There is an interesting dichotomy appearing in our attitudes to sharing our personal data. There are those that think that to get the best personal experience, we must accept that companies have access to our everyday routines and the things we like. Then there are those that believe our personal data is ours alone, and that companies can design products and services without the need to know every last detail about what we get up to.
As the Internet of Things arrives, and sensors and connectivity are added to more devices and appliances, this debate is moving to the smart home. Right now the extent of most smart homes involves you using a smartphone to control the lights. But over the next few years, we’re going to see much more complex and nuanced uses of technology in our homes, driven by our desire for greater convenience, reduced energy bills and improved security.
This is why it is imperative that those involved in building the smart home ecosystem, really think about these issues now, before something happens that could unduly affect consumers and jeopardise smart home adoption—much like the recent VTech hack. We recently brought together leading industry players to debate all aspects of the smart home from data security, to data policy and consumer support. The result was a cyber security manifesto that formalises much of the current discourse, providing a range of principles to be taken into consideration during the development of smart home devices, appliances and services.
Dixons Carphone, Euronics, the Which Association, the SH&BA, Intel, D-Link, Deutsche Telekom, and Nottingham University contributed to these recommendations, and we’d like to share them with you today:
1. The smart home must be secure by design – security cannot be added as an afterthought. Products and services must be secure across design, development, promotion and maintenance stages, and throughout the entire supply chain.
2. The smart home must be able to authenticate all users – from knowing your heating preferences, to recommending which movie to watch, it is vital that everyone connected to the home network can be accounted for.
3. All data that flows through the smart home must be encrypted – this is especially true of the personal and financial data of users.
4. More must be done to deliver end-to-end security – as most smart home devices and services will connect through the cloud and other data centres, each step must be secure and not endanger the end-user.
5. Companies must adopt transparent data policies – it must be made explicitly clear what personal data is collected and what that data is then used for. Consumers must be told if any company sells their data to marketers or any other third-party.
6. All smart homes must offer the same level of privacy as homes do now. That means when the doors are closed, and the curtains pulled down, no company or person should expect to be able to access any activity of the home owner.
7. All smart home devices and services must be accessible and understandable for all users, regardless of technical prowess. The end-user should never be blamed for a security vulnerability that arises in the installation or the running of a product or service.
8. All devices and services must launch with long-term support. This means regular security updates and on-going support must be made available to ensure consumer peace of mind.
If devices and appliance manufacturers, retailers and service providers act on these points, we will have a much more transparent and secure ecosystem that places the consumer front and centre of the smart home.
Adam Simon is Global MD for Retail at IT analyst firm CONTEXT
Image Credit: bergserg/ Shutterstock