Talk to me: IoT devices must tell consumers how they use data

dixonthayer

More and more everyday items, from health wearables to smart beds to cars, now generate and send user data to third parties. As these Internet of Things devices proliferate, potentially betraying consumer habits and health information to faceless agents, privacy is no longer as simple as reading a short paragraph on what’s collected and who uses it.

“It is complicated, but that doesn’t mean that we don’t have to crack it,” said Denelle Dixon-Thayer, chief legal and business officer at Mozilla Corp.

Dixon appeared on SiliconANGLE Media’s mobile video studio theCUBE at a Data Privacy Day event held Thursday by the National Cyber Security Alliance at the San Francisco headquarters of Twitter Inc., a sponsor of the event. Data Privacy Day is an annual celebration to recognize the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty concerning privacy and data protection.

Dixon sat down with Jeff Frick (@JeffFrick), co-host of theCUBE, SiliconANGLE Media’s mobile video studio, to discuss the critical need for companies making Internet-connected devices to make sure those devices communicate how they will use the data they collect. This is one of a series of interviews with top executives and thought leaders at the event.

Dixon argued that we no longer live in a world where a simple disclosure statement buried in product instructions works anymore. “I think we live in a world where we need to put in-context notices,” she said. “We need to actually create an interface where whatever [device] that you have is able to alert you when data is actually transpiring.”

To aid this, Dixon believes that more companies need to look at product development and bring a privacy focus directly into product design. Many consumers are unaware of what data is being collected or when and how it’s being used. This is not good for customer privacy, but it can also pose a risk for the businesses collecting it.

For example, data collected could be seen as furtive voyeurism by consumers who suddenly discover their TV viewing habits are being sent to an ad agency. Data collected from customers may even be seen as out-of-place or creepy, such as fears that an Amazon Echo or a smart TV would listen to and send everything said in its presence. Amazon.com Inc. communicated that the Echo only listens for its name and only records questions asked.

Upfront communication about the when, how and what of data collection and processing companies can build trust with consumers — and avoid losing it. “One thing that we don’t like to be in life is surprised,” said Dixon. “If we start thinking about business and our engagement with our users as creating a ‘no surprises’ opportunity, it actually creates trust. It fosters a deeper engagement, it makes it so that we’ll all be happier in terms of that relationship.”

Part of businesses’ responsibility is to avoid collecting data that is not needed, she said. While it’s tempting, collecting too much data adds risk and may even slow down service. Not surprisingly, she mentioned Mozilla’s Lean Data Practices initiative as one way to learn about focusing on consumer privacy and building trust.

Here’s the complete video interview with Dixon. You can watch the rest of theCUBE’s coverage of the event here.

Photo by SiliconANGLE