Building Trust in the Internet of Things
Posted: 20 Mar 2017
Date Written: March 2017
This paper will assess what governments can do to promote consumer acceptance of Internet-mediated services that use sensors and machine-to-machine links. The Internet of Things (“IoT”) adds intelligence and continuous monitoring capabilities for a wide variety of fixed and mobile devices including cars, roads and other types of infrastructure, refrigerators, smoke detectors, thermostats and health monitors. Recent highly publicized hacks and disruptions have called into question the adequacy of consumer protection and privacy as well as the vulnerability of sensors to potentially devastating intrusions. Arguably, invasions of monitoring devices have significantly greater potential for harm than disrupting and interfering bitstreams.
The paper will consider whether and how governments should become more active in standard setting, regulation and identification of best practices for IoT devices and services. Currently, IoT test and demonstration projects operate largely free of government oversight in an atmosphere that promotes innovation free of having to secure public, or private approval. However, even now, some experiments have evidenced vulnerability to disruption by outsiders intent on mischief, or worse.
The IoT also raises questions about privacy protection in light of the potential for widespread intrusion into areas and activities commonly considered private. Just as drone aircraft can cross into private property and other types of restricted airspace, embedded sensors can track individuals, machines and devices as they move within and across private spaces. The paper will focus on the use of quite small, “cubesats” that will offer many of the functions available from drones without detection in light of the higher orbital locations used.
Widespread activation of sensors, without consent of parties subject to surveillance and reporting, raises questions about what constitutes a reasonable expectation of privacy and non-intrusion. Additionally, a robust marketplace for IoT applications and services may create incentives for vendors to establish and comply with best practices, or regulations designed to prevent or mitigate harm. The potential for ubiquitous monitoring also raises questions about who has lawful regulatory authority and whether such power can and should be shared as monitors and sensors cross borders.
The paper will provide recommendations on how governments can promote permission- less innovation and possibly risky experiments, but also protect consumers.
Keywords: Internet of Things, Trust, cubesats, reasonable expctation of privacy
JEL Classification: K23, L43, L82, L86, L96
Suggested Citation: Suggested Citation