Did you receive this newsletter as a forward? Subscribe here
|
|
We need laws and regulations on data use and privacy |
|
By Stacey Higginbotham |
If nothing else, the leaked Supreme Court draft opinion that would end the right to privacy allowing women to get abortions should serve as a scary wake-up call to companies that have vast stores of user data. Technology companies, including app makers and connected device companies, have a stunning array of information about people housed in their data centers. In many cases, that data is just a subpoena or warrant away from government hands.
In other cases, the data is actively harvested and sold to buyers, ranging from governments to advertisers to academic researchers. When you add connected devices into the mix — where remote access to a device and control of that device is possible — companies might be forced to turn over data and turn against customers. |
|
— The culture wars are coming for tech companies. |
|
|
Without decisive regulations on what data should be considered private, how and who can access data, and clear rules about ownership and rights that ensure a buyer has physical control of a purchased device, technology firms are creating new windows into their users' lives and then being forced to let the government peer in. In the case of connected devices, they may even let the government open the window.
If you think I'm overstating the potential for damage that could occur as technology firms and the state collide, consider some recent examples:
- After Russian troops stole $5 million worth of agricultural equipment from a John Deere dealership in Ukraine, the company apparently bricked the combines and tractors remotely, turning them into bright green and yellow agricultural sculptures. In this case, John Deere was simply remotely controlling inventory stolen from its dealership, but I can see a future where a government pressures John Deere to remotely deactivate customer equipment if it was owned by a wanted criminal, or if doing so would change the direction of an armed conflict. In the meantime, we are currently debating, as part of the current infrastructure bill, whether or not new cars should have some kind of kill switch so that police could stop a car chase.
- The Centers for Disease Control and Prevention (CDC) spent $420,000 to buy location data on millions of Americans from a private company. The CDC wanted to see if people were following COVID curfews but also wanted to track neighbor-to-neighbor visits, visits to church and pharmacies, and other related activities during the pandemic. Much of that data collection could be related to the agency's auditing of lockdowns to better determine their effectiveness, but the CDC is also using location data for other more nebulous programs. Additionally, because location data can be tied back to addresses where a person lives or works, it's not anonymous, which means the CDC could theoretically identify the people breaking curfew or quarantine and get law enforcement involved.
- SafeGraph, the company the CDC contracted with to buy that location data, also gave up access — this time to Vice, and for a mere $160 — to location data on people visiting abortion providers. If abortion becomes illegal in certain states, those states could easily buy data to figure out exactly who may have accessed health care services and punish them. SafeGraph's CEO said he was glad the media called him out; he also said his company has stopped selling that data. He added, however, that researchers trying to figure out the effect of recently enacted new laws on abortion providers were frustrated by the company's reversal on providing that data.
This is why we need to call for technology companies to hold less data, and to hold it for less time. And when it comes to data such as location data, which can easily identify an individual, we need to apply the various protections and standards associated with Personally Identifiable Information, or PII.
PII is a broad term that is defined not by specific pieces of data, but by how data can be used to "distinguish or trace an individual's identity, either alone or when combined with other information that is linked or linkable to a specific individual."
There are several different regulatory frameworks for dealing with PII, so laws that govern how companies use it vary based on industry. But the fact is that location data is PII and that tech companies collecting it should treat it as such. Today it is treated as an asset, sold to companies seeking demographic data or other information.
In the future, tech firms should treat location data as something a consumer can share with third parties, but that those third parties should also respect. So while that would mean we could still enjoy location-based apps, it would also likely mean we'd have to pay for them since they would not be subsidized by data sales.
We also should recognize that even if law enforcement agencies don't have a legal right to data, currently they can buy it from third parties. So we either need to eliminate that option or create rules around how, exactly, law enforcement can use privately purchased data.
For years, the tech industry has told its users that it only shares its data with law enforcement and the state in exceptional cases. Yet it's clear that private data brokers are buying data on users from tech companies and selling it to the state, creating a disconnect between legal protections enshrined in the Bill of Rights and the reality of prosecution.
The challenges will only grow as people give more information to more services, and devices collect highly personal information that can be remotely accessed and controlled. Without laws governing data use and collection, tech firms will become complicit in laws such as prosecuting women for having abortions or outing LGBTQIA+ students to their families, which their employees and many of their users might find unfair. And that's not a fun (or profitable) position for them to be in. |
|
|
|
Digitally Transforming Retail with RAIN RFID SPONSORED |
|
|
The Impinj platform allows businesses to track all kinds of assets and inventory with small, battery-free RAIN RFID tags. By knowing where anything is located at any time, companies gain the insight and flexibility they need to thrive in an ever-changing world. That's why 95% of retailers see RAIN RFID as key to their digital transformation.
Learn more about how retailers are using RAIN RFID and get your complimentary copy of a new Retail Systems Research report.
|
|
|
|
Move over, remote monitoring; supply chains are the new black |
|
After several years of using COVID-19 to sell their digital transformation efforts, hardware and software companies focused on the industrial IoT are now pitching supply chain intelligence (with a dash of sustainability thrown in). I'm seeing many more pitches related to managing a supply chain in a post-pandemic world and using technology as a way to make operations more efficient and, at the same time, help with carbon reduction goals.
Prior to the pandemic, customers were letting vendors languish in "pilot purgatory" as both parties realized that selling massive technology infrastructure was complex and hard to scale. Worries about security didn't help. However, when the pandemic struck and factories shut down, buyers jumpstarted their pilots as a way to remotely manage operations so fewer employees had to go in. But now, industrial IoT has a new problem to solve and it ties back to the supply chain. |
|
— Figuring out where things are is the IoT's favorite marketing pitch lately. |
|
|
After spending two years talking about a global chip shortage, Intel's CEO warned last month that chips would continue to be scarce into 2024 because of a manufacturing equipment shortage. Meanwhile, the costs of goods and raw materials are steadily rising, although it's unclear if that's because of actual inflation or profit-making on the part of companies.
Ericsson just released a report on how IIoT can help with supply chain challenges in which it touts its 5G networks and other IoT network technology and services:
"[A]t Ericsson’s 5G smart factory in Lewisville, Texas, a digital asset tracking solution integrates with factory floor sensors to track critical assets’ location, condition and status, providing real-time visibility of finished goods into the production floor. The program has delivered a 2-5 percent cost avoidance on indirect spare purchase items — critical during the current supply chain shortage."
I see variations on this theme in my inbox all the time. I also see examples of tracking assets as a way to save on costs, with those cost reductions also leading to the reduction of raw materials. Which is great for the environment!
Indeed, as supply chains get tighter, downtime becomes more costly, and the benefits of spending on an asset tracking product or predictive maintenance become easier to see, all of it makes sense. For example, if it takes four weeks to get a machined part as opposed to two days, figuring out when the part may break ahead of time or finding a spare part in a warehouse can save even more money. The stakes are simply higher.
But I'm wondering two things. One, is there a new innovation or capability driving the shift in sales? And two, why has the underlying shortage been happening across so many industries for so many years?
The answer to the first question is easy. There's been no real shift in the tech solutions being offered. We're simply seeing a repackaging of products designed for tracking getting pulled into more and more places because they are getting slightly cheaper or more robust, thanks to economies of scale in manufacturing and new forms of connectivity. Plus, the stakes are higher. Companies that have optimized their own supply chains are also pushing their suppliers to join the fun, so they can see issues coming from "further away," as it were.
The answer to the second question, which focuses on why this is happening, isn't as clear-cut. I've tended to blame short-term thinking for squeezing all of the slack out of the system with just-in-time manufacturing. But this essay over at The Prepared explains in much more detail. Go read it. Seriously, you'll be the pedantic person at dinner parties who can halt the conversation about supply chain shortages with an irritating, "Well, actually..."
The author starts with the history of just-in-time manufacturing, starting with Toyota and its adoption of the manufacturing system in the 70s and 80s in America. He teases out the burdens this adoption places on smaller suppliers to act as inventory storehouses for their largest customers, then points out that, historically, governments were the source of stockpiled supplies. Canada, for example, has its maple syrup reserve. The U.S. has stores of oil and other necessities.
The problem is less about having stockpiles and more about moving the necessary items from different points in the supply chain. The author writes:
"The other factor is the distance between the stops on the supply chain. As labor has shifted to increasingly diffuse peripheries, the movement of materials has become more complicated. There are more chokepoints—more opportunities for the circumstances of geography to intrude on the flat world of the supply chain. Every border crossing, every port, provides an opportunity for friction, and the infrastructures for all sorts of specialized manufacturing are now worlds away from each other. And it is this geographic distribution–not just-in-time manufacturing–that is the biggest cause of pandemic-induced supply chain disruptions. It is, in other words, an inevitable consequence of global supply chains."
He suggests that to help solve this problem, governments add to stockpiles and companies manufacture more things locally so the distance that a part has to travel shrinks.
But thanks to the ongoing pandemic and disruptions caused by climate change, he also thinks supply chain disruptions are here to stay.
So short of a U.S. Strategic Semiconductor or Bucatini Reserve, we should probably look at ways to create manufacturing locally, even if it's for stopgap products that are 3-D printed while we wait for the final parts to come in. And sure, if you want, go ahead and track those assets using some form of IIoT product. |
|
|
|
Live Workshop: Build an IoT App in 2 Hours SPONSORED |
|
|
Open source time series platform InfluxDB is running this free, hands-on virtual workshop on how to build an IoT application. It will go over data ingestion, collection, storage, and visualization.
The workshop showcases a fully functional sample application called IoT Center and built on InfluxDB. With functions such as new IoT device registration, IoT device emulation through an embedded Virtual Device and device data visualization, IoT Center packs a punch. This demo application — based on Node.js and React — uses Kafka to write measurements and requires no DB installation with InfluxDB Cloud.
Register for Free |
|
|
|
Episode 370: How to build the infrastructure for public tech |
|
This week's show kicks off with research suggesting Amazon uses data from Alexa devices to advertise its own products, and that Amazon is selling some of the insights derived from Alexa requests to third parties. This is disturbing, but so is John Deere's ability to decommission tractors stolen by Russians from a Ukraine dealership. We talk about why this sort of power makes me nervous. And in a final story about digital rights, we discuss the U.S. Center for Disease Control and Prevention buying location data from private companies so it can see how effective some of its COVID policies were. From there we go into basic product news, starting with new wellness features coming to your Google Nest Hub screen ahead of Google I/O next week, a new room sensor from Wyze, new light switches from Leviton that don't require a neutral wire, and new Wi-Fi 7 chips from Qualcomm. Kevin then shares a new smart home purchase and his thoughts on the Schlage Encode Plus with Home Key door lock. We finish by answering a listener's question about if we'll get a custom sound detection from Amazon's Alexa. |
|
— The Wyze room sensor has a screen, and tracks temperature, humidity, and motion. Image courtesy of Wyze. |
|
|
Our guest this week is Bianca Wylie, who is a partner with Digital Public, a public interest firm focused on technology. She wrote an article calling for the end of Canada's COVID contact tracing application and explains why she thinks it's time to sunset the app. I think her ideas are important to discuss as our governments invest in digital infrastructure without necessarily having a plan for maintaining or auditing it. The COVID-tracking apps are a great case study that we can learn from. For example, when governments implement new technology they need to figure out how they plan to maintain it and ensure that it is doing the job it was intended to do. As citizens, we need to participate in the process of buying technology, working with government officials to set the requirements and limitations of the tech our government is buying. This is a really good interview for all of us to listen to. |
|
|
|
|
If you're an Apple fan, the Schlage Encode Plus lock is for you |
|
|
— Kevin is living the Apple HomeKit life in his smart home, so he tested out the new Schlage Encode Plus lock with both Wi-Fi and Apple's Home Key service. Home Key lets someone use their iPhone or Apple Watch to unlock their door using NFC. Kevin loved it, and so did his family. For more, check out his review. |
|
|
|
|
|
|
What does the Matter protocol mean for building devices, business, and brands? |
|
I'm hosting a panel along with Silicon Labs on the upcoming Matter standard on Tuesday, May 24, 2022 at 11 am CT that will feature speakers from Amazon, the Connectivity Standards Alliance, DigiCert, Google, Schneider Electric, and Wemo. If you have your own questions about Matter and want answers, register for this virtual event here. |
|
|
|
|
|
News of the Week |
|
That's a lot of LoRaWANs! The LoRa Alliance says that LoRaWAN networks rose by 66% in the last three years. The Alliance didn't report base numbers, but did provide an analyst quote saying that by 2025 there will be 2 billion LoRaWAN devices on those networks. For reference, the Wi-Fi Alliance estimates that there will be 5.2 billion Wi-Fi 6 product shipments by 2025. Note that only includes Wi-Fi 6-capable products. Wi-Fi 5 products will still be shipping as well. (LoRaWAN Alliance)
OT cybersecurity firm Radiflow to be acquired: Turkey's Sabanci Group is buying Israeli cybersecurity firm Radiflow in a two-part deal that is expected to close in 2025. Initially, Sabanci, an industrial conglomerate, will pay $45 million for a 51% stake in Radiflow. Radiflow originally made a networking device, but pivoted to cybersecurity software to monitor OT networks. Sabanci Group expects to create a digital business focused on advanced analytics, IoT, and cybersecurity, with Radiflow a part of that organization. (Security Week)
Bosch Sensortec to acquire the makers of A tiny, really loud speaker chip: Bosch Sensortec plans to acquire Arioso Systems for an undisclosed amount. Arioso Systems is a spin-off from the Fraunhofer-Institute for Photonic Microsystems, which has built a really small speaker that can also play sound at up to 120 decibels. This means companies can deliver better sound in a smaller package, which is important as audio interfaces become more common, and also given that governments are loosening the strictures around hearing aid devices, enabling them to be sold over the counter. (EE Times)
Sensors are key to the IoT so MEMS matter: If we want to translate the analog world into a digital experience for computers to analyze then we need micro-electromechanical systems, or MEMS. MEMS are chips that combine a sensor and a digital element to move from analog information to digital information. They've been around for ages, but we're always looking for new MEMs and new capabilities. For example, detecting diseases means we needs labs on a chip while a new focus on air quality requires more exact particulate matter counters. Imec, the European semiconductor research consortium, has released a report on new MEMS tech and the research necessary to make new sensors available at reasonable costs. If you want to see the future, check it out. (imec)
Sonos may be building its own voice assistant: For a long time, I've used Sonos as an example of a company that was surprised and then surpassed by innovation. Even as Amazon and others encroached on the smart speaker market with cheaper, less rich-sounding versions that also happened to offer voice control of their devices and productivity apps, Sonos focused on speakers. It lost market share. It sued Google and tried to bring Amazon and Apple's digital assistants to its own speakers. But now it's fighting back with rumors that it will launch its own voice assistant on June 1. And why not? I think we're in the midst of a reckoning. Is Alexa or Echo the innovation? If Alexa is the innovation, then presumably those who want a true digital assistant can use Amazon's service while those who simply want an easier way to navigate music can turn to Sonos (and likely keep their data). In short, is the value in the digital assistant or the interface? Sonos is betting on the interface. (The Verge)
Smart kitchen company Drop becomes Fresco and gets $20M: I was excited to hear from Drop, a company that I first met with back in 2014 when it was using a smart kitchen scale and an app to rethink how we design recipes. I didn't care for the scale, but my child loved it and the guided cooking it provided. And that guided cooking and software platform for recipes is what stuck. Fresco signed up several appliance companies that use its software to power their own connected cooking devices and applications. Two of those companies — Vorwerk, which makes the Thermomix cooker, and Instant Brands, which makes the Instant Pot pressure cooker — have chipped in for a $20 million Series B round of funding to help Fresco become the "OS for the kitchen." (The Spoon)
For a sustainable IoT, we need sustainable chips: The global ICT industry is responsible for somewhere between 1.8% and 3.9% of global carbon emissions, depending on which studies you read. Chipmaking is only a portion of that, but as someone who thinks a lot about e-waste and the components increasingly used in everyday devices, I'm keen to see how we can improve the sustainability of chip manufacturing. The process uses toxic chemicals, requires sterile environments, and gobbles up millions of gallons of clean water. Which is why I liked this story, as it puts more numbers behind the issue. Next, I'd like to see something similar for cellular connectivity. (Ars Technica)
Want to support this newsletter and my podcast? We have some upcoming advertising opportunities. Request a media kit for more details. Thanks!
|
|
|
|
|
|
|
|
|