(Source:http://www.revasolutions.com/internet-of-things-newchallenges-and-practices-for-information-governance/. Retrieved on January 26th, 2018) 

Governance Challenges for the Internet of Things

Virgilio A.F. Almeida -Federal University of Minas Gerais, Brazil

Danilo Doneda - Rio de Janeiro State University

Marília Monteiro - Public Law Institute of Brasília

Published by the IEEE Computer Society

© 2015 

The future will be rich with sensors capable of collecting vast amounts of information. The Internet will be almost fused with the physical world as the Internet of Things (IoT) becomes a reality. Although it’s just beginning, experts estimate that by the end of 2015 there will be around 25 billion “things” connected to the global Internet. By 2025, the estimated number of connected devices should reach 100 billion. These estimates include smartphones, vehicles, appliances, and industrial equipment. Privacy, security, and safety fears grow as the IoT creates conditions for increasing surveillance by governments and corporations. So the question is: Will the IoT be good for the many, or the mighty few? 

While technological aspects of the IoT have been extensively published in the technical literature, few studies have addressed the IoT’s social and political impacts. Two studies have shed light on challenges for the future with the IoT. In 2013, the European Commission (EC) published a study focusing on relevant aspects for possible IoT governance regimes. The EC report identified many challenges for IoT governance — namely privacy, security, ethics, and competition. In 2015, the US Federal Trade Commission (FTC) published the FTC Staff Report The Internet of Things: Privacy and Security in a Connected World. Although the report emphasizes the various benefits that the IoT will bring to consumers and citizens, it acknowledges that there are many risks associated with deploying IoT-based applications, especially in the realm of privacy and security. 

[…] 

The nature of privacy and security problems frequently associated with the IoT indicates that further research, analysis, and discussion are needed to identify possible solutions. First, the introduction of security and privacy elements in the very design of sensors, implementing Privacy by Design, must be taken into account for outcomes such as the homologation process of sensors by competent authorities. Even if the privacy governance of IoT can oversee the control centers for collected data, we must develop concrete means to set limits on the amount or nature of the personal data collected. 

Other critical issues regard notification and consent. If, from one side, it’s true that several sensors are already collecting as much personal data as possible, something must be done to increase citizens’ awareness of these data collection processes. Citizens must have means to take measures to protect their rights whenever necessary. If future scenarios indicate the inadequacy of a mere notice-and-consent approach, alternatives must be presented so that the individual’s autonomy isn’t eroded. 

As with other technologies that aim to change human life, the IoT must be in all respects designed with people as its central focus. Privacy and ethics aren’t natural aspects to be considered in technology’s agenda. However, these features are essential to build the necessary trust in an IoT ecosystem, making it compatible with human rights and ensuring that it’s drafted at the measure, and not at the expense, of people. 

(Source: https://cyber.harvard.edu/~valmeida/pdf/IoT-governance.pdf Retrieved on January 23rd, 2018)  

(Source:http://www.revasolutions.com/internet-of-things-newchallenges-and-practices-for-information-governance/. Retrieved on January 26th, 2018) 

Governance Challenges for the Internet of Things

Virgilio A.F. Almeida -Federal University of Minas Gerais, Brazil

Danilo Doneda - Rio de Janeiro State University

Marília Monteiro - Public Law Institute of Brasília

Published by the IEEE Computer Society

© 2015 

The future will be rich with sensors capable of collecting vast amounts of information. The Internet will be almost fused with the physical world as the Internet of Things (IoT) becomes a reality. Although it’s just beginning, experts estimate that by the end of 2015 there will be around 25 billion “things” connected to the global Internet. By 2025, the estimated number of connected devices should reach 100 billion. These estimates include smartphones, vehicles, appliances, and industrial equipment. Privacy, security, and safety fears grow as the IoT creates conditions for increasing surveillance by governments and corporations. So the question is: Will the IoT be good for the many, or the mighty few? 

While technological aspects of the IoT have been extensively published in the technical literature, few studies have addressed the IoT’s social and political impacts. Two studies have shed light on challenges for the future with the IoT. In 2013, the European Commission (EC) published a study focusing on relevant aspects for possible IoT governance regimes. The EC report identified many challenges for IoT governance — namely privacy, security, ethics, and competition. In 2015, the US Federal Trade Commission (FTC) published the FTC Staff Report The Internet of Things: Privacy and Security in a Connected World. Although the report emphasizes the various benefits that the IoT will bring to consumers and citizens, it acknowledges that there are many risks associated with deploying IoT-based applications, especially in the realm of privacy and security. 

[…] 

The nature of privacy and security problems frequently associated with the IoT indicates that further research, analysis, and discussion are needed to identify possible solutions. First, the introduction of security and privacy elements in the very design of sensors, implementing Privacy by Design, must be taken into account for outcomes such as the homologation process of sensors by competent authorities. Even if the privacy governance of IoT can oversee the control centers for collected data, we must develop concrete means to set limits on the amount or nature of the personal data collected. 

Other critical issues regard notification and consent. If, from one side, it’s true that several sensors are already collecting as much personal data as possible, something must be done to increase citizens’ awareness of these data collection processes. Citizens must have means to take measures to protect their rights whenever necessary. If future scenarios indicate the inadequacy of a mere notice-and-consent approach, alternatives must be presented so that the individual’s autonomy isn’t eroded. 

As with other technologies that aim to change human life, the IoT must be in all respects designed with people as its central focus. Privacy and ethics aren’t natural aspects to be considered in technology’s agenda. However, these features are essential to build the necessary trust in an IoT ecosystem, making it compatible with human rights and ensuring that it’s drafted at the measure, and not at the expense, of people. 

(Source: https://cyber.harvard.edu/~valmeida/pdf/IoT-governance.pdf Retrieved on January 23rd, 2018)  

(Source:http://www.revasolutions.com/internet-of-things-newchallenges-and-practices-for-information-governance/. Retrieved on January 26th, 2018) 

Governance Challenges for the Internet of Things

Virgilio A.F. Almeida -Federal University of Minas Gerais, Brazil

Danilo Doneda - Rio de Janeiro State University

Marília Monteiro - Public Law Institute of Brasília

Published by the IEEE Computer Society

© 2015 

The future will be rich with sensors capable of collecting vast amounts of information. The Internet will be almost fused with the physical world as the Internet of Things (IoT) becomes a reality. Although it’s just beginning, experts estimate that by the end of 2015 there will be around 25 billion “things” connected to the global Internet. By 2025, the estimated number of connected devices should reach 100 billion. These estimates include smartphones, vehicles, appliances, and industrial equipment. Privacy, security, and safety fears grow as the IoT creates conditions for increasing surveillance by governments and corporations. So the question is: Will the IoT be good for the many, or the mighty few? 

While technological aspects of the IoT have been extensively published in the technical literature, few studies have addressed the IoT’s social and political impacts. Two studies have shed light on challenges for the future with the IoT. In 2013, the European Commission (EC) published a study focusing on relevant aspects for possible IoT governance regimes. The EC report identified many challenges for IoT governance — namely privacy, security, ethics, and competition. In 2015, the US Federal Trade Commission (FTC) published the FTC Staff Report The Internet of Things: Privacy and Security in a Connected World. Although the report emphasizes the various benefits that the IoT will bring to consumers and citizens, it acknowledges that there are many risks associated with deploying IoT-based applications, especially in the realm of privacy and security. 

[…] 

The nature of privacy and security problems frequently associated with the IoT indicates that further research, analysis, and discussion are needed to identify possible solutions. First, the introduction of security and privacy elements in the very design of sensors, implementing Privacy by Design, must be taken into account for outcomes such as the homologation process of sensors by competent authorities. Even if the privacy governance of IoT can oversee the control centers for collected data, we must develop concrete means to set limits on the amount or nature of the personal data collected. 

Other critical issues regard notification and consent. If, from one side, it’s true that several sensors are already collecting as much personal data as possible, something must be done to increase citizens’ awareness of these data collection processes. Citizens must have means to take measures to protect their rights whenever necessary. If future scenarios indicate the inadequacy of a mere notice-and-consent approach, alternatives must be presented so that the individual’s autonomy isn’t eroded. 

As with other technologies that aim to change human life, the IoT must be in all respects designed with people as its central focus. Privacy and ethics aren’t natural aspects to be considered in technology’s agenda. However, these features are essential to build the necessary trust in an IoT ecosystem, making it compatible with human rights and ensuring that it’s drafted at the measure, and not at the expense, of people. 

(Source: https://cyber.harvard.edu/~valmeida/pdf/IoT-governance.pdf Retrieved on January 23rd, 2018)  

(Source: http://www.information-age.com/approach-cloud-computingcyber-security-2017-123466624/ Retrieved on January 26th, 2018) 

How to approach cloud computing and cyber security in 2017

The adoption of cloud computing has been on the up since as far back as 2008, when a survey conducted by the Pew Research Institute found that cloud services were used by nearly 69% of Americans. Since then, the industry has experienced hypergrowth and exceeded the already vast predictions of how big it would become. 

IDC predicts that the cloud computing market in 2017 will be worth $107 billion and, according to Gartner, by 2020 a corporate ‘no-cloud’ policy will be as unusual as a ‘no-internet’ policy would be today. Indeed, it would be difficult to imagine an organisation in 2017 that did not use webmail, file sharing and storage, and data backup.

As the use of cloud computing spreads so does awareness of the associated risks. At the time of writing, there have been 456 data breaches worldwide this year according to the Identity Theft Resource Center (ITRC). The ITRC also noted a 40% increase in data breaches in 2016 compared to the previous year. Yet, despite the well-documented cases of data breaches, organisations continue to invest in and adopt cloud computing services because the benefits usually outweigh the risks. 

To understand why the growth of cloud computing has continued in the face of high-profile data breaches, look first to what it can offer an organisation.

Cheaper, bigger, better 

Cloud computing is a virtual environment that can adapt to meet user needs. It is not constrained by physical limits, and is easily scalable – making it an obvious choice for start-ups. Cloud computing makes state-of-the-art capability available to anyone with an internet connection and a browser, reducing hardware and IT personnel costs. 

Cloud services and software applications are managed and upgraded off-site by the provider, meaning organisations can access technology they would not have been able to afford to install and manage on their own. The popularity of the cloud essentially comes down to its provision of advanced, nextgeneration IT resources in an environment that is cheaper and more scalable than local networks. 

The risks involved with cloud computing are mostly securitybased. Clouds are often made up of multiple entities, which means that no configuration can be more secure than its weakest link. The link between separate entities means that attacks to multiple sites can occur simultaneously. When cloud providers do not employ adequate cyber security measures, those clouds become a target for cybercriminals. 

Yet, it’s not all bad news. A user survey conducted by one cloud service provider found that concerns about security fell to 25% compared to 29% last year. And as more becomes known about security risks so too does our knowledge around what organisations can do to protect themselves. 

(Source: http://www.information-age.com/approach-cloud-computingcyber-security-2017-123466624/. Retrieved on January 25th, 2018) 

(Source: http://www.information-age.com/approach-cloud-computingcyber-security-2017-123466624/ Retrieved on January 26th, 2018) 

How to approach cloud computing and cyber security in 2017

The adoption of cloud computing has been on the up since as far back as 2008, when a survey conducted by the Pew Research Institute found that cloud services were used by nearly 69% of Americans. Since then, the industry has experienced hypergrowth and exceeded the already vast predictions of how big it would become. 

IDC predicts that the cloud computing market in 2017 will be worth $107 billion and, according to Gartner, by 2020 a corporate ‘no-cloud’ policy will be as unusual as a ‘no-internet’ policy would be today. Indeed, it would be difficult to imagine an organisation in 2017 that did not use webmail, file sharing and storage, and data backup.

As the use of cloud computing spreads so does awareness of the associated risks. At the time of writing, there have been 456 data breaches worldwide this year according to the Identity Theft Resource Center (ITRC). The ITRC also noted a 40% increase in data breaches in 2016 compared to the previous year. Yet, despite the well-documented cases of data breaches, organisations continue to invest in and adopt cloud computing services because the benefits usually outweigh the risks. 

To understand why the growth of cloud computing has continued in the face of high-profile data breaches, look first to what it can offer an organisation.

Cheaper, bigger, better 

Cloud computing is a virtual environment that can adapt to meet user needs. It is not constrained by physical limits, and is easily scalable – making it an obvious choice for start-ups. Cloud computing makes state-of-the-art capability available to anyone with an internet connection and a browser, reducing hardware and IT personnel costs. 

Cloud services and software applications are managed and upgraded off-site by the provider, meaning organisations can access technology they would not have been able to afford to install and manage on their own. The popularity of the cloud essentially comes down to its provision of advanced, nextgeneration IT resources in an environment that is cheaper and more scalable than local networks. 

The risks involved with cloud computing are mostly securitybased. Clouds are often made up of multiple entities, which means that no configuration can be more secure than its weakest link. The link between separate entities means that attacks to multiple sites can occur simultaneously. When cloud providers do not employ adequate cyber security measures, those clouds become a target for cybercriminals. 

Yet, it’s not all bad news. A user survey conducted by one cloud service provider found that concerns about security fell to 25% compared to 29% last year. And as more becomes known about security risks so too does our knowledge around what organisations can do to protect themselves. 

(Source: http://www.information-age.com/approach-cloud-computingcyber-security-2017-123466624/. Retrieved on January 25th, 2018)