's too hard to keep up [with new technology]."
The technology industry could be on its way to achieving some of the transparency and standards touted by the panel, particularly given how the ITU has set up a study to explore the challenges of setting standards for the use of IoT devices in smart cities.
Author's view: The roundtable left me with the feeling that there is actually no conclusion to data use and privacy issues pertaining to the IoT.
The lack of maturity in the market makes the IoT the ‘wild west' of connected devices, and it is not surprising that no concrete answers have been found to the problems so often thrown up by the technology industry's hottest trend.
However, I am confident that, with more debate and a considered approach to IoT data and privacy, the technology industry and government can create stepping stones to realising the benefits of the IoT without the privacy concerns it currently throws up.
Microsoft seizes control of phishing sites linked with Russian state hackers
Fitness trackers over-estimate the number of steps their users take, analysis of 67 research reports suggests
Everything we think we know about the imminent Apple iPhone 9, iPhone 11 and iPhone 11 Plus launches
All the latest rumours about Apple iPhone Displays, CPUs, launch dates and even prices
Nvidia brings Turing microarchitecture into the high-end gaming segment