Consent, privacy, civil liberties in the IoT

(CC BY-NC-ND 2.0-licensed photo by lilspikey.)

Data & Society has submitted comments with the National Telecommunications and Information Administration (NTIA) in response to their Request for Comment on Stakeholder Engagement on Cybersecurity in the Digital Ecosystem.

The digital ecosystem is quickly changing as more services are offered online and as the devices that make up the Internet of Things (IoT) proliferate. We recommend that NTIA’s multistakeholder effort attempt to address, among other things, cybersecurity in the Internet of Things, user notification and choice in regard to data collection, and possible civil liberties dilemmas raised by big data and monitoring by numerous devices and websites.

These concerns about the effects of the Internet of Things on cybersecurity and civil liberties need to be addressed while the ecosystem is young. Failure to consider these questions now could leave users vulnerable to a number of threats in the future. Unless devices and services are adequately secured, users will be vulnerable to breaches that could expose intimate information about their bodies and homes to people who were never given permission to access that data. Additionally, without giving users proper notification and obtaining actual consent, users will be unaware of the privacy risks involved in using these technologies and unable to protect the information they consider private. Finally, data collection by online services and by devices that monitor our bodies and environments could lead to abuses of users’ civil liberties.

We hope the NTIA takes up these important issues as part of its multistakeholder process. Our comments discuss these concerns in more detail and are available here: Data & Society Research Institute Comments to NTIA on “Stakeholder Engagement on Cybersecurity in the Digital Ecosystem”.