Why IoT Security & Privacy Are Critical

Security and privacy concerns about smart meters and other Internet of Things deployments must be addressed in order for the IoT to succeed.

Pablo Valerio

October 31, 2014

4 Min Read
Network Computing logo

If the proper balance is not struck between the benefits of the Internet of Things and individual privacy and security, the evolution of the IoT is likely to be seriously compromised. The ongoing deployment of IoT devices is already creating serious issues and discussions about the privacy of users, IoT security, and the potential threat of cyber criminals taking control of sensors and smart devices connected to the Internet.

The industry is eager to praise the benefits of the IoT and its potential impact to the economy. Last year, Cisco estimated that the Internet of Everything will create $14.4 trillion of “value at stake” for companies and industries over the next decade. But to realize this big business, companies and governments need to watch their privacy and security measures closely in their IoT deployments.

For example, smart meters raise many privacy concerns. Smart meters could be used to determine people’s habits at home, including sleeping, cooking, amount of data being transmitted by their Internet routers, and even what content they watch on their TVs.

Their security is also a major concern. A team of Spanish researchers recently announced that they were able to reverse-engineer a widely used model of smart meter in Spain, exploiting security weaknesses, which allowed them to shut down power and perform electricity usage fraud over the network.

Security and privacy concerns associated with smart meters are why they are currently “optional” in several countries. That's the case in the Netherlands after consumer organizations and privacy watchdog groups campaigned vigorously to stop the mandatory smart meter deployment. A report from researchers at Tilburg University claimed that “smart meters have the capacity to reveal quite privacy-sensitive information, thus affecting not only informational privacy but also privacy of the home and of family life”

Some cities' IoT deployments are getting scrutinized as well. Here in Barcelona, the city -- in collaboration with a major technology firm -- has deployed infrared cameras in the Born quarter, one of the most popular tourist neighborhoods, to track people’s movements and  shopping habits. Madrid has installed “smart pavement” in the popular Puerta del Sol to provide free WiFi and also track smartphone users through MAC addresses.

To address IoT security and privacy concerns, the European Union-funded Respect project aims to help governments and technology companies develop and deploy Privacy-Enhanced Technologies (PETs) to minimize the impact of ubiquitous surveillance and data collection on people’s privacy.

The goal is to limit the collection and retention of data, and assure that sensors, CCTV, and other IoT devices collect anonymized data and the information retained is only accessed for aggregate analysis.

As sensor data and other IoT infrastructure to support public administration and  services become present at every level of a city’s strategy of  becoming “smarter,” transparency and collaboration with citizens becomes critical. A "smart city" cannot just reflect the vision of technology companies or the political aspirations of the city’s officials, no matter how well intentioned they may be.

The challenges of IoT security and privacy were highlighted at the recent AirWatch Connect conference in London, which I attended. Executives at the mobile-device management (MDM) vendor said they see the IoT replacing BYOD as the biggest management issue facing organizations.

“The future is all about the Internet of Things... When companies plan for the IoT, they need to think how they can better secure the devices, serve their users, and make sure that it makes them more productive while managing the IoT properly,” AirWatch senior VP and general manager John Marshall said in a presentation at the conference.

Erich Stuntebeck, director of research at AirWatch, said in an interview early this year: “People are only beginning to think about the challenges the IoT age will bring... Expect the phones, tablets, and laptops we already have to be joined by connected cars, thermostats, smart watches, and refrigerators -- anything that could benefit from a network connection.”

As our houses lose their character as private sanctuaries and become littered with sensors, with every device connected to the Internet and our private information in the cloud, many people are realizing the dangers of this always-connected way of life.

The future of the IoT could be at stake if those concerns aren't addressed and people aren't enabled to control what information they want to share.

About the Author(s)

Pablo Valerio

International Business & IT ConsultantPablo Valerio has been in the IT industry for 25+ years, mostly working for American companies in Europe. Over the years he has developed channels, established operations, and served as European general manager for several companies. While primarily based in Spain, he has also lived in Germany, The Netherlands and Denmark. His knowledge of the European IT business and his interest in EU technology initiatives spurred his move to technology writing. For the past four years, he has been a regular contributor to several publications in the IT ecosystem, focusing on privacy, security, mobile technology and smart cities. His work has appeared in InformationWeek, EETimes, Enterprise Efficiency, UBM Future CitiesDell's Tech Page One, and SAP Business Innovation, among others.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights