To protect privacy, a Tufts professor works to develop guidelines for Internet of Things devices
If you turn off your lights by talking to a smart speaker or control your thermostat with your phone, you may already enjoy the growing possibilities of the Internet of Things—the IoT. Today’s smart devices share information and communicate with other services across the Internet.
But such convenience comes at a cost, including concerns about privacy and security.
Those concerns get even more complicated when your smart home is not entirely your own. Imagine you’re a renter in an apartment building or a guest in a hotel. Who controls the data from your heating system or refrigerator then? And how should the companies behind such devices make them more secure?
“I’ll be focusing on privacy, looking at the tradeoffs industry has to make between efficiency, interoperability, transparency—and seeing how to enable privacy within those needs,” said Landau, Bridge Professor in Cyber Security and Policy at The Fletcher School and the Tufts School of Engineering.
“The idea is that by taking into account industry needs while simultaneously looking across many types of smart home devices, we are seeking to develop strong privacy and security protections that will apply broadly across a wide swath of smart home devices.”
The larger research program, which involves seven academic institutions, aims to improve the security and privacy of high-tech products used in smart homes. The project is called Security and Privacy in the Lifecycle of IoT for Consumer Environments (SPLICE) and is led by a team at Dartmouth College.
Tufts Now spoke with Landau to understand the goals of the project and her role in achieving them.
Tufts Now: What do you hope this project will accomplish?
Susan Landau: We’re hoping to do two things.
First, we want to understand what privacy and security for home IoT devices means in a variety of living arrangements—elder care communities, college dorms, rental units, and so forth. Who gets to control these devices: the owner of the facility, the manager, the resident? How should controls be developed to facilitate that?
Second, we seek to bring actionable privacy and security protections to the life cycle of home IoT products, from development all the way through to decommission. What choices will be available for who sets information on the device? How easy will it be to switch control to another person?
That’s the development stage. At the other end, what happens when a homeowner sells their condo? How do the smart devices transfer over to the new owner without revealing information about how the previous owner lived?
You will be developing guidelines for developers of home IoT devices. Why are those needed?
There’s already been lots of research where privacy and security vulnerabilities are discovered and then researchers propose some relatively low-level best practices that fix the privacy or security vulnerabilities from, say, a smart TV. But these best practices don’t generalize well.
So in SPLICE we’ll take a broader view. We’ll look at more general industry tradeoffs between efficiency, transparency, interoperability, privacy, and security—and perhaps some others suggested by our advisory council. By looking at the tradeoffs between these more general requirements, we’ll provide far more valuable ways of thinking about providing privacy and security for home IoT devices. I’m really excited about developing these best practice principles.
Are such principles legally binding, or would they be recommendations that companies could choose to adopt or ignore?
The guidelines will not be legally binding. But in earlier work I did for the Trusted Computing Group, best practice principles effectively became the industry standard. I’m hoping the same will happen here.
Why is this important now?
Home IoT devices are increasingly popular. We’re beginning to understand their impact, but they are not so fully embedded everywhere that we can’t change their design to improve their privacy and security capabilities.
Right now, for example, just noting which IoT-enabled devices are communicating can reveal what homeowners are doing—whether they are sleeping in, taking naps in the middle of the day, or drinking too much coffee.
Sometimes updates change where information is stored, whether locally on your phone or smart vacuum cleaner, or in the cloud. For your phone, although there is a privacy concern, cloud storage might be useful, as your other devices can access the information. But why should any device other than a smart vacuum cleaner access the layout of your residence? Those are the kinds of issues I expect we will tackle as we look at privacy of smart home devices.
Heather Stephenson can be reached at email@example.com.