How Australia can reap the benefits and dodge the dangers of the Internet of Things



Shutterstock

Kayleen Manwaring, UNSW and Peter Leonard, UNSW

The Internet of Things (IoT) is already all around us. Online devices have become essential in industries from manufacturing and healthcare to agriculture and environmental management, not to mention our own homes. Digital consulting firm Ovum estimates that by 2022 Australian homes will host more than 47 million IoT devices, and the value of the global market will exceed US$1 trillion.

The IoT presents great opportunities, but it brings many risks too. Problems include excessive surveillance, loss of privacy, transparency and control, and reliance on unsafe or unsuitable services or devices.




Read more:
Explainer: the Internet of Things


In some places, such as the European Union, Germany, South Korea and the United Kingdom, governments have been quick to develop policies and some limited regulation to take advantage of the technology and mitigate its harmful impacts.

Australia has been late to react. Even recent moves by the federal government to make IoT devices more secure have been far behind international developments.

A report launched today by the Australian Council of Learned Academies (ACOLA) may help get Australia up to speed. It supplies a wide-ranging, peer-reviewed base of evidence about opportunities, benefits and challenges the IoT presents Australia over the next decade.

Benefits of the Internet of Things

The report examines how we can improve our lives with IoT-related technologies. It explores a range of applications across Australian cities and rural, regional and remote areas.

Some IoT services are already available, such as the Smart Cities and Suburbs program run by local and federal governments. This program funds projects in areas such as traffic congestion, waste management and urban safety.

Health applications are also on the rise. The University of New England has piloted the remote monitoring of COVID-19 patients with mild symptoms using IoT-enabled pulse oximeters.

Augmented and virtual reality applications too are becoming more common. IoT devices can track carbon emissions in supply chains and energy use in homes. IoT services can also help governments make public transport infrastructure more efficient.

The benefits of the IoT won’t only be felt in cities. There may be even more to be gained in rural, regional and remote areas. IoT can aid agriculture in many ways, as well as working to prevent and manage bushfires and other environmental disasters. Sophisticated remote learning and health care will also benefit people outside urban areas.

While some benefits of the IoT will be felt everywhere, some will have more impact in cities and others in rural, remote and regional areas.
ACOLA, CC BY-NC

Opportunities for the Australian economy

The IoT presents critical opportunities for economic growth. In 2016-17, IoT activity was already worth A$74.3 billion to the Australian economy.

The IoT can facilitate more data-informed processes and automation (also known as Industry 4.0). This has immediate potential for substantial benefits.

One opportunity for Australia is niche manufacturing. Making bespoke products would be more efficient with IoT capability, which would let Australian businesses reach a consumer market with wide product ranges but low domestic volumes due to our small population.

Agricultural innovation enabled by the IoT, using Australia’s existing capabilities and expertise, is another promising area for investment.




Read more:
Six things every consumer should know about the ‘Internet of Things’


Risks of the Internet of Things

IoT devices can collect huge amounts of sensitive data, and controlling that data and keeping it secure presents significant risks. However, the Australian community is not well informed about these issues and some IoT providers are slow to explain appropriate and safe use of IoT devices and services.

These issues make it difficult for consumers to tell good practice from bad, and do not inspire trust in IoT. Lack of consistent international IoT standards can also make it difficult for different devices to work together, and creates a risk that users will be “locked in” to products from a single supplier.

In IoT systems it can also be very complex to determine who is responsible for any particular fault or issue, because of the many possible combinations of product, hardware, software and services. There will also be many contracts and user agreements, creating contractual complexity that adds to already difficult legal questions.




Read more:
Are your devices spying on you? Australia’s very small step to make the Internet of Things safer


The increased surveillance made possible by the IoT can lead to breaches of human rights. Partially or fully automated decision-making can also to discrimination and other socially unacceptable outcomes.

And while the IoT can assist environmental sustainability, it can also increase environmental costs and impacts. The ACOLA report estimates that by 2050 the IoT could consume between 1 and 5% of the world’s electricity.

Other risks of harmful social consequences include an increased potential for domestic violence, the targeting of children by malicious actors and corporate interests, increased social withdrawal and the exacerbation of existing inequalities for vulnerable populations. The recent death of a woman in rural New South Wales being treated via telehealth provides just one example of these risks.

Maximising the benefits of the IoT

The ACOLA report makes several recommendations for Australia to take advantage of the IoT while minimising its downsides.

ACOLA advocates a national approach, focusing on areas of strength. It recommends continuing investment in smart cities and regions, and more collaboration between industry, government and education.

ACOLA also recommends increased community engagement, better ethical and regulatory frameworks for data and baseline security standards.

The ACOLA report is only a beginning. More specific work needs to be done to make the IoT work for Australia and its citizens.

The report does outline key areas for future research. These include the actual experiences of people in smart cities and homes, the value of data, environmental impacts and the use of connected and autonomous vehicles.The Conversation

Kayleen Manwaring, Senior Lecturer, School of Taxation & Business Law, UNSW and Peter Leonard, Professor of Practice (IT Systems and Management and Business and Taxation Law), UNSW Business School, Sydney, UNSW

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Six things every consumer should know about the ‘Internet of Things’



File 20170606 16849 1uprbhi
What happens if your smart kettle is hacked?
Shutterstock

Kayleen Manwaring, UNSW

At least 40% of Australian households now have at least one home “Internet of Things” device. These are fridges, window blinds, locks and other devices that are connected to the internet.

While the Internet of Things (IoT) may lead to more efficiency in our daily lives, my research shows that consumers are exposed to many risks by the use of IoT devices, ranging from disclosure of private information, to physical injury and problems with the devices themselves.

Australia has no specific laws aimed at addressing IoT issues, and current laws intended to protect consumers have gaps and uncertainties when dealing with IoT devices.

1) Your devices can spy on you (and your kids)

Many IoT device manufacturers and suppliers show little regard for customers’ privacy. Some even make money from customer data.

Consumer electronics company Vizio recently agreed to pay US regulators US$2.2 million, after allegedly failing to get appropriate consent from users to track their TV viewing habits.

Late last year, the Norwegian Consumer Council found that a children’s doll recorded anything said to it by children and sent the recordings to a US company. The company reserved the right to share and use the data for a broad range of purposes.

2) Many IoT devices are vulnerable to hacking

The same doll was also found to have a security flaw that allowed strangers to talk and listen through the doll. Security vulnerabilities such as these can be exploited to cause damage in both the physical and virtual worlds.

IoT devices were recently involved in some of the largest “distributed-denial-of-service” attacks – flooding websites with traffic until they crash. The recent huge attacks on internet company Dyn and on the security researcher Brian Krebs were in large part fuelled by hacked IoT devices.

But hacked IoT devices can also be dangerous by themselves. In 2015 Fiat Chrysler recalled 1.4 million vehicles when security researchers proved they could break into smart cars’ systems remotely and control brakes, steering and transmission.

3) Your devices are never really yours, even after you pay for them

Most IoT devices come with some form of embedded software, and the devices won’t work properly – or sometimes at all – without it. This software is usually licensed, not sold, and the conditions imposed through licence agreements can hinder users’ repairing, modifying or reselling their devices.

This can be anti-competitive, as individual users are effectively “locked in” to one brand and one supplier.

For several years now, US farmers have been in a dispute with agricultural machinery manufacturers such as John Deere, over their rights to repair tractors that contain embedded software.

The farmers were granted a three-year exemption to certain copyright laws in 2015. However, John Deere is fighting back.

In October 2016, the company issued a new licence agreement which prohibits almost all software modification on its tractors. This action appears to be an attempt to ensure all repairs are done by John Deere contractors.

4) Your devices know your weaknesses

IoT devices have the potential to collect more intimate data about individuals than was possible with previous devices. This data can then be used to create profiles that give incredible insight into consumers, and can even predict their behaviour.

For a number of years now we’ve known that the embedded technology in smartphones can be used to detect users’ mood, stress levels, personality type etc.

But some IoT devices can collect even more intimate and personalised data. This was evident after a recent out-of-court settlement by a wireless vibrator manufacturer allegedly collecting data without consent.

The consumer profiles that can be built with all this data can then be used to sell us products at times when our willpower is lowest. Retailers are currently using technology to track consumers through stores and send customised messages to mobile phones. This may be linked to our purchase history and what is known about our mood.

5) It’s almost impossible to know what you’re getting yourself into, or how long it will last

Many IoT products are complex hybrids of software, hardware and services, often provided by more than one supplier. What your rights are when things go wrong, and who best to fix it for you, can be hard to figure out.

A recent investigation of the Nest thermostat system revealed that if consumers wanted to understand all of the rights and obligations of those in the supply chain, they needed to read a minimum of 13 different contractual documents.

Even if you know and trust your supplier, they may not be around forever. And when they go, services essential to their products working may disappear as well.

Revolv, a maker of home automation devices, was shut down after the company was acquired by Nest, which was itself acquired by Google. Nest refused to support Revolv’s products, and they stopped working less than two years after being released.

6) The law may not protect you

Many IoT devices put consumer privacy at risk, but the Privacy Act has significant limitations, as the definition of “personal information” is very narrow. The Act doesn’t even apply to many Australian companies, as they do not meet thresholds such as having A$3 million in annual turnover.

Consumers and regulators may attempt to pursue device suppliers under the consumer guarantees in the Australian Consumer Law. But there are grey areas here too. We don’t know what “acceptable quality” is when it comes to some of these devices, for instance. Is an internet-connected kettle that boils water perfectly well, but can be easily hacked, of acceptable quality?

Proceed with caution

Consumers are exposed to significant risks from IoT devices, from predatory use of data, to security flaws and devices no longer being supported. Meanwhile Australia has no specific laws aimed at addressing these IoT issues.

The most recent review of the Australian Consumer Law recommended investigating “emerging technologies” be made a priority. It is vital that a close examination of consumer protection relating to IoT devices be included front-and-centre in this project.

The ConversationIn the meantime, consumers should think long and hard about the risks they are taking on with IoT devices. Do you really need that internet-connected hairbrush?

Kayleen Manwaring, Lecturer, School of Taxation & Business Law, UNSW

This article was originally published on The Conversation. Read the original article.