The digital age poses some serious privacy challenges for customers and enterprises alike.
A few years ago, the world’s largest cab aggregator company shared some statistics in the public domain. It was about its number of customers who had used escort services in parts of the United States, with some interesting titbits on the time at which they preferred to use those services and the amount of time they spent with the escorts. Of course, no personal information of the individuals surveyed was shared. But it was an ominous indicator of things to come and how hyperconnectivity could end up compromising consumer privacy. Today, there are already hundreds of apps that keep track of our online activity, store and use information on our personal likes and dislikes, and use it for furthering their business interests. Then there are cyber predators who fish for those records and steal them, jeopardising consumer privacy.
IoT complicates privacy issues
Things will only get even more complicated as enterprises start deploying Internet of Things (IoT) for more granular customer insights. While IoT devices embedded in healthcare, consumer electronics, and other systems are expected to deliver greater functionality and superior customer experience, the data they collect is susceptible to privacy infringements. They collect massive amounts of data, which is processed, analysed and stored somewhere. And how secure this data remains is anybody’s guess. The other issue with IoT devices, considering many of them are equipped with Natural Language Processing (NLP) capabilities, is that you run the risk of having devices that are always listening and transmitting information. Your sensitive conversations can be ‘overheard’ and broadcast to the wrong audience.
Privacy laws and regulations
Governments, consumer privacy protection groups and other stakeholders are already aware of the privacy issues hyperconnectivity will eventually create. EU’s General Data Protection Regulations (GDPR), which came into effect last year, addresses this problem to an extent. However, privacy laws and regulations in other parts of the world are yet to catch up. With GDPR already in place, there is a ready framework available for other countries to emulate. Eventually, we can expect most countries outside the EU coming up with their own consumer privacy regulations.
What enterprises can do to protect consumer privacy
While compliance to data privacy laws will protect consumers from privacy issues arising out of hyperconnectivity, there is a lot that device manufacturers, software developers and enterprises that deploy these technologies can do to ensure privacy issues are adequately addressed even before deployment. Institute of Electrical and Electronics Engineers (IEEE), the premier global standards body of electrical and electronics engineers, recommends a series of issues that both developers of IoT solutions and consumers should consider.
- What personal data does my IoT device collect?
- Where is that data sent?
- How is the data used?
- Is all of the data collected used or is there information the device should not collect?
- Does anyone else have access to the data?
- Where is the data ultimately stored?
- How long is the data kept?
- Do we need to build an expiration timeframe for data storage?
- How secure is the data during transfer and storage?
- How will consumers be notified if there is a data breach?
If there is clarity on these issues IoT devices developers will be able to provide secure solutions that address privacy issues. Consumers, on the other hand, can only opt for those solutions that adequately address their privacy and security concerns. These consumers include enterprises that deploy IoT solutions.