This article is part of a series called The Future is Smart: How the Internet of things is changing business
Follow the series at tgam.ca/internet
Ann Cavoukian, PhD, is executive director of the Privacy and Big Data Institute at Ryerson University and former three-term information and privacy commissioner of Ontario.
Imagine a world where everything is connected – not only online, but also in the physical world of wireless and wearable devices such as Fitbits, Nymi bands, Google Glass and Apple Watch – with a linking to connected cars, planes, trains and places.
If one adds to that the tracking of activities from one's monitored home by way of automated thermostats, light fixtures, smart TVs, smart meters and the smart grid, it will lead to the portrayal of the "quantified self," complete with the personal details of lifestyle, habits and activities all tracked and recorded. And one's entire lifestyle, containing a detailed set of activities and preferences, would potentially be accessible for all to see and, through the power of "machine learning," to analyze and make predictions about one's future behaviour.
Welcome to the Internet of Things, or perhaps more aptly, the Internet of Everything. Is this what we really want? Will the future world we live in be devoid of any privacy, upon which our individual freedoms are built? Because that is precisely what we have to consider – all that connectedness will pave the way for the surveillance of our lives, at an unimaginable scale.
But it doesn't have to be that way. If we embed privacy into the design of these interconnected devices and programs, we can have the best of both worlds: privacy and the IoT.
Surveillance is the antithesis of privacy, and accordingly, the antithesis of freedom. But the good news is that neither privacy nor the benefits inherent in the emerging IoT have to be sacrificed. We need only abandon the limiting either/or, zero-sum thinking that posits you can only have one interest or another.
It will be difficult. This flawed line of thinking is so deeply engrained in our thought processes that trying to give it up poses a serious challenge. But by replacing the limiting "versus" with the power of "and," both interests – privacy and the IoT – may co-exist simultaneously in a win/win scenario, as opposed to the win/lose model to which we have become so accustomed.
This can be accomplished by embedding or coding privacy preferences into the technology itself, in order to prevent the privacy harms from arising. This is eminently within our reach, as the engineering and tech communities have repeatedly told me. No doubt, it will require innovation and ingenuity, but if we are to continue with existing technological progress in an increasingly connected world, it will be essential to maintain our future privacy and freedoms. It will also require foresight and leadership, in an effort to reject unnecessary tradeoffs and false dichotomies.
Privacy by Design is a framework I created for preventing privacy harms by embedding the necessary privacy protective measures into the design of information technology, networked infrastructure and business practices. It was unanimously passed as an international framework for privacy and data protection in 2010. Since then, it has been translated into 37 languages, giving it a true global presence. But nowhere is it needed more than in the emerging world of the IoT.
If we are to preserve any semblance of privacy in such a world, we must ensure that it is built into the very systems that are being developed. Otherwise, the interconnected nature of virtually all that we do may lead us down a path of surveillance that will be too great to conquer after the fact.
But it doesn't have to play out that way. We can have privacy and the Internet of Things. But only if we speak up and reject the zero-sum status quo.