Episode 49: (Data Bites) Regulator Concerns Around the Internet of Things

Regulations around security and usage of the significant amount of data coming from the many IoT devices poses serious regulatory and security concerns.

On today’s Data Bites, we consider how all of these affect the adoption of internet of things devices across all industries and all walks of life!

Data Couture is running a Kickstarter Campaign!!!! To help support the show head over to datacouture.org/kickstarter today!

To keep up with the podcast be sure to visit our website at datacouture.org, follow us on twitter @datacouturepod, and on instagram @datacouturepodcast. And, if you’d like to help support future episodes, then consider becoming a patron at patreon.com/datacouture!

Music for the show: Foolish Game / God Don’t Work On Commission by spinmeister (c) copyright 2014 Licensed under a Creative Commons Attribution (3.0) license. http://dig.ccmixter.org/files/spinmeister/46822 Ft: Snowflake

Transcripts:

Welcome to data tour the podcast about data culture at work at home. And on the go. I’m your host, Jordan Bohall. To stay up to date with everything data controller, be sure to like and subscribe down below. Furthermore, be sure to follow us around the internet at data to her pod on Twitter, at data couture podcast on Instagram, and at data couture pod on Facebook. Of course, if you’d like to help keep the show going, then consider becoming a patron at patreon. com forward slash data couture. Now, no under the show,
system.
Welcome to data couture on today’s data bytes, we’re going to be talking about the Internet of Things just like on Monday’s episode, but instead of just fan blowing out like I think I did on Monday, we’re going to be talking about some regulatory concerns and ways to make Internet of Things the IoT far more safe, as well as get some ideas around some of the legal issues and some of the usage issues that are starting to crop up, frankly. So stay tuned.
Alright, so what are some of the issues around the regulation, specifically from governments or even the industry around IoT, the Internet of Things? Well, let’s be clear. One of the primary drivers of the IoT is data and the success of the idea to connect all these different devices, like I mentioned, my interest in smart home devices, or agriculture devices, or consumer or commercial or industrial applications for the Internet of Things. Well, it depends upon the access to and the storage and processing of data. And so here are three areas of concern for the IoT. The first is data security, you know, because this is data, and oftentimes, it’s sensitive data, I’ll talk about this in a second. These companies who are pushing out these IoT devices should definitely make sure that the collection of the data, the storage of the data, which often is happening in the cloud, because it in the cloud offers far greater storage capabilities than any on prem solution might. But also the processing of the data should be secure at all times. Therefore, by having this data defended, or having security around the data appropriately, companies are tasked with a very difficult area, namely having an approach to encrypting the data at every single stage of collection. A second area is that of data consent. So users should have a choice as to which data when when did I guess anyways, the timing of data, these kinds of things that they share with the IoT companies, and they should be at least informed or better yet, somehow made whole again, if the data gets exposed. And then finally, is the idea of data minimization. That is, you know, what smart speakers, for example, they collect quite a bit of data that will again get to this in a second, but companies that provide these IoT solutions should only collect data when they need to, and then also retain it, and some sort of aggregation for some sort of limited timeframe. So let’s get into each of these, the data security part. And I don’t mean to pick on smart speakers, because let’s face it, all these IoT devices will give a very accurate picture of our day to day lives. I mean, with my vehicles tracking, every single operation, every movement, every bit of information about when it’s sitting idle, when it’s being used, it’s very easy to determine when I’m going to work or when I’m home, or when I’m out with friends or at a bar or whatever, what have you right, and as well as where am I. And so it has very deep information about my habits as it comes to when I am where as well as I don’t know, even the things that I like to do so has the location data can tell you, which stores I shop at, can tell you which bars I liked and tell you which restaurants I frequent, it can tell you exactly where and when I’m at work. And if this data isn’t properly secured, well, that’s pretty straightforward. It’s real easy for some malicious actor to then know I’m going to be and do whatever they’re going to do at that given time. Right. And that’s troubling to me. Of course, the data security goes well beyond that. Not just for cars. But you know, my, again, smart speakers, I can’t get around this because it’s so popular in the news right now. But basically, every smart speaker, company, every company that’s making these particular devices, well, they’re listening to the people speaking to them, and not only are they listening to the consumers that use the device, but that is specifically when the consumers are calling out that device to do some function. So for example, if I say, hey, Google, what time is that? Or, hey, Google, what’s the temperature outside? Right? You know, that’s, that’s an applied use of the technology. But they’re also listening in, in times when maybe they shouldn’t be, maybe I’m speaking to my partner, or maybe I’m on the phone with my parents, or maybe I’m just talking to my dog, right? Like, they’re all these kind of intimate moments that they have no business, none at all.
Tracking and listening to and storing. And so with data security, because they do happen to have all this information. You know, not that I talk about anything that’s particularly problematic, frankly, my day to day, but still, it’s private, it’s personal. And because they have this data, they damn well better be approaching the the issue of data security, as you know, defending it as though were their own. That’s what I expect from them. And I’m not sure if that’s the case, which leads us to the second piece of the data consent part, right. You know, with the smart speakers with connected cars with all the other connected devices, it’s not clear that I want to be sharing all the information with the companies that are producing and delivering the solutions. And so there needs to be this kind of, I’m not quite sure how it would happen, maybe, you know, you could set parameters around which data the companies are using. So for example, on my phone, and for better or worse, I’m a devoted Apple user. And every morning, when I exit my garage, and my car, and I close the garage door, my phone pops up, and it tells me exactly how long it’s going to take me to get to my office. Right. And it’s usually pretty spot on it looks at traffic patterns, it looks at how I drive where I stopped to get my morning, caffeine, that kind of stuff. And frankly, I don’t know why my phone needs to tell me that I know exactly how long it’s going to take Why? Why does my phone need to know where I’m going? any given time in the day, which makes me think that I’m far too consistent in how I operate. But nevertheless, I should be able to consent as to which data my connected devices are allowed to share with the companies. In which case, it will make it far less easy for malicious actors, for example. And for that matter, any employee of these companies to know exactly what I do in my day to day, I don’t they don’t need to know that it’s not their business, right? Which leads Lyft partner, Emily that up data minimization, why does my I don’t have one yet. And again, if you are an employee or in some position to supply these, I will take any bit of home automation or life automation technology you can give me so hit me up on my socials. Anyways, pushing all these security and regulation concerns. I still absolutely love the the technology anyways. So the last piece is that of data minimization, why does my if I had one smart thermostat really needs to know all of my, my patterns of living, right? Like it’s nice if it could be connected to my phone and know when I’m in the house and thereby, you know, set the temperature accordingly. or know that I usually come home around whatever time of day and so 30 minutes beforehand, start cooling down the house or something right so that I can one save energy save the planet by having my air conditioning not on all the time, but also have it ready for me ready to go when I do approach it. But why should that company who makes that thermostat? Why shouldn’t know all this information, all it needs to know is Oh, I see the trigger. And that trigger is Jordan set a timer for when his phone is within a certain proximity to cool down the house. Right? That’s all it needs to know. It doesn’t know the time it doesn’t need to know the time of day it doesn’t need to know all these other kind of factors as to what’s going on in my life. In any case, these are regulatory issues. And it’s something that needs to be worked out both at the government level and the private sector level in order to actually give us something that one is very, very cool and very, very useful, namely, everything being connected, but also give us the privacy that we all need. So if you have any ideas, any thoughts they come down in the comments below. Otherwise, talk to you next time. That’s it for the show. Thank you for listening and if you liked what you’ve heard, then consider leaving a comment or like down below. Stay up to date on everything data couture, be sure to follow us on Twitter at data couture pod to consider becoming a patron@patreon.com forward slash data couture music for the podcast. It’s called foolish game. God don’t work on commission by the artist spin Meister used under a Creative Commons Attribution 3.0 license, writing, editing and production of the podcast is by your host

Liked it? Take a second to support Data Couture on Patreon!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.