The Next Big Thing
Posts about next generation technologies and their effect on business.

Will the Internet of Things lead to passive oversharing?

 

security compromize.pngLast week there was a twitterChat by CIO magazine and the Enterprise CIO forum on ‘the Internet of Things and the effect on the CIO’. During this discussion someone asked “Are there security issues (particularly for the consumer)?” Everyone can probably agree that there are significant concerns that everyone needs to be aware as they strap on more and more devices.

 

One of these concerns relates to a story from a few years back. Then, there was quite a bit of discussion about Super Cookies. This techniques uniquely identified computers by their software versions, installed software… the kind of thing that can be gathered via JavaScript. Nothing had to be stored on the computer itself, like a normal cookie.

 

A similar technique can be applied to uniquely identify a consumer. What devices are they carrying…? Essentially, tracking people by what emissions they are emanating or consuming. Like the Super Cookie, this technique can track and record user behavior across multiple sites. Devices like cell phones are always transmitting "here I am" infromation. BlueTooth and WiFi can also be set to respond to external emissions.

 

Once you can track individual’s movement and interests, you can use that to predict future behavior and act upon it – much like what was demonstrated in the site pleaserobme.com. This site used individual’s social site usage to understand when they were away from home -- except in this case it is passive oversharing by our IoT devices that is the concern. Right now people view this as just a retail experience enabler so they are not freaking out.

 

But this passive surveillance is one area that will likely be scrutinized very closely in the coming years. Those who create devices need to be very aware of what is shared and utilize as much of the security capabilities that are available to keep passive sharing to a minimum.

 

It is not just about recognizing people who come into a retail area. For those who own devices, we need to be aware of what they emit, when and what controls are available to limit them. If it is possible to drive down a street and know which houses are occupied and which are not just by their IoT emissions, there are definitely people who will take advantage.

 

Comments
John Fowler(anon) | ‎03-24-2014 02:27 PM

I'd never thought of the potential sharing issues behind this before.  Is the following currently legal?

 

1. Detect and identify a customer shopping in a brick-and-mortar store.

 

2. Look up that customer's contacts on Facebook/Twitter/etc.

 

3. Send a message to each of them like, "Your friend CHARLIE BESS just took advantage of our great sale!  Come see for yourself!"

 

4. Bonus points if the retailer sells embarassing items.

 

| ‎03-30-2014 01:24 PM

I am sure it is going on right now. Remember that this kind of thing doesn't need to be done within the jurisdiction of the transaction, so the legal boundaries are likely quite porous. 

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation