The rapid rise of the Internet of Things—always-on devices equipped with sensors and transmitting chips that allow for the continual collection and communication of user-generated data—has begun to transform areas as diverse as connected cars, cooking, smart infrastructure, digital healthcare, agriculture and industrial channels. While each of these domains is sensitive, and necessitates the rigorous application of Privacy/Security by Design, few areas are more private than the inner sanctum of one’s home, which is increasingly becoming “connected” in various ways.
TRUSTe’s Privacy Risk Summit (this Wednesday, June 8th in San Francisco) features a session devoted to the privacy implications of home monitoring presented by Jill Bronfman, Director of the Privacy Tech Project and Adjunct Professor, University of California, Hastings College of the Law. In this final preview in our series, Darren Abernethy, Privacy Solutions Manager at TRUSTe, offers a brief introduction to some of the vulnerabilities and opportunities in the “smart home” space.
How We Arrived Here
The exponential proliferation of Internet of Things (IoT)-connected devices can be explained by the timely melding of various drivers and technological capabilities. The prevalence of low-cost sensors, advanced and inexpensive cloud computing platforms, social media, “big data” analytics, and increased spectral efficiency of wireless technologies and networks have all expedited the creation of more interconnected devices. The fact that these devices generate valuable user data that can be anonymized, aggregated and sold to marketers and other businesses in order to provide insights about customers and prospects, has made a consumer’s behavioral data from inside the home that much more treasured.
First, the Worst Case Scenarios
The Potential for Creepiness
When in the home setting, people are at their most vulnerable. There may be children around, conversations are had that are not meant for public consumption, and generally one’s guard is relaxed in ways it might not be at work or in public. And so, the “creepiness factor” can be high. This is no better reflected than in the chilling recent case of a man hacking a couple’s baby monitor to speak to a 3-year-old boy in his bedroom and control the night-vision-enabled video camera inside. Such a violation of privacy and decency highlights the fact that there will always be people who view connected devices as an attack vector ripe for exploitation.
And, aside from the unsettling manipulation of baby monitors, outsiders will no doubt look for ways to compromise connected garage doors and locks in order to gain physical entry into a home, or to demand payment of a ransom before allowing the owner re-entry. Moreover, even if a hacker does not wish to personally engage in further crimes first-hand, it is not hard to fathom a black market where IoT-related vulnerabilities for devices and individuals’ homes can be peddled.
Enter Voice and Facial Recognition
Voice, video and biometric capabilities are likewise becoming components of the smart home experience. Google recently announced its plans to enter the voice-controlled virtual assistant market (a la Amazon’s Echo) with Google Home, which “becomes a hub to run a home network of Internet-connected devices that collect millions, if not billions, of pieces of data—frequently.” Google Home enables two-way conversations, can interact with the Nest smart thermostat and will engage with other smart devices that, collectively, contain data indicating when someone is home or away, and information about an individual’s preferences and more.
Next, the Good News: Good Practices Build Customer Trust
Although no device or service unequivocally can be made 100% safe and impregnable, there are ascertainable steps that any company can take to mitigate the risk of creepiness, 3rd party exploitation and other smart home cybercrime.
As a threshold matter, companies must continually test and be aware of all of the data that a connected home device collects and transmits. When this data is appropriately categorized (e.g., non-PII vs. PII vs. sensitive PII; actively vs. passively collected; persistent identifiers; transmission medium, etc.), inventoried, and secured (e.g., encrypted and/or de-identified), and it is understood with whom the information is shared (vendors, service processors, partners, etc.) over which networks, then companies are better able to ensure security by building in appropriate controls. Ongoing monitoring throughout the lifecycle of a connected device, as well as accurate disclosures to consumers before and throughout usage of a product, are also requisites of building customer trust.
Open Questions at the Hearth of the Connected Home
This relatively nascent frontier of monitoring about and within the home raises as yet unanswered issues for privacy-aware consumers and regulators. These include:
- What limits, if any, are needed around the granular profiling of individuals from combined IoT-device data collected on a single platform (including, e.g., protected health information or geolocation)?
- Should a special regulatory status be afforded to data collected in the home?
- Where do advertisers and marketers fit into the connected home landscape?
- How can meaningful notice and consent be provided in the IoT home setting?
- What of unknown or future secondary uses of connected home data?
For insights and analyses of these issues and more, be sure to check out this week’s TRUSTe Privacy Risk Summit, or contact TRUSTe today.