What if IoT produces all the security you ever need for personal safety but you lose personal privacy…

The “why” of IoT is fairly straight forward. There were devices that existed in the world with information clip_image002and a fairly straight forward model was available to connect them. “Easy squeezey” as they say. The “what” of the connection is well documented. I call them wearable, stayable and portable IoT devices. Finally the “how” including the inherent risks in the connection is something I have talked about ad nauseam. I have gnawed on the bone that is bandwidth and the total remaining meat on that bone going forward is less than people think as well as the broader how concepts within the “screen as a service.” All of these things coming together to produce the concept and reality we call IoT. The Internet, of things.

There are a number of names I’ve seen over the past few months. I’ve created a few as well for what we clip_image004are talking about. It is really two distinct things. A connection normally provided over what is known as the Internet and a device. The device as seen in the image may provide any number of services. Fire detection, smoke detection, earthquakes or someone in your house when you aren’t there and frankly you didn’t authorize them being there in the first place. Devices of all types and nature. Producing information that is sent out without concern for what happens after it is sent. There is no IoT governance beyond the production and transmission of the data. If you don’t see your traffic warnings, you sit in traffic. If you don’t evacuate your home during a hurricane after being warned – you have a tough couple of days ahead.

That in the end is the variable we have. Human beings, we can be told a lot of things but that doesn’t clip_image006mean we are going to act on them. We can govern how the data is produced (device and device type) and we can govern how the data is transmitted (Internet or other networks). We cannot govern how human beings act on the information. As shown in this graphic the easy reality is that someone else now acts on the information you didn’t act on. The other side is someone can control that data flow as well. The negative reality is the more IoT cameras that exist the greater the risk of loss related to personal privacy. I have a friend who is a personal trainer. She eats perfect meals and works out constantly helping her customer’s achieve their personal fitness goals. Every once in a while however she stops by fast food place and eats a burger. It’s her guilty pleasure. The fact that she does that doesn’t in the end bother me. But it might bother other customer’s if they knew that. Personal privacy extends to where you are at all times as long as you aren’t doing anything that isn’t legal.

The problem presented by the reality of IoT and video isn’t just that trip to a fast food restaurant where you indulge in a burger that isn’t good for you. It is the reality of storage. There are instances of both cameras and devices where the data and information collected by the device will be stored. For how long is determined by the situation and location. Motion activated systems that activate video cameras near secure locations will most likely store the motion images for an extended time period. When arresting someone for attempting to enter a secure facility being able to show evidence that it was pre-mediated makes for a more effective punishment in the end. It isn’t a one-time teenage prank it is in the end a pre-meditated intentional attempt to breech security.

Your cellular device can show anyone where you are pretty much all the time. It tracks your location like a puppy following someone with a ham sandwich. It knows where you are and for the most part what you are doing. That information along with video evidence cuts your personal privacy. Literally your personal privacy goes down. Now you may have additional personal security from this new paradigm but you lose privacy. You can disguise your face/body and you can intentionally modify your gait although for the most part you can only do the second thing when you are directly thinking about it which will send up red flags in the system anyway. The goal is to reduce your digital footprint not call out your presence with a red flag.

I guess based on this blog let’s add personal privacy to my list of things IoT has to sort out fairly soon. That list includes bandwidth and information overload, now add personal privacy.

.doc

Scott Andersen

IASA Fellow.