Prioritizing privacy in an IoT world

Prioritizing privacy in an IoT world

The Internet of Things (IoT) is seemingly everywhere these days. You can find IoT devices in connected utility systems, appliances, sensors, security systems, cameras, wearable health devices, and pretty much everything else you can think of.

This is just the start of what’s to come, with the IoT market on pace to grow 25% each year through 2027. Rising consumer demand coupled with connectivity advancements like 5G should lead to massive IoT adoption among businesses and consumers in the coming years, bringing connectivity to just about every conceivable endpoint. 

In the meantime, the industry faces several major hurdles, including bandwidth constraints, a lack of interoperability, and regulatory fragmentation. Yet all of this should improve in time through steady advancements in connectivity, production, and policymaking. 

The real issue that should be keeping IoT stakeholders up at night is consumer trust — or a lack thereof. Research shows more than half of global consumers do not trust connected devices to protect their privacy and handle information in a respectful way. Further, 63% of consumers perceive connected devices as creepy in their behavior and the way they collect data. 

Gaining and keeping consumer trust is integral to increasing user adoption and unlocking the full value and potential of the IoT. The industry is now at a crossroads, and vendors must demonstrate greater transparency and safety. Failure to do so could mean putting themselves at risk of losing market share to competitors that place more emphasis on privacy and protecting consumer data.

Looking beyond security 

In the age of high-profile data breaches, it comes as no surprise that IoT security is now a major point of contention. The issue recently reached the highest level of government in the United States. In November 2020, Congress unanimously passed the IoT Cybersecurity Act, which sets minimum requirements for patching, developing, and configuring IoT devices. 

IoT security again made headlines in January, following an announcement that President Biden would not be able to use his Peloton bike in the White House due to security concerns. The latest research from McAfee justifies this action, citing a security vulnerability in Peloton products that makes them susceptible to cyberattacks.

As important as security is, it’s only half the battle for establishing consumer trust. The other critical piece of the puzzle is privacy. To clarify, security, in this case, refers to protecting data while privacy refers to the process of collecting, using, and accessing it. 

While privacy has long been an afterthought for IoT manufacturers and vendors, the topic is now receiving more mainstream attention from lawmakers and consumers. As a result, providers need to start taking this seriously or risk facing backlash.

On the regulatory front, the U.S. currently lacks a federal privacy program like the EU’s GDPR standard. However, a growing number of states are taking matters into their own hands. California, Virginia, and Colorado each have strict regulatory frameworks protecting consumer data, for example. And Pennsylvania may soon follow suit with HB-1126, or the Consumer Data Privacy Act, which is now under consideration. Some federal lawmakers are also pressuring Congress to pursue a federal privacy agency.

On the other side of the pond, the U.K. is also accelerating efforts to protect consumers from unsecured IoT devices. In fact, the U.K. government is now planning a new law that would hold manufacturers and vendors offering IoT devices more accountable for privacy and security violations, increasing safety measures for consumers. 

Making privacy a differentiating factor

While lawmakers continue to debate and enforce privacy measures, companies also face rising pressure from consumers who increasingly demand transparency and control over their personal information.

In one study, 32% of consumers said they care about privacy enough to switch companies or providers to protect it. Further, 90% believe the way vendors treat customer data reflects the overall way the company treats customers. And in a separate study, 92% of consumers said they want to control what personal information companies automatically collect — and increase punishments for companies that violate their privacy. 

In light of these findings, IoT providers have an excellent opportunity to use privacy as a key differentiating factor. Companies that prioritize and promote privacy stand a much greater chance of displacing competitors who put less emphasis on respecting consumer information. 

As an example, Amazon is prioritizing privacy and security in its new Sidewalk service, which improves connectivity for home devices by connecting local Sidewalk-enabled devices and essentially creating entire smart neighborhoods. It’s a groundbreaking service that helps devices like outdoor lights, motion sensors, and Echo devices work more efficiently over a shared, low-bandwidth network.

Naturally, the product is creating serious privacy concerns, which is why Amazon is heavily promoting safety measures. For example, nobody — Amazon included — can access any of the data that flows between Sidewalk transmissions. The company also uses three layers of encryption and deletes Sidewalk routing data every day. On top of that, rolling IDs add further anonymity for end users.

Consumers naturally remain skeptical about Sidewalk. But by making security and privacy a priority, Amazon stands a better chance of selling customers on privacy and increasing adoption of the fledgling service. 

It’s time to cater to the privacy-conscious consumer

At the end of the day, data privacy is an uncomfortable discussion for vendors and consumers. But in our increasingly digital age, it’s an important one to have — and lead with – as we all have a part to play in becoming better digital citizens.  

Bottom line? Companies that tackle privacy head-on and use it as a differentiating factor stand a much greater chance of earning consumer trust and edging out the competition. 

On the flip side, those that treat privacy as an afterthought might not realize just how wrong that decision is until it’s too late.

Which path will you take?