I’ve been attending the 36th International Conference of Privacy and Data Commissioners in Mauritius, presenting on the Internet of Things (IoT) privacy and security to the attendees.
It has made me very conscious of the tension between privacy/security and the drive to bring products to market quickly.
Further, it seems that the challenges of data protection have not been fully considered for many Internet of Things products and services.
An important realisation has been that we are building the Internet of Things on the somewhat rickety security foundations provided by the existing internet. We face a situation where many devices cannot apply security patches because source code is not available.
Finding way to build a safer and more secure Internet of Things and to ensure that we do not increase risk for business and consumers is critical.
An interesting approach to privacy is that taken by the Apple privacy team, who had some people in attendance at the conference. Their inclusion of privacy engineers into development teams seems like a good approach. The idea of privacy by design seems like a useful and pragmatic way to ensure that privacy is not a mere afterthought in the design and product engineering process.
Will post my slides on SlideShare shortly.