from Paul Rosenzweig, George Washington University School of Law
Tim Sparapani, writing in Forbes magazine, assumes that the Internet of Things really consists of four distinct sets of activated products. He calls them the Internet of Me, the Internet of Us, His Internet, and the Internet of theirs. How seriously should we think about our privacy and civil liberties?
I and We Internet are Internet devices that collect data about unique and identifiable individuals. The Internet-enabled insulin pump is an example of My Internet while Nest, a thoughtful home architect, would be part of Our Internet after gathering information about an entire family.
An example of It’s Internet would be the new car tire pressure sensor — an internet-connected device equipped with intelligence that shows when the air pressure in one of the tires is low. And, at least in the face, this type of device does not collect any known information about the driver. Limited to an assessment of the vehicle and its safety.
This is a transcript from the video series Surveillance Status: Big Data, Freedom and Youwith Check it out now, at Wondriumwith
The issues of privacy and civil liberties that surround the Internet of Things seem to vary, depending on the type of Internet we are talking about. Let’s start by thinking about the Internet Me and Us.
At least three privacy questions can be embedded in such collection systems: One: Who owns or controls the data. Two: What are their responsibilities regarding the protection of this data. And three: What can be allowed to do with it?
Statute and Contract Law
The issue of ownership / control is generally determined by contract or statute. Under contract law, the device provider will almost certainly claim ownership of the data. As a result, Nest and Google generally consider that they can process data about someone’s thermostat more or less as they see fit.
In that case, however, they also take responsibility for ensuring the security of this data.
Learn more about the modern conception of privacy.
Privacy protection products
Officials at the U.S. Chamber of Commerce, right across from the White House, were amazed to discover a few years ago that one of their office printers was communicating with a Chinese computer and extracting Chinese characters.
Similarly, a Columbia University study found that tens of millions of Hewlett Packard laser printers were vulnerable to hacking. Even your cloud-based nanny camera can be hacked.
One may ask, how is this possible? It happens that, the manufacturers manage the data they collect in their best interest. And some of them may not care, if we say, tire pressure data is used or misused. It does not affect them.
However, it seems worth asking a more sophisticated question: Why have competing markets not produced more privacy protections? Normally, we would expect that if, hypothetically speaking, Nest treats our data badly another company, called it SafeNest, would come out and promise us more privacy and security. Why hasn’t it happened on the Internet of Things yet?
Economics of industry
The answer, as with many things, lies in the economics of industry. Right now, Internet of Things makers may not have enough economic incentives to build a better product.
Personal data is a product – an economic product that can be bought in the private market. Selling goods can have benefits for both buyer and seller. But the sale can sometimes have effects on third parties that are not part of the transaction.
Third Party Effects
The Internet of Things is full of these third party effects. Some of them are pretty good effects. When data is collected on a home’s energy consumption, for example, others in the same grid will benefit, whose energy efficiency may also increase, or who will have more energy available for their consumption .
In fact, in some ways, almost every bit of data collected in every part of cyberspace adds to the overall repositories of knowledge – theoretically reducing operating costs.
The effect of deviation
But gathering information can also have negative consequences. One of them comes with the name of a diversion effect. If, for example, we gather more information about health, then insurers may choose to insure only the healthiest – by diverting their actions to more profitable ventures and leaving gaps in the market.
A price reduction for one may mean a price increase for others who are not so well connected or whose business is not so desirable.
The price problem
A second negative consequence arises from a pricing problem. We want people who produce or market a product to take into account all production costs. But they usually only calculate their own expenses. How, otherwise, would they calculate a profit?
However, in the example of a data breach in the new Internet of Things market, the cost burden is more likely to fall on the consumer.
Learn more about how geolocation data is collected.
No Manufacturer Liability
Right now, generally speaking, when software fails to prevent an intrusion, or a service provider fails to stop a malware attack – there is no clear mechanism through which to hold the Internet of Things manufacturer responsible for their costs. failures.
In a perfect economic world, one would pay more for an Internet-connected tire gauge and the manufacturer would build better privacy and security in it. In an imperfect world, the tire gauge is cheaper, which makes it easier to buy. But consumers experience costs in terms of lost security and privacy.
Frequently asked questions about the internet for me, us, him and them
website of Me and Us are Internet devices that collect data on unique and identifiable individuals, such as the Internet-enabled automatic insulin pump and Nest.
The effect of deviation refers to the fact that, for example, when we collect information about health, then insurers can choose to insure only the healthy – by diverting their actions to more profitable ventures and leaving gaps in the market.
The issue of ownership / control is generally determined by contract or statute. Under contract law, the equipment provider will almost certainly claim ownership of datawith