The lack of IoT privacy will continue to be a topic of conversation, concern, and complexity as organizations and governments navigate the ethics of data collection and use.
When data collection and use comes up in conversation, the ethical angle is probably not the first topic techies discuss. However, it has an important place in discussions of consumer devices and IoT.
Organizations capable of continuous surveillance through IoT devices they must consider ethics – the moral principles of their actions – and their effects. When devices connect to the Internet, users have no real privacy. Organizations can monitor consumers through smart devices, including homes, appliances, cars, wearable devices, and water and gas meters. Providers can monitor and track conversations, locations, times, actions, and behaviors across interconnected wireless devices.
Monitoring and tracking may seem unethical, but consumers freely, though often unknowingly, give providers the ability to monitor, collect, and share their personal data through the purchase of new devices. Consumers often don’t read the agreement pages when they buy new devices. Buried deep in the fine print of the agreement is the acknowledgment that the consumer’s personal data will be collected and stored, and the data will be shared with third parties.
Ethics becomes a concern when providers collect private consumer information and are not transparent about how they use the data. Vendors must also protect that data.
How has data privacy become a major ethical issue for IoT?
Privacy in US regulations has roots that go back a long way, including its reference in the Fourth Amendment to the US Constitution, dated 1789, which states that individuals have the right not to make searches unreasonable in their homes. Unreasonable searches include data transmitted outside the home This now refers to data transmitted electronically via RFID tags and connected devices, such as those that heat or cool homes, regulate water, and control household services and appliances.
Smart devices routinely collect data about building occupants, such as behaviors. This data can be used to determine housing occupancy or housing availability. Smart meter data reveals electricity usage times in minute increments, indicating other factors, including habits. When organizations or bad actors can determine personal information from collected data and misuse it, IoT, ethics and privacy are intertwined.
The lack of privacy in homes and vehicles, or even through portable devices, has forced organizations and legislative bodies to address the ethics of IoT. Smart device consumers must decide whether monitoring personal habits, behaviors and home occupancy is ethically correct or a violation. Previously, the American perspective viewed personal surveillance as wrong. However, people want wirelessly connected devices to make their lives easier, and surveillance for that purpose is widely accepted. With more consumer privacy regulations in place, the onus has shifted to putting more onus on IoT providers to inform consumers about the pros and cons of connected devices, but consumers still must navigate lengthy privacy agreements.
The importance of IoT privacy and security together
Organizations must not only address the ethics of their data use; they should also consider privacy and security together. They must define what to secure and how to secure that component or device. Privacy is critical for all people and organizations that connect to the Internet, including home utility, financial, health care, educational, religious, or media organizations.
The interconnectivity of wireless sensors poses a high privacy risk because the sensors continually collect and store personal data. Consumers willingly share personal data and sacrifice privacy for connectivity, often because there is no alternative but to use the Internet for business and personal tasks.
With the lack of privacy, it is inevitable that organizations must prioritize device and data security. Organizations spend money developing tools to protect devices and data and ensure privacy, but hackers strike faster than organizations can keep up, as evidenced by daily data breaches. Some of the most high-profile examples of IoT device security breaches include the Ring smart security camera hack, which led to a lawsuit, and the Mirai botnet attack.
Where does IoT ethics and privacy go from here?
Despite the lack of privacy in IoT devices, consumers continue to embrace them. Consumers accept the privacy agreements attached to the devices. People often unknowingly freely give up personal information to connect with IoT devices, including residence occupancy, home appliance use, home security, home medical equipment use, personal routines, privacy of the vehicle, voice privacy and geolocation privacy.
The number of IoT devices will grow from 8.74 billion in 2020 to more than 25.4 billion in 2030, according to a Statistical report. Despite the growing number of IoT devices, ethics must be the central focus of these devices. However, ethics are rarely discussed when someone buys a new device or is involved in the desirability of the device. Ethics focuses on the honesty or deception of a matter. Device manufacturers must accept responsibility for protecting the privacy of consumers who buy and use their devices. Furthermore, data must be protected because data is the true value of IoT.
Personal privacy may seem insignificant in a society churning through the latest gadgets as consumers clamor for more and faster Internet connectivity. When organizations, consumers, and governments consider the ethics of IoT, the discussion should focus on the erosion of personal privacy by the use of IoT devices. Once the data is connected to the Internet, personal privacy cannot be claimed.