In this new article for O’Reilly, IoT Privacy Forum Founder Dr Gilad Rosner discusses how the IoT amplifies the problems of Notice & Choice and Consent. Academics and experts have long been aware of their failure as privacy protection strategies, and some have called for them to be eliminated in favor of a controversial policy: letting businesses choose which data uses are and are not appropriate. The article examines the pros and cons of this approach with regard to connected devices.
While waiting for a taxi in Barcelona, my friend, irritated at waiting for one to appear, told me that Uber was made illegal in Spain. However, she was not 100% sure it was still illegal; perhaps something had changed. To answer this, she took the most direct route and opened Uber on her phone: Nope, we could not order transportation. I saw this moment as a wonderful inversion of that 90s internet tenet, ‘code is law.’ The main idea is that the architectures of electronic systems perform similar regulation of behavior as law does in the physical, social realm. In some of the more utopian and techno-deterministic formulations of this idea, the world of paper laws and hoary legislative debates would crumble before the might of the interweb and its meritocratic ways. Opening Uber on her phone to see if it could sell its wares in the Catalan capital was a wonderful reminder of the over-exaggeration of regulation’s untimely demise. Academics love the word, ‘tension,’ and companies like Uber and Airbnb cause mountains of it. They’re such good case studies for regulation, perturbing existing regimes such as hotel taxation and taxi passenger safety, stepping on toes economic and political. The earliest discussions of the social impact of the internet invoked its borderless character and the inevitable clashes that would arise with national sovereignty. That tension is is alive and well, visible in US alarmism over the coming EU General Data Protection Regulation, in the regulatory tussle over Uber and its so-called sharing economy kin, and in the recent invalidation of the Safe Harbor framework. Law may move slowly, but it still packs a punch.
In this new article for O’Reilly Radar, IoT Privacy Forum Founder Dr Gilad Rosner argues that, despite much contrary commentary, the Internet of Things (whatever it is) will not be slowed by concerns over privacy and security. Economic pressure and technical evolution will propel the IoT forward whether privacy and security are baked in or not, and society will be the poorer for it.
One of the debates in privacy is the continuing feasibility of Collection Limitation as a data protection principle. Historically, there was some basic tension with data retention pressures, as Steve Wilson noted: “Collection Limitation … can contradict the security or legal instinct to always retain as much data as possible, in case it comes in handy one day.” The IoT, broadly construed, adds a new pressure: the increasing ubiquity of sensor information.
Mobile phones with all their sensors have been a challenge to Collection Limitation for years. Consider the legions of apps that access all of the sensor data because they can. But that was one device – now multiply that by… choose your number du jour. The point is that the IoT/ubiquitous computing/pervasive computing/contextual computing are typified by enhanced monitoring. Collection Limitation is, simply put, the principle of only gathering the data you need for a particular application. The US, enormous market that it is, does not really enforce this principle. That’s unsurprising, as it mainly appears in ‘soft law,’ i.e., there are no sanctions to enforce it in the commercial world. It nominally exists in Europe, but there are very limited ways of enforcing it. How can this principle withstand the emergence of billions of all-seeing, all-hearing devices in the human environment?
In November of last year, two automotive trade bodies released a set of Vehicle Privacy Principles, written in conjunction with the law firm Hogan Lovells with some assistance from the Future of Privacy Forum. I’ve written on these Principles before for O’Reilly Radar – I don’t like them because of their very weak consent principles. Further, the Principles never mention the ability to kill all non-essential, non-driving-related sensors in the car, nor the ability to shut off location tracking. HERE is where I would like to see the Collection Limitation principle reassert itself, in combination with an improved consent posture. If a driver declines whatever shiny, amazing application in-car sensors would enable, and doesn’t want the car manufacturer, the dealership, and any partners to know where she or he is driving, the data should not be collected. Collection Limitation is meaningful here because the car is unique in its function and context – driving. And while the same data could likely be gathered from the driver’s phone, the phone could be off, location services disabled, what have you; it’s a separate consideration. If the car is a locus of sensors, a privacy-positive orientation would have the driver able to kill all non-essential sensing. This is also an argument in support of the continued existence of Collection Limitation.
The IoT Privacy Forum is now a member of the Alliance for Internet of Things Innovation, a European Commission-convened group of industry players, SMEs and other interested stakeholders. We’ll also be sending a representative to the 5th Annual Workshop of the Internet Governance Forum’s Dynamic Coalition on the Internet of Things in Dresden on July 24/25.
Jay Stanley, Senior Policy Analyst for the ACLU Speech, Privacy & Technology Project, is doing a series of posts on the IoT. The first piece, ‘The Coming Power Struggles Over the “Internet of Things”,’ contemplates the extension of corporate power into more and more personal and intimate spaces. He begins with this example:
When I stick a movie into my DVD player and try to fast-forward through some of the annoying preliminaries that are at the front of the disc, I get an error message: “This operation prohibited by this disc” […] First of all, it’s not “the disc” that is prohibiting my attempt to forward through trumped up FBI warnings and Hollywood anti-piracy propaganda. It’s the Hollywood studios that have programmed my technology to prohibit my “operation.” […] The message is: “There’s no power play going on here, it’s just how the objective technology works!” What’s actually happening is the movie studios have decided to program technology (or pressure hardware manufacturers to do so) to take away your control over your time and what you watch, and force you to view content that they control, in order to advance their own interests. More broadly, this annoying little example highlights the power struggles we could face as computer chips come to saturate the world around us—the trend often called “the Internet of Things.”
It’s an interesting and important point (though I do wish it was a little less shrill). Questions of power inequity rarely surface in public discussions of data collection and system control, so I’m happy to see Stanley address it. His next piece, “The Internet of Kafkaesque Things,” is a thoughtful if rarified discussion of the similarities and differences between computers and bureaucracies. Stanley worries if those similarities will transmit the inefficiencies and rabbit holes of bureaucracies into ever more personal spaces as devices become more connected:
The bottom line is that the danger is not just that … we will become increasingly subject to the micro-power of bureaucracies as computer chips saturate our lives. There is also the danger that the Kafkaesque absurdities and injustices that characterize bureaucracies will be amplified at those micro levels—and without even being leavened by any of the safety valves (formal or informal) that human bureaucracies often feature.
Both pieces are worth a read and I’m looking forward to the third piece in the series.
Latest tweets are now displayed on the right side of the page. w00t. Little victories.
I’ll be livetweeting today and tomorrow from the IoT Forum 2015 conference in Cambridge. Follow @IoTPrivacyForum, #IoTPrivacy and #IoT15.
Dr Gilad Rosner, the founder of the IoT Privacy Forum, will be giving a free webcast today at 10a PT / 1p ET / 6p GMT. You can register for it here. Topics include privacy in the IoT, privacy by design, and the sociotechnical nature of connected devices.
Ashkan Soltani, the FTC’s Chief Technologist, penned a good article on the particular security challenges of cheap, connected, low-power devices. He uses the venerable refrigerator example to get some important questions across:
“… a refrigerator was once just a refrigerator with one purpose: cooling food. Now that we live in an IoT world, embedded inside that refrigerator is a full-fledged network computer which could potentially be exploited to launch a DDOS attack against the consumer (or some external) network. As the technology behind the household items we buy evolves, so must the way we think about the long-term effect to consumers when they purchase them:
What will be the level of security and support while under warranty? If a critical vulnerability is discovered, will an update be provided? What happens after the warranty expires? Should modern refrigerators have a shelf-life, much like the food contained within?”