Internet of Things and Privacy: Trends and Realities about the Internet of Things

Internet of Things and Privacy
Student Full Name
Institutional Affiliation
Course Full Title
Instructor Full Name
Due Date
Internet of Things and Privacy
The rise of the internet of things (IoT) has raised significant privacy and surveillance issues especially given the tracking and profiling risk brought about by the integration of sensors into consumer items as well as infrastructure. Rapid technological innovation, growing user demand, as well as falling costs have allowed IoT to expand rapidly and even include prosaic items like pillows, dental floss, changing tables, sporting goods, and egg trays, among others. This collection of connected things has, for the most part, expanded undetected, and “smart” is set to become the default setting of nearly every device. While the interconnection of physical objects through the Internet has been happening for several years, privacy and surveillance issues are becoming harder to solve owing to the ability of devices to seamlessly connect and communicate with one another both online and offline.
This challenge is further augmented by the increasing sophistication of sensors, expanding collection of consumer products with interoperable communication abilities, and developments in cloud computing as well as Big Data that make it possible to store, share, and make inferences from stored user data. The proliferation of IoT devices has changed how people understand privacy. They typically operate in the background while collecting and sending information about the most intimate human activities and behaviors. Consumers are gradually losing their ability to manage and decide what data is gathered about them. They are often left in the dark about what is done with their information. IoT is not only bringing convenience but also endangering the possibility of privacy by its inevitability and growing ability to record and transmit every detail of the user’s life (Iqbal et al., 2017). This dilemma has forced companies to reevaluate privacy and surveillance principles, particularly what should be done to ensure rudimentary security while also allowing users to enjoy the conveniences of IoT. This essay will examine what employees should expect from the continued ubiquitous expansion of IoT and what companies, together with managers, should do to curb privacy and surveillance risks.
As the world continues to depend on the interconnection of devices, employees should expect the sanctity of spaces they once considered private and free of surveillance to diminish. The particular methods currently employed in preserving privacy in online spaces cannot be applied to IoT: the personal types of information collected by interconnected devices is quite expansive and impossible to manage with traditional privacy principles. For instance, the information collected by the sensors of a smart desk is immense and can be scrutinized as well as acted upon while bypassing current privacy laws. Besides, the world is endorsing smart devices faster than developers or policymakers can understand the security implications involved or even develop and implement privacy or surveillance safeguards (Kraijak & Tuwanut, 2015). While current privacy policies are not stringent on companies compiling or analyzing numerical data that is not personally identifiable, it is becoming clear that even aggregate data could result in an identifiable individual. Despite IoT companies pseudonymizing user data, research is showing that even anonymized data can be regarded as personal information.
While monitoring in IoT typically entails tracking the device in order to apprehend the behaviors of the person using the device, it is possible to identify the user’s identity theoretically. While value lies in the rich information generated by the choices, whereabouts, and activities of the user, it is possible to identify where the user is located at particular hours of the day by observing long-term movement patterns and even knowing their work or home locations. The current code of conduct for firms that sell consumer tracking data to other organizations requires that personally identifiable information and distinctive device information be de-personalized by hashing (the process of replacing a number with a hash value or new exclusive number) unless the user has assented to consumer tracking. However, studies by technology experts indicate that hashing the same value results in the same outcome and, therefore, does not always make personally identifiable information strictly anonymous. For this reason, the risk of re-identification and infringement of user privacy continues to linger. Besides, IoT presents the additional challenge of collecting pieces of information that are harmless but can reveal sensitive details about the user when combined. Current privacy and surveillance policies tend to consider pieces of information in isolation and fail to examine how combining the various sets of data can potentially disclose personal details about the user’s preferences, behaviors, and location.
Context is now a privacy consideration since even a person’s IP address has been shown to have enough information to glean critical insights about a person. Big Data and cloud computing have resulted in metadata or information that provides details about other information. It is possible to make inferences about a person from seemingly innocuous details that were previously considered undeserving of privacy protection. As IoT continues to grow and become universal, even non-sensitive pieces of personal data can present privacy and surveillance issues. The question of what comprises personal information is becoming harder to answer given the ability of IoT devices such as smart desks to track users both online and offline. A number of organizations are collecting and combining both online and offline information collected from smart desks to monitor desk and room occupancy, office use, and employee activity. While the data collected is often de-personalized information, the scope of detailed data that can be collected from omnipresent, always-on devices is tremendous and threatens any possibility of employee privacy. For instance, combining employee user preferences for the indoor office environment and comfort needs can reveal personal health data about an employee.
Managers can assuage emerging privacy and surveillance concerns through accountability: organizations must clearly demonstrate what they are doing with collected data and why. However, implementing accountability as a key policy in privacy and surveillance laws is challenging given the multiplicity of stakeholders. There are a multitude of actors involved in interconnected devices, from device manufacturers to users to third-party agents (Kumar et al., 2019). All these actors may gather, analyze, or disclose data and have varying responsibilities in the protection of data at different points. It is therefore difficult to identify who is ultimately responsible for data protection. In the case of smart desks, it is challenging to decide whether the d...