June 6, 2017

The Internet of Things Connectivity Binge: What Are the Implications?

Theme 6: Notable numbers will disconnect

Some 15% of these respondents are not at all confident that the Internet of Things will be safe enough to command trust among users. They argue that a number of the problems mentioned elsewhere in this report will be severe enough that some people will retreat from super-connected life. They particularly stress how key systems such as health care and finance sectors as well as utilities and other critical infrastructure arrangements will likely be top targets of attacks by terrorists, national enemies and highly motivated hackers. They are concerned that the people behind the creation of the IoT are not willing to invest the resources needed to do the hard work of minimizing negative effects. Some see the primary motivation of builders of the consumer-facing IoT to be aimed mainly at the mercenary monetization of everything.

Lack of trust, safety and privacy issues and more may move those with fears to withdraw

Trust was singled out by a number of respondents as the most crucial factor when it comes to connectivity. Among those who see this as a prime reason for disconnection are those who also predict that it may become the reason behind an organized movement.

Whatever can be hacked will be hacked, and some will opt out. Not a majority, maybe only a smallish minority, but still.
Alf Rehn

Raymond Plzak, former CEO of a major regional internet governance organization, observed, “Disconnect will happen [to some extent] as long as there continue to be cyber exploitations causing feelings of anxiety and mistrust.”

An anonymous respondent said, “People will not want to be connected 24/7. Lack of trust will be a factor.”

Several respondents predicted that those who were victims of abuse tied to the IoT will be the vanguard of the disengaged. Eelco Herder, senior researcher at the L3S Research Center in Germany, observed, “Most people will continue to move more deeply into connected life. At least they will until at some point people or governments will be personally involved in attacks, hacks or ransomware, or until the point that these dangers become very real and direct. Many people believe that this is bound to happen.”

An anonymous respondent observed, “Online terrorism will become a [bigger] thing. Terrorism is powerful and people will respond in a number of ways including disconnecting.”

Alf Rehn, professor and chair of management and organization at Åbo Akademi University in Finland, wrote, “Whatever can be hacked will be hacked, and some will opt out. Not a majority, maybe only a smallish minority, but still.”

Author Paul Lehto replied, “With the Internet of Things, the capability of a jilted lover to make mischief by turning off power when the love interest is preparing for a date with another, to use a somewhat off-the-wall but colorful and illustrative example, will cause significant numbers to disconnect for peace of mind and privacy reasons.”

An anonymous respondent said, “There will be a disconnection from the larger Internet of Things, but it might look more like switching from shopping at Costco and shopping at the smaller local ma-and-pa store. Kind of like the farm-to-table movement, where you can verify the folks with whom you are transacting.”

Some predicted that those who are disconnected will be part of an organized effort by a zealous minority. An anonymous respondent commented, “Perhaps there will be a new movement of people who choose to disconnect from everything. Like living off the grid, but at a much more fundamental level. Going dark.” And an anonymous professor at a state university said, “Most will be connected, but disconnection will become fetishized. It will be talked about the way that meditation is talked about today. I expect to see device-free and disconnection workshops and probably a whole disconnection movement in the near future.”

Corporate intransigence, shortsightedness and misguided thinking create vulnerabilities

A large share of the respondents to this study who do expect large numbers to disconnect said most of the exploitable weaknesses in the Internet of Things at this point and moving forward to 2026 are likely attributable to the companies creating internet-connected products. Among the reasons they cite are the need for speed in a competitive market environment and the costs in time and money of building in and maintaining security.

Security problems, which are already bad, will become more and more visible until we reach some kind of tipping point.
Anonymous software architect

George McKee, a retired research scientist, said, “‘Secure out of the box’ has been a slogan of cybersecurity professionals for many years, but it will not come to pass as long as ‘first to market’ and ‘easy to use’ take precedence in product managers’ priority lists. Only the most talented of designers are able to make the secure way also the easy way. The ‘Internet of Abandoned, Misconfigured and Subverted Things’ will become a powerful tool for malicious actors.”

Nigel Cameron, president and CEO of the Center for Policy on Emerging Technologies, observed, “We’ve gotten used to having our basic information hacked, but cyberphysical systems raise the stakes exponentially. I don’t know if we’ll achieve de facto security, but I do know we are very far away from taking the agenda seriously. E.g., as I have argued elsewhere, the chief information security officer should report directly to the chief executive. Corporate reporting is an index of risk seriousness, and at present is out to lunch on these questions. Pablums from governments (like the latest cybersecurity commission appointed by the administration) won’t cut it. On the other hand, short of a huge shift in public attitudes (cf. GMO/Europe; they can happen), opt-outs from mainstream culture will remain oddities.”

An anonymous software architect wrote, “Security problems, which are already bad, will become more and more visible until we reach some kind of tipping point, hopefully leading to regulation of such devices and meaningful sanctions against vendors who ignore security problems. However, I expect a significant number of people will reject these devices regardless of whether their security improves.”

An anonymous respondent replied, “Most companies manufacturing IoT technology will most likely continue to be more concerned with producing a product that prioritizes cost of entry and ease of use over security, if only because there is no monetary incentive for them to do otherwise. Until a lackadaisical approach to securing technology becomes a financial liability (though harsh fines) no progress will be made on this front. Data will continue to be leaked, breaches will continue to occur, and people will still buy into it regardless.”

David Collier-Brown, who provided no further identifying information, wrote, “Our current security and maintainability is far, far behind the state that we need for networked security cameras and routers (today!) and for baby monitors and refrigerators in the immediate future. Unless we get people like Dave Taht (co-founder of the Bufferbloat Project) and Vint Cerf (Internet Protocol co-inventor, see “Sometimes I’m terrified by the IoT”) being listened to, I expect a boom-bust cycle as vendors sell garbage and unhappy consumers discard it.”

An anonymous leader at of a global privacy organization observed, “This is the least-positive outcome: People will disconnect. There is so much benefit to be had but those in industry are idiots at privacy and security so they are going to destroy its potential. I want a connected future, but I doubt that the industry leaders and governments, will let it happen in the most equitable way possible.”

An anonymous director of business appraisal said, “The Internet of Things – unless strong cryptography is adopted – will die on the vine. Some always-connected devices will remain, of course, such as those connected with entertainment, but every bit of bad press about a hacked webcam or heating system will drive people away from total integration.”

Glen Thomas, a computing expert, wrote, “IoT devices do not generally get security updates, so most will have vulnerabilities for most of their life – owners will not be concerned about this if they appear to still function. Snappy Core could help with updates, but OEMs [original equipment manufacturers] need to have legislative encouragements to get their security act together.”

Amanda Licastro, an assistant professor of digital rhetoric at Stevenson University, commented, “The college students in my classes are already taking themselves offline by eschewing social media sites and deleting their own content from corporate-owned platforms. Many are influenced by the slew of movies, TV shows and books that present satirical or exaggerated versions of our future through a lens of constant surveillance and corporate control. At the same time, we are all reliant on these tools – Google, Facebook, messaging apps, etc. – to communicate and organize. This paradox may cause a division in our society that replaces or supplants the current political parties.”

An anonymous freelance consultant said, “Most people will choose the easier path of increased connectivity, but over time we will see public trust in government, corporations and markets continue to erode as more breaches of security come to light. Governments, corporations and markets are already suspect to increasing numbers of people, worldwide. Lack of effective security will further erode trust and increase discontent. Combined with job losses due to automation, this will not end well.”

An anonymous technology analyst at a major global networking company wrote, “As only GAFA [an acronym for technology company imperialism – short for Google, Apple, Facebook and Amazon but it represents more than these] can make money from each new set of eyeballs, the rest of us weigh the cost of each connection and our authority/policy over it. The central issue is technologists do not provide the hooks to manage my identity and information against binding arbitration and any default table of authority. Technologists can provide tools to consolidate the various civic, family and industry authorities with UCC 1-308 citizen’s ability to alter contracts. 😉  Today it is much more secure to divide and store information locally (from my fitness watch to a program on my computer) rather than let the cloud have it. Moore’s law says fog computing will win over cloud computing.”

‘TMI’ and less-than-stellar performance from complex tech systems will drive dropouts

It all may just get to be too much for people to handle, leading at least some to give it up. That’s what some respondents said. Varied stressors, including information overload, complexity of IoT products, failure of products to perform well and other emerging negatives – often in combination with safety and privacy fears – will move people to withdraw to some extent from participation. The reasons can be as complicated as the systems some choose to escape.

We are not going to be able to disconnect, but poor systems will make people want to disconnect as much as possible. … This will be very interesting to watch.
Anonymous respondent

An anonymous user researcher at a major global news organization observed, “The fact that we now routinely update software on our computers to patch should tell us everything we need to know about the Internet of Things. Do you want to update your toaster? No? Do not purchase connected devices. There’s another problem. If your thermostat connects to a remote server to exchange data about your home-heating habits, and that company goes out of business, the next may no longer provide the servers to support your connected device. You may suddenly find that your thermostat doesn’t work. We are creating needless systems of dependency on companies through the Internet of Things. And then there’s privacy. Let’s say, for example, you purchase a smart television. If a company is collecting the data about how often you watch your smart television, we may want to consider that their primary reason to exist is to make a few dollars, and that data represents a revenue stream. Unless consumers read their privacy policies and terms of service, they are remarkably disadvantaged in their relationship with companies. Maybe the television company wants to sell the data with your insurer, or sell your television habits to data brokers to find out how often you purchase products you see advertised on your favorite channel. If privacy is a concern, it’s a lot easier to simply buy a disconnected device. It’s difficult to foretell the future adoption of networked devices, but I see no strong indications that the adoption will fall. This is despite the many problems with digital security, the inherent dependencies such devices create upon for-profit companies, and the privacy risks that can be abated through simply disconnecting.”

An anonymous respondent said, “I have no desire to have a more deeply connected life. I’ve got all I can deal with right now and don’t want my devices to be telling me what to do without my asking.”

Another anonymous respondent commented, “People can best understand linear, i.e., simple systems. IoT brings an even more pervasive complex system into our daily lives. This trend together with the lack of sense to have good security will result in accidents and, potentially, disasters as transportation systems and health systems become increasingly reliant on IoT technology.”

An anonymous technology writer said, “The Internet of Things will flourish in some of its many application areas but I doubt that the ‘connected home’ is one of them. Building operation management makes sense for hotels and high-rises, but connecting home objects at random ‘to the internet’ is a real alphabet soup of protocols and systems, difficult to secure but also difficult to maintain, upgrade and repair. Safety won’t be what stops people, it will be the same fiddly disenchantment that stops many from, for instance, wearing athletic tracking bracelets.”

An anonymous respondent predicted, “We are not going to be able to disconnect, but poor systems will make people want to disconnect as much as possible, and job loss to technology will mean people will try to slow adaptation to technology and come up with innovative ways to increase productivity. This will be very interesting to watch.”

Additional anonymous respondents who believe significant numbers will disconnect wrote:

  • “I already disconnect.”
  • “This is an easy question to answer: It’s happening already.”
  • “Without major social and political change this looks to be the best way forward.”
  • “People will get more and more fatigued by online lives and retreat to only necessary online interactions.”
  • “Boomers will seek to disconnect.”
  • “I expect many people to try to disable the connectivity of many of their machines.”
  • “What I’m hearing from early adopters of IoT technology is that they are always trying to find ways to turn the internet connectivity off.”
  • “What will happen when you can’t buy non-connected devices? Almost all Android apps I use want access to my camera and microphone and I have to grant it or I can’t use the app. I’m trapped!”
  • “I laugh every time I see an advertisement for a ‘smart refrigerator.’ Are people really that desperate for a little convenience that they would open themselves up to hacking?”
  • “I do think significant numbers will disconnect, but fewer will be motivated by security fears than by negative online experiences and a desire for more-authentic, caring interactions.”
  • “The Internet of Things is going to lead to massive security breaches that will drive people away from being interconnected.”
  • “Major risks will cause a counter reaction by which significant number of people will disconnect.”
  • “As each item comes online, there’s more opportunity for the bad guys.”
  • “I can’t wait to see how many people die from the Internet of Things.”
  • “I will resist the IoT as long and as much as possible.”
  • “People will try to disconnect, only to discover too late that they’re unable to.”
  • “Without trust there can be no real safety.”
  • “The safest network is a disconnected network.”