Privacy and the Internet of Things

It is almost impossible to attend any event that has an IT edge without hearing about the Internet of Things. Until recently, we only really used the Internet as a way of connecting people via computers and servicer. But we are hurtling forward into a world where all sorts of devices have sensors and controls that can be connected, controlled and read over the Internet. That's the Internet of Things.

At the IAPPANZ Summit held recently in Sydney, a panel of experts examined what the Internet of Things means for privacy.

Peter Leonard, a Partner with Gilbert + Tobin Lawyers, opened the discussion noting that the popular media has jumped on the Internet of Things bandwagon with Forbes magazine saying it had overtaken Big Data as the most hyped technology. However, he also noted, invoking Gartner's Hype Cycle that the early hype is usually the predecessor to the Trough of Disillusionment.

"Here we are, peering over the precipice of the Trough of Disillusionment'" he mused. However, Leonard noted that the Internet of Things looks like it's here to stay. The number of devices connecting to the Internet is growing rapidly with today's six billion connected devices expected to increase to over 50 billion by 2020 - or as many as seven devices for every many, woman and child on the planet.

"Clearly, we're all going to have something to do with the Internet of Things in the future," he added.

"This is great because it raises so many technical capabilities to help our lives and make our lives easier. But there's always a trade-off," said Matthew Poblocki, the Director of Legal Affairs at Paypal Australia.

"Privacy is probably the biggest trade-off from a human right perspective and from a legal perspective".

Poblocki raised several concerns. For example, the information we create and share might be used in ways that exceed or original expectations or authorisation. Also, software is written by people who can make mistakes. The consequences of an incorrect instruction going to a TV or fridge in the home could be serious. If an automated application unlocks a door and there's a subsequent theft, insurance companies could get involved.

"Who is liable for what in the chain of events?" Poblocki pondered.

That stream of connected devices and the data they share extends to the cars we drive. RACQ's Executive Group Manager for Risk and Compliance, Lachlan Burg noted that his organisation is working with carmakers and accessory manufacturers in developing products and services that adopt the Internet of Things, bringing cars into the connected network.

Burg noted that many high-end vehicles are already delivering information such as driving locations, engine condition and other data that is being sent to manufacturers such as BMW and Mercedes.

The questions we need to ask, in Burg's view, are around the control, security and ownership of data throughout the value chain.

"It's a complex web of legal definitions about licensing of data and what data you have given up when you go and buy a car or buy an after-market accessory that puts you in the Internet of Things," he said.

Read more: The Right to be Forgotten

Ian Opperman from Rosetta Technology was the next speaker on the panel. With a background in sensoring technology, he has experience in gathering, collating and discerning meaning from massive volumes of data.

In working with sensors used for monitoring water levels in Tasmania, his company has been able to use the data, which was initially collected to manage water levels, in new ways that allow farmers and winemakers to manage resources more efficiently.

For example, being able to predict water levels has a significant benefit for oyster farmers as it allows them to optimise harvest cycles. With winemakers, being able to predict when botrytis is more likely to impact a crop means picking and spraying can be optimised.

With oyster farms, Opperman's company has developed sensors that allow them to monitor "oyster happiness" based on biofeedback so that oysters can be harvested in peak condition.

"It's the beginning of an Internet of Everything," Opperman said.

As an app developer with the ABC, the next panellist Peter Marks from the ABC said that he was "incredibly optimistic about the Internet of Things".

"I do see the mobile phone as a key part of the control of the Internet of Things in the home. We do need to do something about home electronics," he said.

He sees the Internet of Things as delivering lots of benefits around control, accessibility for disabled people and efficiency in many different industries. But he also sees the other side.

Read more: Thought Leadership in Privacy

"The incredible risk, the bugs we're going to have. Attacks on our home networks. Unfortunately, the general public is extremely poor at even basic security settings. And, of course, there's all the unexpected use of data," he added.

Marks sees that platform makers are getting better at telling us when apps use services such as geolocation but there's still an element of blindness as we are faced with license agreement. Some estimates suggest we would spend a quarter of every year reading if we all read the full content of all the license agreements we see each year.

Following on from his keynote address on privacy in the age of mobility the need for policy and developers to put themselves in the place of the consumer.

"When we were looking at how we were going to use that technology, the thing about technology policy is that it's always about getting into the mind of the consumer. The mantra we had was putting people first," Irving said.

Read more: G20 targeted as malware authors hone in on Tibet activists

"We didn't want to think about the tubes. We wanted to think about people at either end of the tubes. That's the right way to look at most of these questions we're asking," he said.

Irving noted that there will be significant cultural impact as the Internet of Things takes hold. For example, if sensors can detect micro-sleeps in drivers as they age, will this result in job losses for older people who are already facing difficulty in getting jobs?

The uptake of the Internet of things will be rapid, Irving notes, so this is the time to establish policies before things get out of control.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags Ian OppermanIAPPANZ SummitRosetta TechnologyPeter LeonardIT edge#iappanzGilbert + Tobin LawyersdevicesMatthew PoblockiprivacycomputersEnex TestLabLarry IrvingGartnerInternet of ThingsCSO AustraliaRACQ's

More about CSOEnex TestLabGartnerGilbert + TobinRACQTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts