Every time we fill out raffle coupons and provided our name, address, email address and telephone numbers, we have given our unwritten consent and provided sensitive information to merchandisers to contact us - whether we win or not.
After realizing the disambiguation of the fine prints on this small piece of paper, at the end of the paragraph, a small statement clearly states that "'we may contact you for promotions available or related to this product." Then, giving us a blank space to sign away and complete the form.
How often we have done this unconsciously? Do we even care about where the piece of paper ends up after the raffle draw? In short, where did our personal details end up?
These are questions we rarely ask ourselves as we excitedly fill out forms, but are questions too important to not ask, particularly in this day in age where we are used to clicking and agreeing to terms and conditions. Installing software on our devices and downloading an app that we find useful are typical examples. These actions involve giving out our personal information, and as we connect those devices to one another, this information can be emitted and transmitted to the internet. We must be wary and have regard for what we share or give over to the connected world. It starts now.
All things connected
Research company, Gartner, Inc., noted that about 4.9 billion connected things were used last year. This is up 30 percent from 2014, with devices to reach 25 billion by 2020. The internet of things (IoT) has become a powerful force for business transformation, and its disruptive impact will be felt across all industries and all areas of society. Gartner added that consumer applications will drive the number of connected things, while enterprise will account for most of the revenue.
Furthermore, Gartner noted that endpoints of the IoT will grow at a 32% CAGR from 2013 through 2020. It will reach an installed base of 21 billion units, with almost two-thirds of them belonging to consumer applications. Spending on networked consumer and business endpoints will displace non-networked, growing at a 22% CAGR to $3 trillion.
These numbers indicate that as things are connected, real life applications become a part of our household. As we welcome every bit and piece of a smart device, there is a clear consensus in the industry that privacy must be at the forefront of IoT connection - we simply cannot sign away our information.
All parties and privacy
Although our privacy is protected in laws of the land, the IoT headlines become more pressing as technology becomes part of our physical space. Any violation of social norms become more obvious and gives birth to a new norm that needs to be developed around technology-based interactions.
In a summit organized by TRUSTe, a leading online privacy management services provider offering a broad suite of consumer, advertising, mobile, cloud and data privacy solutions, it is said that there is a clear consensus that privacy must be brought to the foray in this age of the internet of things.
The panelist focused on the recommendations presented in the Federal Trade Commission's (FTC) January 2015 in a report titled, "Internet of Things: Privacy and Security in a Connected World."
They've noted that there are three main principles in terms of a workable privacy standard for IoT device manufacturers and these are:
- Security - the report discussed on how data are being handled. What types of information is the device collecting? Is it sensitive personal information (e.g., geolocation, protected health information, etc.)? What quantity of data is being collected? The higher the risk profile associated with the data collected would mean the stronger the protections required on a device.
- Data Minimization - it refers to both limitations on the collection of data and the use of data. The FTC report emphasizes the need for both. It clearly points out that the need for collection limitation was clear just like when consumers did not agree when smart TVs manufacturers were collecting voices and conversations of consumers for other legitimate purposes. Adding that the major guiding question for companies considering on how to limit their data collection is, "Why do we need all this particular data?"
- Notice and Choice - according to one of the panelist, Hilary Cain, an advocate for Toyota's involvement in the self-regulation of connected vehicles; she noted that without reasonable use limitations, consumers would begin to receive ads for stores as they drove past in their cars, cueing that creepy feeling on consumers distrust. The group noted that the collection and use of limitation principles are tied directly to consumer expectations, which are established by offering them mechanisms for notice and choice. The panelists emphasized the importance of tailoring notice and choice to the entire user experience of an IoT device. It includes the packaging of the device itself. Getting creative with the education and involvement of users in their privacy, choices can increase trust and accountability between brands and consumers.
Towards the right direction
As tides turn towards connected things, frameworks for setting privacy standards can help companies create new and exciting IoT products, and take steps in the right direction of protecting consumer privacy.
There will be continuous debate about whether we can live with or without the age of IoT, it is appropriate to be safeguarded. We have the right to know when and where our information will end up. We should not just give away a piece of ourselves to someone we don't trust, whether it is the 1950s or the age of IoT.