Other people's computers

Zuckerberg covers his camera & mic
Via Hackread

The Internet of Things (IoT), which are devices connected to the internet, is gaining momentum.  On the positive side, the idea of being able to remotely activate your central heating, or for your fridge to tell you when you're nearly out of milk, is rather exciting.  However, the darker side of IoT is its vulnerability to hacking, privacy concerns and consumer rights. This was a common theme at last Friday's Gikii conference, an event dedicated to combining law, technology and popular culture. Think of tech law enthusiasts using episodes of Hannibal to illustrate cybersecurity flaws. Stand-up for geek lawyers.

An opening talk by Jon Crowcroft, described the IoT as, "“Take all the stuff in the world with moving parts,  and now make it as easy to use and reliable as your printer – then put it the far side of the Internet." (Quote attributed to Derek McAuley.)  The idea is that everyday objects are enhanced with internet connectivity.  Done well, it should convey health, energy efficiency and productivity benefits. Done badly, and you have privacy concerns, hacking and consumers not being able to access goods and services they've paid for.

Crowcroft noted some challenges of current IoT models, which largely rely on conveying information from devices to the cloud, and back again. He suggested three main critiques: 1) Poor Availability & Latency (connecting through the cloud introduces latency, dependent on internet connectivity), 2) Higher energy use and expense, and 3) Lower security and vulnerability to attack. Combined, these factors imply that the IoT does not currently offer the promised automated world.

The conference was full of terrifying nightmares fascinating anecdotes. An audience member recounted setting up her smart TV, and the next morning being greeted by name by said TV. To add adult to injury, she was not fully dressed at the time; the camera has since been covered by a sock when not in use. Your car can be hacked and remotely disabled. The potential nefarious use of personal data, and sharing with third parties is poorly understood by consumers. The classic horror story of what companies can do with private data: the retailer Target was able identify, and market to, a pregnant teenager whose father was not yet aware of the pregnancy.

Privacy and hacking concerns aside, IoT gives producers unprecedented control over goods "owned" by consumers. The Alphabet (Google) acquired company Nest announced earlier this year that it is shutting down service to its devices.  The resulted is that these devices will be permanently "bricked" (cease to work, rendered as useful as a brick.) Nest devices were set up to control home thermostats, locks, lights and other household services; all of which will no longer be served. One user described Nest as being a $299 device, which looks like, and has ended up being as useful as, an empty tub of hummus.

A strong theme was that IoT reinforces existing institutions, rather than disrupting them. The Nest story illustrates this - a large corporation has used IoT to increase consumers' dependency on their services and devices.  We have seen similar trends in IP law and policy.  The general expansion of IPR tends to benefit existing businesses and rightsholders, and can be used to further entrench dominant positions.  It is not a great leap to see how patents will be used to further lock consumers into siloed IoT systems. The copyright implications are more ambiguous, and data protection regulations are evolving (covered by IPKat here and here.)

We're not quite ready

Advances in IoT may improve copyright enforceability. Copyright scholar Rebecca Giblin painted a dystopian future, in which copyright is perfectly enforced. In this world, where the threshold for infringement is fairly low, it is extraordinarily difficult to create original content.  Keyboards vet your music. Artists are encouraged to generate otherwise unprofitable content for licensing purposes only. Copyright has nearly entirely devoured the commons. There was unfortunately no mention of Justin Bieber, but the vision was not pretty.

So, I sat there in the Gikii audience and surreptitiously tried to cover up my fitness band, which was tracking my every movement and heartbeat. I gave up, and instead decided to indulge in the socially rewarding narcissism of Twitter and tweet my privacy-questioning discomfort. It turns out I'm happy to engage in the Faustian bargain of personal data for knowing my resting heartbeat. The IoT needs to move away from these bargains, and to balance an enhanced technological world with privacy and security concerns. Further calibrations are required.