Came in on end of presentation by Rep. Suzan DelBene, D-WA, co-chair of the House IoT Caucus and an IT industry vet. Her litany of federal inaction in the face of rapidly-evolving tech — especially regarding privacy protections, where the key law was enacted in 1986 — was really dispiriting, although it’s good to know there are some members of Congress who are aware of the issue and working on it.
EU Ambassador to the US, David O’Sullivan: the IoT is a “quantum leap” because of combining digital and physical world, and will have huge implications. Europe has created single digital market. Major investments in IoT & funding research on it. Very open research projects. Key is breaking down barriers within the economy. They’re doing research on every aspect of IoT. Priority must be overcoming vertical silos, such as cars and health care. Must balance regulation and innovation. Security and privacy: working on a new set of protections.
Dean Brenner, SVP for Gov. Affairs, Qualcomm: everything will need some form of connectivity. Will need new connectivity paradigm. 4G LTE gives solid foundation for cellular IoT growth. 5G will be fully-deployed by 2020.
Dr. Rakesh Kushwaha, Mformation (hmmm?) Business Leader, Alcatel-Lucent: securing IoT devices. Tech & standards that are already in place to secure mobile devices can be model for I0T devices: they worked with whole range of devices. Fundamental principle of the security: securely update through device/firmware update package. Only about 40% of IoT will be cellular-based. Alcatel securing vehicle-mounted devices using FW/SW updates. They will launch a project called IoT Connect.
Session 2: Security for the IoT
Dean Garfield, president & CEO, Information Technology Industry Council: think of security as a design feature, not afterthought. Have to think of it in global sense (including between vertical silos). Chinese government security demands are actually counterproductive. Security can be a differentiating feature.
Joseph Lorenzo-Hall, chief technologist, Center for Democracy and Technology: “IoT Spectrum of Insanity” — such as #IoT door locks, require protections be built in. Security by design. He thinks privacy is a bigger factor than security.
Stephen Pattison, vp of Public Affairs, ARM. Hacker only has to get it right once. You have to get it right every time! Sensors will have to be very cheap ($5 or less), which will require real creativity. Security will drive acceptability of IoT. Security breaches will be a major risk for IoT companies.
Chris Boyer, asst. vp, Global Public Policy, AT&T: different security concerns in each vertical domain. Functional classification determines the risk (for example, some affect interruption on critical infrastructure, or life risk). Virtualize security around the end device. Industry activities: application layers, service layer, network layer, access technologies. Looking 4 acceptable risk management levels.
Rory Gray, global head of sales, Intercede: “need world of trusted digital identities.” “Identity is the new currency.”
Government procurement standards may drive privacy and security by design.
Adam Thierer: are we overestimating how much people really care about IoT security (vs. the “cool” factor??).
Afternoon Privacy Panel:
Gary Shapiro, president & CEO, CSA: he disagrees that you should HAVE to give permission to have your info shared: cites all the benefits of sharing data. Thinks we went overboard with HIPPA & privacy. Announcing agreement on guiding principles for sharing health info from #QS devices. A sense that products will be unwelcomed if they create privacy or security issues: example of an Intel engineer who has vision problems. On a personal basis, his mother had terrible time with Alzheimer’s: he’s upset he won’t have access to a Google face recognition technology.
Rob Atkinson, president, Information Technology and Innovation Foundation: “privacy fundamentalists” argue really heavy regulation is way to protect privacy. BUT, no empirical studies underlying that. Pew survey showed few people believe their landline or credit card data will be private, YET almost everyone uses credit cards or phones: i.e., no correlation between people’s belief in privacy of various technologies and their actual use of the technology. Overly stringent privacy regulations will reduce their availability. Much of real value of IoT data is from secondary use of the data, which would be undermined by tough regulation. Way too early to put regulatory regime into place for IoT: too early.
Maneesha Mithal, assoc. director, Division of Privacy & Identity Protection, Bureau of Consumer Protection, FTC: two fairly controversial aspects of their 2013 workshop: minimizing data collection debate — said you shouldn’t collect all sorts of data forever, BUT, perhaps collect less sensitive data if they could still derive value. Second issue was “notice and choice.” Tried a middle ground: room for notice and choice, Discussion of regulation: middle ground on regulation: shouldn’t have specific IoT regulation, but should have general, baseline privacy and security protections. We don’t bring “gotcha cases.” Could have program that would provide incentives for self-regulation.
Gilad Rosner, Founder, Internet of Things Privacy Forum: “notice & choice” has been the default privacy & security approach for Internet, but it “fundamentally places the burden of privacy protection on the individual.” A presidential group said the responsibility should rest with the provider, not the user. Hallmark of a civil society is being regulated.
smart health panel:
You can access my “Smart Aging” presentation on Slide Share.
Peter Ohnemus of dacadoo, a Swiss company, gave an overview of IoT and healthcare and talked briefly about his company’s Health Score, a 0-1000 score assigned to participating individuals based on their real-time scores on factors including movement, nutrition, sleep and stress.
Chantal Worzala of the American Hospital Association gave an overview of issues such as information interoperability and new wellness incentives.
Robert Jarrin, senior director of gov. affairs for Qualcomm, talked about some of the policy issues. FDA now has dedicated staff for electronic devices, and they are now not requiring regulatory compliance for some basic devices.
Smart Home panel:
Hmm. Little actual focus on smart homes in this one…
Cees Links, ceo, Green Peak Technologies: they are a chip manufacturer, “wireless plumbers.” Shipped 1M Zigbee chips. “IoT is not about things, it’s about services.” “Smart Home should be called a butler.” Confusion about IoT standards: thinks ZigBee & Bluetooth will survive, proprietary standards won’t.
Ilkka Lakaniemi, chair, European Commission’s Future Internet Public-Private Partnership Program: working on smart cities strategies, esp. ones that are scalable. Working with NIST on common standards for the demo grants in US & EU. 61 cities involved.
Tobin Richardson, president & ceo, ZigBee Alliance. ZigBee, wi-fi & Bluetooth will form basis of a stable ecosystem. Dollar chip is the goal, getting there quickly.
Paul Feenstra, sr. vp of government & external affairs, The Intelligent Transport Society of America: evolution over last 5 years from car focus to a really varied multi-modal transportation industry. Shocking how we accept the high death rate & congestion on highways. 80% of crashes could be avoided by connected cars.
Business Models for the IoT:
Ana Sancho, Libellium: they manufacture sensor networks for the IoT. Solve problems from smart cities to agriculture & water resources. More than 90 different sensors. They just see very early testing the water with IoT on part of their clients: not widescale implementation.