net.wars

"I always remember to cover the TV now," a female attendee said at the September 30 Gikii conference. She had entered her living room naked one morning, and the TV had greeted her by name.

How to control the Internet of Things was much on everyone's minds at this year's Gikii conference. One of the most interesting ideas came from Philip Howard, who wants to create more of a civic good and less of a surveillance-with-everything monster by requiring such devices to identify the ultimate beneficiary of the data. A quick search tells me that Howard, a recent arrival at the Oxford Internet Institute has had this notion for a while. It sounds great, not least because so many of today's websites and mobile phone apps (which of course will be used to control many Internet of Things devices) are designed to lull users into a sense of intimacy, obfuscating the data collector behind the curtain revealed in the privacy policy.

The question is: how could Howard's idea be implemented? Data has a habit of slipping the surly bounds of its metadata, and any one instance of data collection may have hundreds of beneficiaries. First and foremost, presumably, is you yourself, and that's the one most technology companies encourage you to focus on when you're making purchasing decisions. If you don't follow the data's travels up the chain of sales, transfers, and profits all the way to shareholders and bankers, the rule is meaningless. If you do, how do you provide the information so that it helps people make better-informed decisions rather than become another instance of "alert fatigue", like the cookie directive. If the informtaion isn't provided in context, it's too easy to forget; if it is, it interferes. Famously, Mark Rittman spent 11 hours this week getting his wifi kettle to work; how much longer would it have taken him if he had to keep breaking to study and approve data flows? Would it be worth to him if he could examine the list of beneficiaries and add his favorite Fair Trade coffee supplier? Configuring firewalls will also be...let's call it "interesting" in such a scenario.

Part of Howard's argument was that the way today's first Internet of Things devices use data impedes existing social arrangements and conventions. Howard cited two examples. The Ukrainian government used mobile phones to geolocate people at a Kiev protest and blast them a text message warning they had been registered as a participant in a mass riot. In Kansas City, MO dealerships can use a disabler wired to a car's ignition to stop delinquent payers from starting their cars - "repo" at a distance. In an example that Andrea Matwyshyn brought up earlier this year, you might think you should own your own heartbeat. But the manufacturer of the pacemaker implanted in your chest begs to differ.

Identifying the ultimate beneficiary in those various cases would have different effects.Governments likely won't be listed at all: it's entirely likely they won't have the data until they issue a subpoena or order, and possibly not even then, if the phone company simply executes the order. In the car case, there are a few more choices: buy the car for cash, switch to bicycling, or take the bus. The heart patient has no choice unless the doctor is willing to substitute an equally effective device made by a different manufacturer that operates a better data policy.

The government problem is an example of the difficulty in capturing mission creep. Governments would want the right to benefit secretly through deals such as the Yahoo email scanning recently revealed by Reuters. Today, we have both overt and covert CCTV cameras, depending on whether the owner is more interested in deterring or identifying miscreants. Would the democratized version of such deals require me to add GCHQ to the list of data beneficiaries for the smart light bulb outside my door - or, more likely, install a pre-configured bulb they send me - which not-so-coincidentally can watch my neighbors' movements? Can I turn the bulb into a warrant canary by accidentally breaking it and not replacing it?

And all this doesn't include the potential for spoofing, deceit, cybercrime, and so on.

Now multiply this by thousands, because that's at least the number of "smart" things we will encounter every day. Don't get me wrong: I want Howard's idea to work. But I think it will only do so if we *also* up-end how data is collected and stored, as groups like Mydex and Hatdex are trying to do by giving users back control over data and being able to see at any time who it's been shared with and revoke permission. How any of these things will scale is an open question; but it, along with other aspects of security, must be solved. Otherwise, the recent record botnet attack on security journalist Brian Krebs's website will become the established norm for every home. The software that powered that attack is, as they say, out there, waiting.

Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.