Securing the “Internet of Things”

By David Hoffman, Intel’s director of security policy and global privacy officer

At the International Conference of Data Protection and Privacy Commissioners, I had the opportunity to moderate a panel entitled “A Smart New World? Internet of Things.” We refer to the “Internet of Things” as what Intel sees as the future of computing – many household and personal devices are increasingly becoming a connected computing continuum, which allows them to transfer applications and data from device to device using the internet. Although there are great benefits to individuals from this computing continuum, these “smart” devices will present privacy challenges, which require an examination of how the Fair Information Practices should be applied to this use of technology.

My panel discussed many of the Fair Information Practices, but specifically analyzed how the principles of notice and consent, will apply. This challenge is especially pronounced if there is not a direct individual interface with the particular device, such as with certain implementations of sensor networks. Most of the panel agreed that Privacy by Design, or incorporating privacy protections into technology in the design and manufacturing, can help alleviate many of the privacy issues that these connected devices might present. Privacy by Design can be an important component of organizational accountability, so that organizations implementing these technology solutions can demonstrate how they are designing privacy into the technology. The panel unanimously agreed that such accountable implementations could be aided by the development of industry best practices, which would also guide regulators on how to interpret the flexible Fair Information Practices which are the foundation of most global privacy laws and regulations.

The data protection commissioners conference always provides an opportunity for privacy regulators, academics, and the business community to come together to discuss the most pressing issues of the day. I look forward to continuing the debate about how to provide a policy environment where consumers can trust that their data is kept private and secure.