However the Carrier IQ mess eventually plays out, there will be lessons to be learned for anyone involved with big data.
Which, these days, whether you like it or not, is each and every one of us.
The revelation that diagnostic software from the company Carrier IQ is apparently capable of recording every keystroke and SMS message — inbound and out — on some smartphones has generated a furor over privacy in the ever-accelerating information age. The Twittersphere is on fire. US Sen. Al Franken is asking Carrier IQ for answers: How is information logged?, How is it secured?, How long is it stored? Some consumers are calling for boycotts.
This news, coupled with other recent developments — WikiLeaks’ release of hundreds of files from what it’s calling an international “mass surveillance industry,” as well as the realization that a panic over a presumed water system infrastructure hack was really a “comedy of errors” — underscores just how challenging the atmosphere is for any data-gathering, -storing, -managing or -mining technology company. It also makes the often paranoid-sounding objections of, say, smart-meter opponents, sound … well, a lot less paranoid.
For companies focused on building the energy-efficient “internet of things” — not to mention anyone who expects to use said “internet” — it raises some points to remember:
- For all the speed at which data, and news about data, travels, it still makes sense to occasionally step back, take a deep breath, stop reading the tickers, Tweets and feeds, and focus on facts rather than on noise.
- Regulations and the law, while necessary, are hardly adequate front-line defenses anymore against breaches in technology security and privacy. They simply can’t keep up with the rapid pace of change and innovation. That’s not to argue against regulations and laws … but it does underscore how much more important it is today for technology companies to create the best possible defenses on their own. If for no other reason than that no one wants to find themselves in Carrier IQ’s shoes.
- Ultimately, an industry’s reputation for valuing customer security and privacy is only as strong as its weakest link. That’s why industry-led standardization efforts for ensuring data protection are so important, especially in the smart-grid realm. Buying a smartphone is still a choice. Getting a smart energy meter is not always. With that kind of mandate comes a great responsibility for not only smart data, but smarts about data.