European Research Update

Protecting Consumer Data in the Internet of Things

by Tom Kerber | Jun. 1, 2014

Ensuring consumer privacy and security, and thus alleviating increasing consumer anxiety, is key to the smooth growth of the Internet of Things (IoT). Everyday devices are beginning to collect data and stream it to the cloud, and many consumers are concerned about how this data will be used.

Manufacturers and smart home service providers know that this new source of data will transform markets. Data is the key to understanding consumer interaction with services, and it can be used to improve product performance and enable efficiency gains in every aspect of business, from product development to service and support. Data, in effect, is a currency that is exchanged between consumers and service providers so that that the consumer can receive advanced features and new capabilities, while the business benefits with information to provide a better, more profitable offering.

Most industry players also understand that the consumer relationship, trust in the brand, and loyalty are paramount, and to maintain these elements, they must design robust security mechanisms into every layer of a product and service. Unfortunately these efforts - and the value placed on privacy and security - are not uniform, and the repercussions of lapses are a risk to the growth of the entire industry. For example, recent high-profile data breaches involving Target and eBay shook consumer faith in the security of their data - and the companies are being scrutinized for their reactions as well as the initial security lapses.

Even if the industry collectively is successful at preventing unauthorized access to data, a small but vocal segment of consumers will take every opportunity to highlight the potential for invasion of privacy, which may have the same impact as an actual breach. The small group of consumers who opposed the installation of smart meters in the U.S. is a good example of how a vocal segment can tarnish public perception of new technology and delay its deployment.

Given this backdrop, a thoughtful regulatory structure, which enables companies to innovate while protecting the privacy of individuals, is essential to grow the industry. The current end user license agreement process is inadequate and insufficient in many ways. It offers a one-size-fits-all approach to the transaction of data, but data can be used for many purposes. Manufacturers use the data to better understand customers in the aggregate, and their use of the data is general and benign in most cases. However, the same data set can be mined to reveal personal information about individual users. The new draft of EU data protection regulations must not restrict the data itself but must instead consider how it is used.

To address privacy concerns, user agreements must evolve to an informed consent model. While data mash-ups promise to create compelling services, respecting an individual’s right to participate is key to continued trust.

Tailoring user agreements to give users the right to participate and the right to be invisible enhances trust and serves the small segment of consumers who are concerned about their data. If data is a currency that is exchanged to receive services, consumers must have the right to withhold that currency.

While tailoring the user agreement and providing informed consent are simple concepts, many details must still be worked through. If users retain ownership of the data throughout its lifecycle, and have the right to participate in any future exchanges, it is logical to assume that users also have the right to be forgotten or erased. Given that data is stored, backed up, and copied many times throughout its lifecycle, executing the right to be erased presents a substantial challenge.

This basic concept underpins the recent ruling by the EU that people have the "right to be forgotten." This decision applies mainly to Google and search results, and it is too early to tell the true implications of this ruling and how it will affect other aspects of the connected home, including connected devices and smart home services. But it is a challenge the industry needs to undertake, and the EU-Google ruling stresses the need to stay ahead of regulations. Despite the complexities associated with data privacy and security, it is essential that industry work with regulators to strike the right balance, which will serve the customer and accelerate the transition to the IoT.

Parks Associates will address issues regarding the Internet of Things and connected consumers at CONNECTIONS™ Europe, 18-19 NOV, in Amsterdam. Register Today.

2014 Topics

Devices & Services

  • Connecting Smart Products and Smart Home Services
  • Implementing the Internet of Things: App Mashups and APIs
  • The Future of the Home Gateway: Entertainment and More
  • The Path to 4K Content and Services
  • Pay TV, Connected CE, and Broadband in 2020
  • Tech Support Solutions for the Connected Home

Consumer Engagement & Business Strategies

  • Innovations and Interoperability: Competition within the Smart Home
  • The Future for TV Everywhere and OTT Services
  • Tomorrow's Interfaces, Control, and Content Discovery
  • Apps and the Role of Mobile in Engaging the TV Viewer
  • Channel Strategies and Business Models for the Smart Home
  • New Revenues in Advanced Advertising and In-App Offerings
  • Smart Home and IoT: Overcoming Privacy and Security Concerns



Tom Kerber

Tom Kerber

Director, IoT Strategy

Tom leads Parks Associates research in the areas of home controls, energy management, and home networks. Tom authors numerous reports on energy management and home controls covering the evolution of technology, partnership opportunities, and new business models. Tom’s work at Parks Associates includes managing consumer surveys that track trends and market opportunities and enable insightful evidence-based forecasting for energy, security, and home controls. Tom speaks frequently at key industry events, and his views are sought out by national press organizations and publications.

Tom has done extensive consulting with electric utilities operating in a variety of regulator structures and numerous firms within the smart home ecosystem. Recent utility engagements include defining the home area network roadmap for a California IOU, updating the consumer engagement strategy for a traditional vertically integrated IOU, providing consumer and industry analysis to refine EE and DR programs for an IOU in a restructured market, and providing insights on the evolution of the connected home for a large Midwest IOU. Tom has also led projects for many Fortune 500 companies, helping clients refine smart home strategies, develop scenarios of the future of the smart home market, enhance product roadmaps, and refine specific product features.

Prior to working at Parks Associates, Tom worked as director of engineering and director of product management in multiple industries. Tom began his career in the U.S. Navy nuclear power program on submarines. He holds a Bachelor of Science degree from the U.S. Naval Academy in systems engineering and a master's in software engineering from the University of Texas.

Industry Expertise: Residential Security, Smart Home Products and Services, Home Network Technology, Software Systems, Electric Utilities, AMI, Home Energy Management, Demand Response

© 1998-2017 Parks Associates. All Rights Reserved.