Digital ubiquity is inevitable, but how the IoT will handle privacy and security remains unknown. The FTC is already asking questions, the answers set to deeply impact healthcare. What can we expect, and what should we do now?
A science fiction favorite is the turning point between machines and man, that revolutionary moment when the mechanized population exceeds the human one. These archetypal Frankenstein stories usually begin with great hope and end with disaster, the created contemptuous of the creator and demanding absolute dominion of the world they share. Why robots, aliens, and everything else unfathomable are typically seen as belligerent is probably because we’re scared: “Fear the Future!” bylined The X-Files, and we believed.
Gartner reveals that by next year the number of connected devices will exceed the human population, and from there zoom to over 25 billion units by 2020, blanketing every sector from automotive to consumer to healthcare. By then smartphones will be laughed at or forgotten like answering machines and Betamax video recorders are today; instead every useful object will likely have an IP address and interact with the Web, receiving, processing, transmitting, and sharing data in ways and to a magnitude we now can’t even imagine.
With a primary mission to protect consumers by preventing fraud, deception, and unfair business practices, the Federal Trade Commission (FTC) is carefully watching the sci-fi flick that is “The Internet of Things,” nervously munching popcorn and trying to figure out what happens next. You’ve got to hand it to the FTC on this one: They’ve come a long way since WIRED magazine blasted them in 2012 for issuing their staff Blackberry’s and missing the boat on digital privacy—these days hiring top experts and creating its own research division.
In January they went a step further and issued their “Privacy & Security in a Connected World” report; check out the 71-page PDF and the proactive efforts made through background research, workshopping, and recommendations for privacy legislation and data security. Given the inchoate nature of the IoT, they correctly suggest self-regulation by industry, with a strong, two-fold focus on data control: 1) Regulate how companies access and manage consumer data; and 2) Minimize the risk of these companies being breached.
The Brave Little IoT Toaster
Justin Brookman, policy director of the FTC’s new Office of Technology Research and Investigation, humorously uses the example of the connected toaster: “You have a basic understanding of what a toaster is going to do,” he insists—namely, make toast—and not analyzing your data while doing so. But the IoT is all about collecting and sharing data from appliances as innocuous and ostensibly non-digital as a toaster, to devices as innately biometric as a heart rate monitor. Thus the agony and ecstasy of Big Data for IoT.
Although nobody has a clue how the IoT will actually become realized, not much imagination is required to envision connected homes, offices, restaurants, and stores where our environments automatically recognize who we are, and dynamically and personally respond based on our continuously updating digital profile. Our toaster will continue to make toast, but how, when, and where it makes toast will be optimized based on for whom. Clearly that epic convenience begs the question of how and with what authority the toaster does so.
Making matters even more complex, toasters don’t naturally come with screens, and even if they did the idea a toaster asking for consent to use personal toasting data seems absurd. Same rules apply on a micro level to most appliances, such as the refrigerator, oven, bed, even bathroom, and on a macro level to the connected environments themselves, requiring a continuous and detailed stream of personal data to de facto fulfill their connected function. What about consent embedded within the initial purchase of the device? Is that enough?
Healthcare and the IoT
Informing consumers isn’t necessarily the same thing as protecting them, and nowhere is that more subtle and significant a distinction than in healthcare. If you think privacy and security remain daunting obstacles for consumer services and brands, imagine the looming train wreck for digital health: FitBit just got HIPAA compliance safeguards, but good luck getting your toaster certified—which you might have to do if measuring carbs is part of your full biometric evaluation for diabetes. With everything connected, all boundary lines blur.
Despite the obvious regulatory roadblocks, an April report from MarketResearch.com alleges a 15% compound annual growth rate for healthcare IoT, totaling over $117B by 2020. Given the incredible opportunities, the estimate might actually be conservative: From telemedicine to cloud-based platforms, integrated wearables to advanced biosensors, data integration and management capabilities, revolutionized clinical trial recruitment and structuring, the IoT is poised to bring the quantified self, predictive, and even preventative power to medicine.
As Brookman from the FTC said, “For consumers, everything they own is a little black box, and we’re trying to make sure that their interests are provided for.” Refreshingly proactive, the FTC sees a digital, ubiquitously connected future, one where the powerful potential of contextually embedded brand communication is matched only by its dangers. The stakes even higher and the risks ever greater, healthcare remains the undiscovered country for the IoT, but one when conquered will lead to an unprecedented revolution in public health.
Your Healthcare IoT Partner
Between the sheer critical mass of digital health and the equally relentless concerns about patient data, you need a savvy and seasoned partner to help prepare for the inevitable healthcare IoT revolution. Our own Klick Labs, in conjunction with Klick technical experts in cross-brand, enterprise-wide consolidation have already dipped their toes in connected devices and multichannel integration. Our editorial experts partner extensively with healthcare regulatory leads to ensure every implementation is fully compliant.
Connect with Klick to see how we can start making the IoT future happen now…