The Internet of Things (IoT) is poised to make life more convenient in many ways. For the privacy-conscious, however, IoT devices also present all manner of new challenges. Here’s an overview of the five main ways in which IoT adoption will create new privacy threats.
For now, IoT devices have yet to see massive adoption. Some Internet-connected appliances and sensor systems have made their way into homes and offices. But in general, IoT devices are not yet all around us.
That will change, however. There are plenty of signs that IoT adoption will grow exponentially in the near future.
If you are concerned about online privacy, that creates a series of new challenges that are unique in many ways to IoT devices. They include:
- By design, many IoT devices will know your physical location. Traditionally, hiding your geographic location on the Internet has been easy enough with the help of a proxy like Tor or a VPN. But IoT devices could use other technologies, like GPS, to determine location (and there might not be an easy way to turn it off). The next generation of privacy tools will have to deal with these new challenges.
- It’s hard to use a VPN or Tor with most IoT devices. You can’t usually modify the software configuration on IoT hardware or install apps of your choosing on it. That makes it impossible to add privacy tools, including Tor and VPN. A partial solution could be to route your IoT traffic through a Tor relay or a VPN router, but that may not work in all situations.
- IoT devices collect unprecedented amounts of private information. On the Web, sites may monitor your browsing behavior or search terms. But they can’t tell how often you open the fridge, adjust the heat or turn off the lights in your house. IoT devices can potentially do all of the latter, and much more. That places the privacy challenge from IoT on a whole new level from the traditional Web.
- IoT devices tend to be very closed and proprietary. So far, at least, few companies have developed open source IoT apps or released much information about how IoT sensors and smart devices actually work. The lack of openness does not of itself mean privacy threats lurk. But it does not help. We can only hope that, with time, more open IoT solutions will emerge.
- IoT devices will be very hard to avoid. If you don’t want to use certain websites because they do not respect your privacy, you can simply choose not to visit them. In contrast, if IoT devices become as popular as predicted, they will be virtually impossible to avoid. Companies may install them without telling you. (So far, there has been little effort to regulate what companies have to disclose legally when they set up IoT devices.) You might move into a house that is already networked for IoT. You may be required to connect certain appliances to the Internet in order to use them. All of this makes IoT privacy threats much harder to avoid than the ones associated with traditional online privacy.
None of the above should be read as a paranoid rant against IoT. We’re confident that, in time, a new generation of IoT-ready privacy solutions will be developed — just as the existing generation was developed over the past decade to meet the privacy challenges of today’s Internet.
Still, those solutions don’t exist yet, even though IoT poses a new host of privacy challenges. Since we appear to be on the verge of the IoT revolution, it’s worth spending some time now thinking about the new types of privacy issues that IoT raises. By the time IoT devices are already in your home and office, it will be too late.