Will my information remain private?
Governments have data privacy laws that are in place to prevent private data from becoming public. IoT implementers are very well aware of those privacy issues. They deploy secure servers, encrypt the data and access control only trusted people.
IoT has the potential to gather an enormous amount of data but fortunately in many cases that data isn’t of a “private” nature. In a company environment knowing the temperature of the industrial fridges isn’t very private data. More so sometimes data is only applicable at a singular point in time. Ie. Knowing the fridge temperature three weeks ago.
IoT implementers will help guide you through the data requirements and the steps to keep the data safe.
Privacy in another context.
Privacy is a very important aspect of IoT technology. Governments are aware of the challenges posed by IoT but similarly also the benefits.
People may choose to track the movements of their loved ones using GPS technology. However that could cause privacy issues. Similarly governments may also start implementing technology in places like our vehicles and report to them anytime we speed resulting in an instant fine.
If staff are aware that their every movement is being tracked they may become agitated by the level of monitoring. Companies could state that they are preventing theft (which could be the exact reason staff are agitated).
Monitoring and privacy will always be viewed with some scepticism because it is very hard not to push the boundaries. In modern society the boundaries have already been pushed. Social media companies already know a tremendous amount about individuals – they use that information to better target advertising.
Who owns the data?
The data produced by the IoT device belongs to the owner of the source of the data. So if a device is being rented and is used by a factory to track worker movements the owner of the data is the factory.
Who owns what?
- If a company requires a custom device and pays for the development?
- If a company requires a custom platform and pays for the development?
As much as possible we want to own the IP/system and are prepared to offer an exclusive use over the system.
With regard to payments
If there are custom projects that require a development build we are more likely to quote on the job based on a minimum order quantity and use the deposit to cover the development costs. In this way we can maintain copyright over the work.
How do global and local data laws affect the solutions?
Data laws are largely geared towards data privacy. IoT as a concept is ahead of it’s time and therefore government legislators. There has been some talk of relaxing some data laws to accommodate IoT applications but we’re generally talking about relatively vague reports dealing with IoT data issues at a very surface level.
Businesses have never really had such access to data before so laws are going to need to be very practical to allow businesses to take advantage of the benefits that IoT can generate but firm enough to protect potential victims.
The high risk factors would include general workers who could end up being tracked to the enth degree because employers are able to monitor all movements, workloads etc… of those staff members. Unfortunately those types of discussions get very complex because employers also require structure and uniformity and conceivably would want to protect themselves from potential thefts or stock losses due to damages or poor workmanship.
Businesses will need to work with governments to find a suitable middle ground to keep data issues practical and ethical.
With regard to other forms of data – ie machinery maintenance tracking. There should be no logical issue as the data relates to an object that will purely benefit the business and cause no harm along the way.
How is the data protected / encrypted?
This is a very good question. In another context hacking of IoT devices could be a major threat to a business as they lose control of the device or the device.
Devices on networks like Sigfox and LoRa will be substantially protected from hacking by the nature of the technology. Only the base station is connected to the internet. The IoT devices connected to the base station are indirectly connected to the internet purely because the device sends a message which is received by the base station which in turn sends the data to the server.
GSM or in future NBIoT devices are at higher risk. Hardware designers need to ensure they take appropriate measures to protect their devices.
There is two parts to the question.
Firstly we need to get the data from the device to a server. Then we need protect the data while on a server.
Devices will always encrypt the data before it is sent out. This means it is relatively safe going from the IoT device to the server.
The server holds much more data and is therefore at a greater risk. Software engineers will maintain the latest versions of software and setup appropriate levels of security against all known forms of attack.
In most cases following the basics will protect a network against 99% of all threats. Following best practice will secure the network from the rest.