As online connectivity and data gathering features like sensors permeate a growing variety of everyday objects, concerns about security and privacy are growing. The Federal Trade Commission recently took action against a connected device manufacturer for the first time after a line of baby monitors was deemed vulnerable to attacks. But the question of privacy goes deeper than making sure devices are secure against hacks. Many products equipped with sensors or designed to publish data feeds online can be seen as invasive to privacy, and pressure is growing to make sure developers design these features so they are private by default and can only be publicly enabled if the user wishes.
The issue of privacy has gained prominence in the wake of incidents like a situation in which fitness app Fitbit had users’ feeds set to automatically publish to public profiles and was inadvertently disclosing their sexual behavior, entrepreneur Alexandra Deschamps-Sonsino wrote in a recent column for GigaOM. As products are increasingly designed to harvest and publish data, developers need to consider where that data is sent, how it is shared and who has access to it. Given the number of potential connected touch points in a single device, it’s critical that privacy is taken as a consideration in designing embedded software, or an unexpected component may become a key data feed for an unwanted party. Deschamps-Sonsino offered the example of a Wi-Fi enabled scale that publishes the user’s weight to Twitter.
“We’re assuming there’s a Wi-Fi chip, a pressure sensor, maybe other sensors included in the scale for future use,” she explained. “There’s also software and firmware updates. There’s a cloud service where the data is stored. There’s an app that helps you keep track, maybe that app has an API so you can get recommendations about dieting … What if brands start to sell you healthy salads, shakes, and more based on your trend of weight loss on your tweets? Say a hacker sniffs the data packets sent by your scale and it turns out there are more sensors which produce data that aren’t used currently (like a tiny speaker/mic) and those sensors can tell when you’re around your home.”
Privacy by design
To prevent Wi-Fi connected devices that are designed, for instance, to publish a public API from becoming a privacy issue, many industry voices are advocating for more privacy considerations at the design level. A recent essay by Gérald Santucci, the head of the European Commission’s Knowledge Sharing Unit, discussed the way the principle of “privacy by design” is working its way into data protection legislation and coding standards in the EU. Under proposed regulations, controllers of devices designed to publish or share data would be required to implement technical privacy safeguards beginning at the time of design that would dictate the way the device operates.
In practice, this is likely as simple as ensuring a piece of firmware is not designed to publish a public API unless the user specifically enables such a feature. But, given the number of components in even something as simple as a connected scale, there is certainly a burden on developers to ensure every device component has such safeguards built in. Using tools such as static analysis software, vendors can ensure that every component of their devices has privacy features enabled and is in line with either internal or external coding standards. By making privacy a key part of the design process for embedded software in products expected to form part of the Internet of Things, companies can avoid many of the growing concerns about the new technology and head off potential controversies that could arise if an unmonitored component were to suddenly start publishing data users wouldn’t want exposed.
Software news brought to you by Klocwork Inc., dedicated to helping software developers create better code with every keystroke.