Consumers Agree: Fix IoT Security and Privacy for Market Growth

As we greet the New Year (Happy New Year everyone!), like every year the tech industry starts things off with a bang at the annual CES show. This year, with introductions of everything from new AI technology for connected cars to talking sunglasses, the consumer electronics industry is looking for their next big market. And, it’s clear that consumer IoT (Internet of Things) is the theme of CES 2016. So, it’s not surprising that the consulting firm Accenture picked this time to release an international survey of consumers’ attitudes toward IoT. The Accenture survey shows what many in the industry have been pointing out for a while; for the consumer IoT market to really take off, security and privacy concerns have to be effectively addressed.

Accenture surveyed 28,000 consumers in 28 countries in October and November, 2015. They found that consumer intent to purchase such IoT products as smartwatches and fitness monitors in 2016 was around 7 to 13 percent, with little change compared to 2015. This relatively tepid enthusiasm can be explained by the perceived barriers, the first being cost with 62 percent of consumers feeling IoT products were still too expensive. The second, though, is the security and privacy risks of these products, with 47 percent of consumers citing this concern. In the expected high-growth markets of China and South Africa, security and privacy risks were cited by 58 percent of those surveyed.

Most likely consumers have been influenced by the spate of news stories about actual security and privacy risks found in the IoT products in the market today. Wired Magazine has a good roll up of some of the more egregious incidents in 2015, including a demonstration of the remote takeover of a Jeep Cherokee and security holes found in smart refrigerators and dolls. A poll of U.K. based security experts found that 75 percent felt that IoT device manufacturers were not implementing appropriate security measures.

Consumers are not the only ones concerned; IoT privacy and security concerns have reached the government level as well. In Fall 2014, an organization of the European Commission released an opinion on IoT privacy, followed by the Federal Trade Commission (FTC) in January, 2015. In December 2015, the U.S. Department of Homeland Security (DHS) put out a call for startups in Silicon Valley and others to help develop IoT security.

Some of the issues with IoT security can be attributed to the fact that many companies now getting into the market are ones that haven’t had much reason to worry about computing security in the past. This makes it even more urgent for the IoT industry to move on and create appropriate standards and best practices for security and privacy. There are, in fact, quite a number of standards consortiums and industry organizations working on this issue. Of course, we recognize that hastily cobbled together standards could lead to even more potential problems down the road. Still, given the threats to today’s consumers and tomorrow’s corporate profits, it seems a wise course for industry participants to commit even more resources in hopes of speeding the process along.