The following is a guest post by Julie Robles, founder of Raw Motion and ex-Techstars associate. This piece was inspired by a collaboration with Teskalabs, a security for mobile and IoT company.
Every week there is a new connected device on the market (a few days ago Tag Heuer launched its smartwatch with Google, and last week I saw a €39 sleep tracker in my supermarket plaster section). Tech conferences are buzzing about the Internet of Things (Consumer Electronics Show 2015, Pioneers Festival 2015).
The Internet of Things includes all the devices and sensors that are connected to a network to send and receive data. It has actually been around for a while now, better known as M2M (Machine to Machine), when it was only supported by telecom operators networks and using SIM cards to communicate.
The first step was to enable machines to listen (controlled from a distance), then to talk (send data). Now the next step is to make them intelligent. A smart device is a device that is able to take action without human interaction. Turning the lights on because you are home, stopping and saving the progression of the movie because you fall asleep.
And it is disrupting each and every one of the old industries: agriculture, urban infrastructures, factories, utilities, logistics, retail, transportation. What does this mean for the world as we know it?
The benefits-risks balance
Whether it is in the B2C or the B2B market, the adoption of IoT devices will depend on the balance between benefits and risks. Using the data brings a lot of value if done correctly, like creating secured homes for the elderly by detecting falls. But it also means that organisations with divergent interests may access those data, legally (data are sold to them) or illegally (they hack the database).
But before diving deeper into this issue, it is important to specify that security and privacy are two distinct concerns. Security is protecting data from being hacked; privacy is protecting data from being used with different purposes than those being signed for or from being sold to a third party. So when the privacy is an ethical question, security is a technical issue.
When it comes to security, what is the weak link in the chain? Where should the industry focus its effort? There are many different actors on the value chain of connected devices:
Who should be held for responsible for the data security? Every stakeholder is an entry point that can be hacked. It also means that the integrity of one’s data is depending on his partners’s as well.
Another challenge for securing the data is the lack of standard communication protocol. NFC, Bluetooth, WiFi, Zigbee, LoraWan: it is as many protocols to secure and constantly keep up to date. The industry is still very young and everyone hopes its technology will take over the market. Consortia are forming, but it will take some time before there is a clear winner which sets the standards.
Let’s make some money
Let’s come back to the privacy issue. The business model behind the IoT plays a big part in the company strategy: who is the customer, who pays, how do they reach their clients? Enterprises have to be sustainable which means that they have to find a business model balancing revenues and ethics. They have to make enough money and they have to keep their users happy. On one hand these data have a lot of value for third parties that want to sell their products (insurance, analytics) and on the other hand we have users who have the habit to access digital services for free.
Apart from selling the data, the company can choose from those options: the one shot hardware sale, the hardware sale with limited margin plus a monthly fee, the paid coaching services on top of a free app. Advertising and discount partnerships are actually based on the model where the company sells the user’s data to another enterprise: they are buying the user’s profile. It seems like selling the data is a strong business model, yet the user might want to know how are his data used. This raise the question: who owns the data?
As soon as you want to download an app, the user has to give up his rights on a lot of (unrelated) data. But because these data are rarely used, the user tends to overlook. When he receives unwanted emails, it goes to spam; it’s pretty straightforward.
The problem with IoT is that the collected data are not simply the email, they are much more intimate: where the user is, his health details, how he drives, how he spends his money.
What’s next
The IoT is the next big revolution, but it still has its challenges to overcome. The adoption faces other questions at the moment: the use cases are not clear, the user has to create applications around the product, the prices are still high, the hardware is fragile.
But the big crises are about trust (Sony’s data were hacked last year, a connected car was remotely crashed a few months ago). Security and business model should be the two main focuses. People will let those smart devices into their lives when they will be able to trust them.