The Internet of Things (IoT), or what I prefer to call the Internet of Everything (IoE) or as some people call it the Internet of Everything to be Hacked (OMG), describes a world in which objects are connected to each other and to networks so that the data they create is captured, analysed and potentially acted upon.
The IoT is to some extent a science fiction idea called Mirror Worlds crossed Mirror Matter, which is a term in physics. Both are to some extent parallel or alternative realities in which physical things have digital counter-parts.
If you spin this idea forward fifty years you can start to glimpse what an IoT of the future might look like. In such a scenario the IoT is pervasive. Everything of value in our physical world has a digital alter ego that is alert to its environment.
The point here is that we’re not augmenting reality we’re changing it. This is not either or. You do not step out of one world into another. This is a full merger between the digital and the physical.
Another point is that in this future the IoT is not passive. We don’t switch the IoT on. It’s always on, always scanning and always responding. Furthermore, in many instances we’ll talk to this IoT and it will talk back. The interface is the entire world and we talk to it much as we do to each other.
I used to make jokes years ago about internet-connected cows, shoes and toothbrushes. All of these now exist. So too do connected televisions, light bulbs, padlocks, pet feeders, thermostats, coffee machines, school uniforms, cars, plants, watches, toys and parking spaces.
With cost of Wi-Fi chips getting close to zero we’re putting them in everything – including our eyes. There’s even a computer the size of a full stop that people put into their eyes. It measures the pressure of liquid on their eyeballs and wirelessly sends data to their doctor. It’s for people with Glaucoma.
Another current example of the IoT is Hello Barbie. This is a network-enabled, cloud-powered, AI-driven doll that can hold a conversation with your kid. Using Wi-Fi, the doll picks up your child’s questions and conversations and transmits them back to a control centre for processing. Speech-recognition software detects the input and then the doll then replies, almost instantly, using one of 8,000 pre-programmed lines of conversation.
Creepy on one level useful on another. The doll could in theory read stories based upon your child’s interests, teach languages interactively, even monitor your child’s health. It can be hacked of course, but nothing’s perfect.
Currently less than 1% of the things that could be connected are connected according to Cisco, but things could progress even further. The UK Ministry of Defence has a high scenario of 7 trillion things connected by the year 2045. In such a scenario anything of value or interest to us would be connected. Can you imagine the amount of data this would produce?
So what’s the good news coming out of this level of hyper-connectivity?
In this future – widely expected by the technology industry – we have open networks with high levels of interoperability, common standards, low regulation and high security. This in turn means real-time optimisation of assets and infrastructure, which means increased precision, improved efficiency, increased personalisation, better decision making and improved user experiences.
With transport this means the more efficient movement of people and goods especially within cities. It means reduced fuel consumption and improved safety. An IoT applied to cities could also mean improved health. If all buildings and vehicles contain sensors you could map air quality in real time and cyclists and pedestrians could find the cleanest air routes for their journeys.
With agriculture, the IoT could mean vastly improved use of scarce resources. For example, instead of water, fertiliser or pesticide being applied to whole field they could be applied to individual plants depending on need. Geo-tagging fields would provide data on soil conditions down to a square metre or less. It would also allow hyper-local weather forecasting, which would enable precision sowing and harvesting and ultimately the facilitation of fully autonomous farms and fully transparent farm-to-fork tracking.
With energy, the IoT could further facilitate decentralisation, local energy harvesting and hyper-local micro-grids, all of which could reduce energy costs and emissions by as much as 30%. This might come in handy given the massive energy requirements associated with an IoT. Ultimately I’d imagine most sensors will be able to harvest their own ambient energy from the environment, but until this happens energy could be a stumbling block.
With health the IoT could help shift our mind-set away from cure to prevention. It could unlock open-medicine, personalised treatments and Tele-health. Home-based diagnosis, treatment and monitoring, facilitated by an IoT, could save billions and free up hospitals to focus on acute care.
So that’s the picture most people expect to see. A world that’s fully wired and hugely efficient where individuals trade privacy and security for productivity and personalisation.
But there are other ways that things could turn out.
What if people start to see this data as being their data? What if they want to be paid when someone harvests the data they emit whilst walking around a city, driving a car or looking at funny videos of cats? What would that do to the business models underlying the IoT or the whole internet for that matter?
Similarly, what if people do get paid, but the sums they receive are tiny compared to the profits made by a handful of huge corporations?
If an online transportation company is harvesting data concerning the movement of vehicles in a city who has the rights to this data? And while we’re on the subject, wouldn’t any data harvested by a car-share company primarily be used to improve vehicular traffic rather than cycle traffic or pedestrian flows?
There are vested interests embedded in the IoT.
Then there’s the more serious issue of cyber-attacks.
The IoT could be one of the dumbest things smart people have ever done.
From an engineering point of view, complexity is generally synonymous with instability. From a security point of view the IoT is vastly increasing the attack surface for terrorists and troublemakers. And when things do go wrong they could go seriously wrong very fast due to knock-on effects.
I’m aware of some research looking at the impact of a cyber-attack on the Eastern seaboard of the US. The cost of one attack could exceed a trillion dollars.
Or there’s the issue of severe solar storms. One study looking purely at impacts on the US electricity grid puts the potential cost at between ½ and 2½ trillion US dollars – and that’s before you start applying a multiple to take into account the IoT. Solar storms have the potential to interfere with radio communications essentially knocking out mobile phones, GPS and smart sensors.
I remember a letter in a newspaper many years ago. It was written by an elderly woman that had survived WW2. Her point was that an enemy wouldn’t need any physical weapons these days. All they’d need to get a country to surrender would be to turn off the electricity for 48-hours. There’d be no money, no phones, no fridges, no radios, no TVs. She didn’t say it, but if everything becomes ‘digital by default’ there’d be virtually no backup plan or resilience either.
Or maybe something subtle would be effective if your aim was simply public panic on a massive scale. If prison cells aren’t already connected to a network I’d imagine they soon will be. Smart prisons. What could possibly go wrong?
Well what if someone hacked into all of Europe’s prisons and opened every single cell door simultaneously? That would keep the authorities distracted.
BTW, I once wrote that smart thermostats were relatively safe from an attack by ISIS. Sure they could hack into your heating and turn it up, but a bigger threat would surely be a attack government deciding to turn down every central heating system in the country in order to save energy. But it appears that ISIS could in theory bring a country to its needs through your central heating system and there wouldn’t be much you could do about it in the short term if you’d surrendered your control to a remote network.
How could they do this?
A virus could be deployed to switch appliances on and off in very rapid succession. If you could do this with enough appliances simultaneously you could crash a power grid. In the US one recent cyber-attack started with a single air conditioning unit connected to a network. These things can and do cascade.
There are some interesting legal questions relating to the IoT too.
Putting to one side the issue of privacy, especially in one’s own home, and also questions relating to data ownership, storage and application there are the issues of regulation, liability and even ethics.
For example, if an autonomous vehicle was placed in a situation where a crash was unavoidable and where all outcomes are hugely negative, how should the car choose what to do? Smart machines follow rules. People often don’t. If an elderly drunk jumps in front of a self-driving car should the car hit the drunk or swerve and risk hitting a tree potentially killing the young mother inside the car?
How do we program moral code alongside computer code?
This will become a bigger issue as the IoT grows, especially if fully autonomous machines are connected to it. For example, at the moment drones have human oversight, but what if they don’t? What if we develop lethal autonomous weapons systems that do not require any human oversight whatsoever?
Where does the liability reside when things go wrong?
Another issue concerns sharing. At the moment we tend to think of the Internet as open and generative. Everyone, more or less, has access to more or less anything from more or less any device. And it’s a two way street. We create as well as consume information.
But what if profit-seeking corporations decide not to share? What if an Apple car can’t access Google maps? Or what if your Google car works in Spain, but not in the UK because it’s a different legal jurisdiction? I think a Balkanisation or ‘splinternet’ scenario is quite possible. So instead of an Internet of Things we have Intranets of Things with little or no interoperability. Something like the EU perhaps? The IoT is built, but it doesn’t work due to differing legacy systems, a lack of common standards and differing economic self-interest.
I said earlier that you can put privacy to one side but you can’t really can you?
We’ve already had instances of televisions listening in to private conversations and I have one friend who now turns his Amazon Echo off at night because he’s started to receive spam relating to private conversations in his kitchen.
Or there’s what happened to Samsung back in 2015. Samsung’s smart TV was listening in to private conversations when its voice control feature was activated. Conversations were recorded and sent unencrypted over a public network to a third party. Not so smart.
The point here is that smart sensors and indeed any semi-intelligent object should be regarded as computers and we should treat their security seriously.
There is an arms race going on between attackers and defenders and unless we take the security of anything, no matter how trivial, that’s connected to a network super seriously I can foresee a situation where the IoT collapses before it’s been properly created, replaced with smaller private networks with far less connectivity and usability.
Finally, how about some really out there risks?
Is there anything in or around the IoT that might be a real wildcard risk?
I think there’s one. One that nobody wants to hear about. It’s the proverbial elephant in the room. What is it? Climate change? WW3? A digital Pearl Harbour? Donald Trump being re-elected for a second term? Nope.
It’s the idea that Wi-Fi signals and mobile devices might be making some people sick. It’s the idea that Big Tech could be the next Big Tobacco.
France banned Wi-Fi in nursery schools in 2015 and one Lloyd’s underwriter has refused to cover schools in the UK for claims relating to electromagnetic fields, electromagnetic radiation or radio waves. That’s any device that connects to the Internet to you and me.
I’m not saying this is in any way likely, but the sheer scale of the IoT means that there are unprecedented new vulnerabilities being developed alongside unprecedented new opportunities.
Billions, maybe trillions of objects connecting and exchanging data means that we need to take questions of ownership, use, transparency and especially safety and security very seriously indeed. We also need to agree collectively what an IoT might be for?
At the moment the only real conversation that’s going on is between commercial organisations, engineers and technologists. Governments aren’t really involved, but even if they were the conversation would be largely about efficiency and productivity, both of which are defined in narrow terms.
But an Internet of Everything impacts everyone and everyone should have a say in what it’s for, how it’s used and when it’ not.