We need to talk about sensors: How the internet of things could affect privacy

We need to talk about sensors: How the internet of things could affect privacy

Summary: The internet of things is going to change the way we interact with the world around us. It also raises massive privacy issues and - whether the prospect of a hyper-connected world thrills or scares you - it needs to be the subject of a widespread discussion.

TOPICS: Emerging Tech

Here at Telefonica's Campus Party Europe tech festival in Berlin, this morning has seen some interesting sessions about privacy, with one in particular tackling the potential and risks of the internet of things.

We should already be having a widespread discussion about this subject, because the push is on, even if – as with the embedded sensors themselves – it's not visible to most people.

The talk that really grabbed me was by Joe Huser, an LA-based corporate attorney who tends to represent entrepreneurs that are trying to get their heads around the regulatory issues associated with the internet of things.

He ran through several scenarios that may or may not happen, as the world around us becomes subtly but pervasively connected — with each scenario relating to certain legal principles of data protection and privacy.

Without saying whether or not I agree with his analysis, I think it's worth looking at a few of his scenarios. It's easy to be both thrilled and scared by this stuff, but it's important that we realise this is what's happening, and give strong consideration to the consequences. This will affect all of us.

    • The smart plane seat: Seats that can broadcast whether or not they're being sat on could be very useful to airlines, who want to know in real time whether they have spare capacity to sell at the very last minute. Huser linked this to the problem of a consumer's access to review and delete their data: "If you sit down and log into the computer screen in front of you and delete yourself as soon as you sit down, then that doesn't help the gate agent sell empty seats… Did you consent to the airline tracking your behaviour when you bought the ticket, or did you have to opt into the system? An opt-in system doesn't help the airline very much."
    • Smart luggage: Luggage you can never lose, because it's being tracked. Again, opting in or out is the problem. "My guess is, for the first several years this luggage is available it will be the most expensive luggage on the market," Huser noted. "An argument could be that you are consenting because you had the choice to buy the old-school luggage [but] there will be a day when everyone can afford it and finding a suitcase without tracking will be difficult. Will it be on automatically? I think an opt-out regime would be better here."
    • Smart pills: This is a great scenario to think through. A new breed of smart pill, with a tiny camera inside, can help diagnose bowel cancer. A woman goes to the doctor, takes the pill and checks the results when she's back at her work computer. In the US, employers have the right to monitor all email and internet use in the work environment. Does the employer get to know the diagnosis before the woman's partner does? According to Huser, the laws protecting employer's rights "would certainly have to change" to cover this sort of case.
    • The smart bicycle for kids: Imagine a bike that can be tracked everywhere — like fleet management for two-wheelers. Great for parents, you might say, as they can keep an eye on where their children go. But imagine the pitfalls if that data falls into the wrong hands. In countries such as the US, the law gives stronger protection to the data produced by children, and Huser suggested that would likely extend to this type of sensor-equipped device.
    • The shop that knows your worth: You walk into a high-end department store and your phone gives the management an indication of whether you're rich or not. Sounds fanciful now, and I don't fully get the mechanics behind this example, but look at the Orbitz case, where a travel site suggested pricier options to Mac users based on the assumption that they were more likely to be better off. Here, Huser noted the legal restrictions around the use of financial data, and said key factors would be the kind of consent the user gave, and the extent to which the data was personally identifying.

Some of these are pretty extreme or obscure cases, some not. The point is, the amount of data that we, our vehicles and our devices collect and generate is set to explode. What happens with that data may, in some cases, not fit with the laws we already have.

These are incredibly complex issues, and right now there are no easy answers. That's not to say regulators aren't trying to find them — in the summer of 2013, for example, the European Commission will propose new rules.

All of these uses of the internet of things have clear benefits, in terms of efficiency, health, even (in the case of smart car tracking, for example) the environment. But the flipside is risk. We shouldn't be too thrilled or scared — we should be practical and we should have our eyes open.

If we're going to get the best outcome, the internet of things needs to be the subject of a very broad and informed discussion. As soon as possible.

Topic: Emerging Tech

David Meyer

About David Meyer

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't pay the bills. David's main focus is on communications, as well as internet technologies, regulation and mobile devices.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Privacy Choice

    In [b][u]ALL[/u]![/b] cases I should have to Opt-In, [b][u]PERIOD[/u]!!![/b] I should also be able to supply as little or as-much-as [bI[/b] deem fit and necessary to the monitoring task at hand.

    My personal information is just that!,PERSONAL! It is also [B][U]PRIVATE[/u]![/b] until I give it to a single entity and I should have exclusive license and license agreement with whom I give it to just like a photographer at Sea World does. Those picture are expensive because they sell you the license to use them. Read the documentation and disc they put them on. So why not me?! Why can't my personal information be granted under license and terms of use?
    The Rifleman
    • Leave the...

      Leave the HTML code out of your posts. It doesn't work and makes reading difficult.
  • There is another issue

    While I agree the amount of personal data will explode and we need to consider the ramifications, there is another issue that in my mind is just as or even more important and that is computer systems acting autonomously upon that data. We’ve seen instances in the stock market where autonomous systems went crazy and destroyed the value of stocks in minutes, there is nothing that says it can’t happen to people. Let’s say for arguments sake that systems gather data on children (they already are). Now let’s say a pedophile, or a ring of pedophiles (the same people swapping kiddy porn via the internet) use a fictitious company to buy data on say, female children between ages 8 and 12 that are poor, live in a single parent home and have bought their first bra. A human being would look at that request and see that someone is targeting vulnerable kids but a computer system, it couldn’t care less and there is money to be made.

    Ok, maybe that’s a stretch (given the child porn out there I don’t think it is) but the point is that autonomous systems have no judgment or morality and will simply do as instructed in code and those instructions will all be about making a buck. Combine that with unlimited personal data and it is by definition a “perfect storm” in the making.