(The opinions expressed here are those of the author, a columnist for Reuters.)
By Jack Shafer
Novelist Philip K. Dick anticipated by four decades the Internet of Things, a phenomenon touted loudly by the press from this week's Consumer Electronics Show in Las Vegas. Internet-aware automobiles, toothbrushes, mattresses, infant monitors, fitness trackers, pet collars, tennis rackets, lightbulbs, toilets, bathroom scales, "wearable" tech, tricorder-like medical sensors, and more have arrived or are on their way.
Dick, ever the dystopian, recognized that one man's technological boon is inevitably another's bane, and expressed this view most bleakly in his Ubik. The novel, published in 1969 but set in the early 1990s, posits a world populated with nearly sentient appliances. Joe Chip, the novel's protagonist, is so broke he's in arrears with the robots that clean his apartment, and they have reported him to a credit agency as a deadbeat. One morning, upon attempting to exit his apartment, the smartdoor blocked him, saying "Five cents, please."
"I'll pay you tomorrow," Chip promised after searching his empty pockets.
The door isn't having it, and refused to open. "What I pay you," Chip said, "is in the nature of a gratuity; I don't have to pay you."
"I think otherwise," the door said. "Look in the purchase contract you signed." Chip did as told, retrieving the contract and reading it.
"You discover I'm right," said the door in a smug voice.
Using a knife as a screwdriver, Chip started to unscrew the bolt assembly.
"I'll sue you," the door said as the first screw fell out.
"I've never been sued by a door. But I guess I can live through it," Chip responded.
Nobody has been sued by a sassy, Ubik-esque smartdoor - yet. But it's not completely irrational to worry that somewhere in the terms of service agreements that come with the new-age lightbulbs, dog collars, and who-knows-what-next entering the market, we'll find boilerplate legal language that will give our appliances standing in court to sue us for non-payment, trespassing, and unscrewing. As more and more everyday objects become "aware" and report the position and status of not just things but people, our world might start converging with the one imagined in Dick's Ubik.
What troubles people about the Internet of Things (or IoT, it's called) is not the nagging and monitoring the devices generate, but control over the data collected. Computer data is used against you in ways you never anticipated. A piece in yesterday's Wall Street Journal gives a current example: Lending companies now scrape Facebook, Twitter, and other social media sites to establish individuals' creditworthiness and identity, something few users thought about when posting pictures and narratives about themselves. As IoT devices roll out, they'll become new self-surveillance devices like our phones and email, creating "records" that if not properly secured will be scrapped by Big Business. Business isn't the only potential heavy in the IoT future. Under the records provision of the Patriot Act, the U.S. government already collects our telephone and email metadata. Surely the Patriot Act could be used to hoover up IoT data, too.
Setting privacy worries aside for security worries, IoT devices will give criminals new ways to hack our identities, defraud us, steal our medical data, and break into our homes and businesses unless made secure. Other horror scenarios abound: "Financial systems, power grids, sewage systems, oil and natural gas pipelines communications" could be compromised, and malware could be inserted on low-level devices to cause mayhem in upstream targets, as Stuxnet did with Iran's centrifuges. (For more privacy and security fretting, see the transcript from the recent Federal Trade Commission "workshop" on the IoT.)
Of course, the IoT isn't the only or even the best path to personal data. As Bruce Schneier wrote this week, most of the home routers that Internet users rely on can be easily breached, and all your data hijacked, destroyed or altered. So for the time being, we should probably be more paranoid about the integrity of the loading docks that move our most sensitive personal and financial data - routers, smartphones, and computers - than we are about newly enlightened toothbrushes, capable of blabbing only our incisor secrets.
Unlike Philip K. Dick, I'm not so afraid of the IoT future. The IoT devices ballyhooed at CES are trivial compared to what we will soon see coming out of the silicon foundries. So many life-improving economic efficiencies can be potentially captured - from energy consumption to healthcare - by IoT sensors chatting over the Internet that we'd be mad to avoid them. The key to integrating IoT devices in our culture is in consumers demanding 1) secure devices, which start with computers, routers, government-collection-by-warrant only and 2) ownership of the data. For too long, too many Internet consumers have wanted to have it both ways: We've expected free - i.e., advertising-supported - services (email, calendars, smartphone apps, navigation, cloud storage, news, information and entertainment), but been shocked when the companies supplying the free goods built and sold dossiers on us.
The IoT revolution provides a mental pause that we should use to rethink what we want from the Internet. If we expect privacy and security from the IoT, surely we should expect the same from the regular Internet, which means renegotiating our email, storage, and navigation accounts to put a premium on privacy and security. Privacy and security can't be free. In real life and on the Internet, you get what you pay for.
As for Ubik's Joe Chip, did he ever escape his apartment? Yes. Luckily, a visitor arrived and dropped a coin in the slot on the other side of the smartdoor.