As more of our lives become connected to the IoT, fears mount about the amount and type of information we are sharing – especially about our home
But high-profile customer data breaches are causing some concerns about whether these devices, such as Google’s Nest smart thermostat, are safe scooping up tonnes of user data and storing it with an external cloud provider.
Just one data breach of Google Nest’s servers on Amazon Web Services (AWS) could expose home heating details to nefarious hackers, allowing them to extrapolate data on when a target may be in the house or away at work.
Such a high profile breach against the world’s largest cloud providers may be unlikely, but as customer data is sold off to third party companies like utility providers, you start to see how the dissemination of valuable data starts to pose a risk.
‘Wealth of data’
“Smart homes produce a wealth of data about the way we live and by leveraging this data, companies have the potential to improve how we go about our daily lives,” Simon Hunt, CTO Intel Security tells TechWeekEurope.
But he warns how treasured this data is to hackers.
“People are aware of how valuable this data is for third party companies, but this data is not just valuable for these companies it’s also like gold dust for hackers. In the rise of the Internet of Things, security has to be addressed from the outset to prevent the smart home hackers.”
In Europe, data privacy is a hot topic. Last week, a new data sharing agreement between the United States and European Union failed to gain the public backing of a key European data protection group.
The new transatlantic Safe Harbour 2.0 agreement (or the EU-US Privacy Shield as it is also known) had been finally agreed in early February to replace the previous Safe Harbour legislation that was ruled invalid by Europe’s top court on 6 October last year. The original safe harbour forbade the movement of its citizens’ data outside of the EU, unless it was moved to a location considered to have adequate privacy protections.
But European Data Protection Authorities (the so called “Article 29 Working Party” or WP29) – composed of watchdogs from influential member states – was not happy with the new agreement Privacy Shield as they considered it inadequate in a number of key areas.
Enter ‘privacy-orientated’ smart hub providers, providers who are gearing up to sell consumers devices that put data protection at the top of priorities.
IoT analyst at 451 Research Ian Hughes says that these companies should see growing success as consumers become more aware of where their data resides.
“As consumer understanding improves and the market matures a differentiator may be the ownership of your own data,” he says.
“Companies such as nCube in the UK use privacy as a unique selling point for their hub. Unless a hub service provider offers the consumer something in return for all this data, cheaper tariffs for energy, access to more online services etc. then people will question why their local activity needs to be in the cloud.”
Another company, based in Germany, is read to ship a smart home hub that operates without a connection to an external cloud provider. The device has found success on crowdfunding website Indiegogo after its manufacturer promised buyers complete data security.
ZOE (main image), made by Protonet, can control a home’s lighting, temperature, and security by voice commands, much like Google’s Nest or Amazon’s Echo smart home devices.
But ZOE operates without a connection to an external cloud provider, meaning that a user’s data is kept privately within their own home, encrypted. In the case of a cloud provider’s security breach, the customer’s data would then be, theoretically, safe.
The device managed to surpass its original $100,000 (£70,000) funding target on Indiegogo, and now Protonet has extended the funding campaign for another 30 days in the hope of reaching a total investment of $300,000.
“ZOE is the epitome of what modern technology must include: comfort, independence and data sovereignty in one device”, says Protonet co-founder Ali Jelveh.
“Nobody has to relinquish modern technology that makes our life’s easier and better. But what happens in our homes is none of someone else’s business. That’s why Protonet ZOE is the consequent counter draft for all currently available smart home devices.”
Germany is one of the most privacy-conscious countries in Europe, and it’s no surprise that Protonet hails from there. Multiple software and cloud providers have had to establish dedicated Germany data centres to make sure the data of German customers does not leave the country.
Waiting for the ‘big one’
Gary Newe, technical director at F5 Networks, tells TeckWeekEurope that while consumers favour the convenience of having their data stored in the cloud, any major security breach will make them rethink that accessibility.
“It won’t be until there is a huge data breach that people might begin to see the potential risk,” he says.
“In terms of the new EU data regulations, there are far more stringent requirements on companies to keep our personal data safe now, so it will be interesting to see how this impacts the companies providing these devices.”
Protonet claims that all private data which is produced by ZOE users in their home area will be encrypted and stored on an integrated memory and will not be passed on to an external cloud.
“This is why Protonet ZOE is fundamentally different from the current devices. Smart home hubs like Amazons Echo or Googles Nest are geared to store data of its users in the cloud of the company,” says Protonet.
“The aggregation of home usage data is valuable to marketing and product companies, as well as utility companies. Creating new business models around the value of this data may increase the take up of home hubs providing a reason for the consumer to share,” adds Hughes from 451 Research.
“We identified in our recent smart home adoption report that the home market mirrors wider industry concerns over data in the cloud vs. on-premises, and privacy and security controls, which all need to be addressed,” he says.
What do you know about the Internet of Things? Take our quiz!