Welcome to the world of the Internet of Things.
The Internet of Things (IoT) is the name for the growing interconnected world of physical devices that include embedded sensors to collect and exchange data with users, manufacturers, or other devices. The Nest thermostat, one well-known example, gathers data on home temperature preferences in order to optimize usage. The Fitbit wearable device, which monitors your physical activity, is another common “thing” contributing to the estimated 127 new things connecting to the Internet every second.
You may think of this information as a personal convenience. After all, shaving a few dollars a month off the heating bill and knowing how many calories you burn during a run helps you live your life easier. However, the reality is that these companies aren’t just collecting data to raise your standard of living – they’re collecting data for themselves, their stakeholders, and their advertising agencies. Data on what you do, when you do it, and what you do it with.
Now, advertisers can not only follow you home, they can follow you to your kitchen table. They know whether you paired your dinner with beer or wine, and how many bottles you have left in your refrigerator. They know when you wake up, when you leave your home in the morning to go to work, and they know the route you take to get there.
What’s in place to make sure that developers protect your privacy? Well, not much. The government is literally years behind understanding what the IoT is in the first place, and the only real report on the subject came from the Federal Trade Commission this past January – the full force of which only gave a recommendation that companies take a more active role in putting security in place before they get ahead of themselves with data collection. The reality is, developers are thinking more about what they could do rather than if they should do it. A study last year found that the average IoT device had 25 identified vulnerabilities.
There’s no point in debating the ethics of whether this data should be collected or if the IoT should exist – it’s already here, whether the world realizes it or not. What needs to be focused on is how to shield users so their information is never at risk while these commercial efficiencies can still be realized.