IoT Poised to Explode, as Security, Privacy, Connectivity Challenges Remain, Say Experts
IoT is in a nascent phase, poised for exponential growth in five years that will provide a wide range of consumer and industrial applications, benefits and opportunities. A multitude of challenges and barriers such as connectivity, interoperability and privacy and cybersecurity need to be addressed for development, technology experts said at a daylong NTIA event Thursday. Such barriers will need public and private sector coordination, but some said the government needs a light regulatory touch.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Harley Geiger, director-public policy for security company Rapid 7, said security is critical for maintaining consumer trust, global growth, privacy and safety since the IoT includes interaction with physical objects. Proliferation of a highly diversified IoT will mean a larger attack surface for criminals, so a better approach to security is needed, he said. Geiger said there's no accepted way for rolling out security patches once devices leave a manufacturer. He said the IoT supply chain is complex because of a large use of third-party subcomponents, which leaves open the question of who owns the device and who has responsibility for its security and that means more standardization and coordination are needed. Industry must develop processes to handle vulnerabilities brought to its attention by independent security researchers, because sometimes they're met with legal threats or not taken seriously. Laws like the Digital Millennium Copyright Act and Computer Fraud and Abuse Act also need to reform because they have been used to chill scientific research, said Geiger.
Online Trust Alliance Executive Director Craig Spiezle said a reason IoT security is complex is because it's multidimensional: it's a physical device, a mobile or web app and also a cloud service. Privacy and security need to be looked at in those areas, and for data flows. "Who has access? Is it encrypted? How is it stored?" he asked. This is also true from a consumer perspective with smart homes, he said. “You have these devices that are connected to the wall. What happens when someone moves? Who owns that data? So do you have data portability issues or do you have data right to be forgotten or both of those?” Sustainability is another issue such as for devices that are "orphaned" if no one takes responsibility for security or a manufacturer goes out of business.
IoT is living up to hype, said Bridget Karlin, Intel managing director-IoT strategy and integrated products. She said about $2.5 million is spent on IoT hardware a minute and about 4.5 million developers are working on IoT applications. In 2015, about $21 billion was spent on IoT mergers and acquisitions, and funding for the startups essentially doubled over the past five years with countries like Germany and China accelerating investment in IoT as well, she said. By 2020, she said, analysts project that 55 billion devices and 212 billion sensors will be connected, collectively generating more than 44 zettabytes of data.
In a discussion with NTIA Administrator Larry Strickling, Information Technology Industry Council CEO Dean Garfield said a national strategy is needed to provide critical information and a framework for achieving a shared interest on IoT. He said his association a year ago developed principles on broadband, standards, privacy and security integration, and a road map would help put "more meat on the bones" of those principles. Garfield said the federal government also can lead by buying and using IoT technologies.
Development of 5G networking will be critical for IoT growth, said John Godfrey, Samsung Electronics America senior vice president-public policy. Such networks will be lower in latency, more reliable and energy efficient and provide a more evenly distributed quality of service, he said. More important, 5G can handle high data rates, enabling many IoT applications such as video and cloud computing, he said. That's "thanks to the FCC's action this summer making available a record amount of spectrum, almost a gigahertz for commercial mobile use in the high frequency bands of 28 GHz and 37 to 40 GHz as well as unlicensed use above 64 GHz," he said. John Kuzin, Qualcomm vice president-regulatory counsel, also stressed the importance of 5G, as well as the current use of 4G, 3G, Bluetooth and Wi-Fi in IoT growth. He said technology neutrality is significant in ensuring IoT success.
Michelle De Mooy, Center for Democracy and Technology acting director-privacy and data project, said CDT wants a more forward-looking approach to IoT privacy. Ethical questions are raised from sensors, which are not just in homes but on bodies, and lead to issues of data ownership. She said companies need to be data stewards for people, not just hold data. One approach may be to adapt data commons used in the healthcare sector to an IoT framework. "Perhaps one approach to governance is to look at commons, is to look at interoperability from a place where the person is the hub," said De Mooy. "The information can go to lots of different players and can be used in lots of different ways but that the individual is ultimately the hub for the information."