The expansion of the Internet of Everything demands that companies treat data as an extension of their customers — with respect for privacy.
Every time I hear someone use the phrase the “Internet of Things,” I instantly want to remind them that it is still the Internet of people. Yes, it is becoming the Internet of Everything — everything connected, from our cars to our clothing — but regardless of what is connected, the information being collected is still about us. It’s about the way we communicate, eat, move, live and love.
One of the most important challenges we face today is addressing this reality and making sure that our fundamental rights are respected and protected both online and off. The growing presence of the Internet of Things makes this all the more urgent.
With near-ubiquitous data collection taking place in our daily lives, there is increasing risk of intrusion on our most private spaces and moments. Our right to private thoughts and spaces is critical to self-determination, free expression, individual creativity and nurturing a democratic society.
Yet, when it comes to privacy online and dealing with Big Data, governments worldwide — including the United States — have proven slow to adapt existing laws and regulations to the digital age.
Most of the proposed legislation I have seen aimed at regulating the Internet of Things and Big Data is either bad for innovation or bad for our privacy. In the bad-for-innovation category, there are countless examples of sector-specific approaches to data that won’t work in a world where traditional industry silos no longer exist. This includes some of the regulations on managing health-related data and student records.
In the bad-for-privacy category, you need not look further than our government’s surveillance practices of collecting mass amounts of data about citizens on the off chance that it may be useful someday. We’ve seen reforms around this, but our communications stored in the cloud, including most emails, remain vulnerable to warrantless surveillance.
The U.S. needs a comprehensive national privacy law regarding the collection and use of personal information. Currently, much of the law regulating privacy exists at the state level. The United States is one of the few developed nations without a nationwide law, which creates a great deal of ambiguity for consumers and businesses alike.
Ultimately, the legislation should empower consumers to have reasonable control of their personal data, including what is collected and how it is shared. While the White House put forward a proposal for such legislation earlier this year, it fell far short of what was needed and gained little traction in Congress.
In the absence of baseline privacy legislation, much of the responsibility for good data stewardship falls to the companies that hold the data. This includes not just Internet-first companies, but also companies that may not consider themselves in the data business — just ask Target or Home Depot.
Companies today should embrace a sense of corporate social responsibility that treats data in the context of its customers’ lives. Businesses should be conscious of the physical environment, the human interface and—most importantly—the very society that is being created as a result of the data being collected and the technology being developed.
They should make respectful choices about the data that is collected, both directly and indirectly, in several ways:
- Be forthright and transparent about the data they collect, how that data is used, and what third parties it is shared with. This is the foundation for trust in the digital age.
- Beyond transparency, companies should also be sure to delete data they don’t need and refrain from collecting personal information that is not necessary to the bottom line.
- Finally, they should ensure that strong security measures are in place to protect data and their networks. This includes simple measures such as establishing firewalls, promoting encryption internally and assisting employees with avoiding cybersecurity attacks, such as phishing.
I am confident that Big Data and the Internet of Everything will be major factors in helping society address the transformation in everything from the healthcare, education and energy sectors to the environmental protection and poverty reduction. By embracing a genuine approach to data that treats it as an extension of the individual human being, companies will not only gain the trust of consumers, but will also demonstrate a commitment to digital corporate social responsibility.
Nuala O’Connor is the President & CEO of the Center for Democracy & Technology.
