Getting to grips with the data created by the Internet of Things

It’s time to consider the ramifications of the data flood that the Internet of Things (IoT) is helping to create. There are privacy, security and sustainability concerns that we need to address.

By 2025, the world is expected to create 463 exabytes of data every day. An exabyte is one billion gigabytes or, to put it another way if your phone has 512 gigabytes of storage capacity, then you would need almost two million of them every day to contain all that data!

Notice that I didn’t say people will create that data. Instead, I said 'the world is' creating it because lots of data today is generated by devices themselves. There are around 27 billion IoT devices in the world - climate sensors, smart speakers, fitness monitors and more - all generating data, which is usually sent to the cloud for storage.

The benefits are enormous, and I have written about some of them before. However, all this data does raise questions about ownership, security, and sustainability.

Who owns the data?

From an individual point of view, it has become very difficult to know how much data is being collected about your routines, preferences, contacts and more. To take just one example, your smart TV might be passing on data about your viewing habits to advertisers. It might even be connecting to other devices in the house, such as smartphones, to enrich that information even further.

There are laws, including the EU’s General Data Protection Regulation (GDPR), that give individuals rights to see what data companies hold about them and provide the power to move that data to other services or have it deleted. However, it can be hard for individuals to find out who even holds the data.

If there is more data available, it is understandable that companies would want to put it to work. GDPR rules say that companies can only use data for the purpose for which it was collected but there can be grey areas. Can an insurance company use data collected from the telemetry box in your car to inform its decisions about other insurance products? If your driving data shows that you drive too fast and brake too late, then that information would certainly be relevant when you applied for life insurance. To use it that way, though, could be a privacy violation.

Keeping the data secure

More data also means more data to keep secure, for both individuals and companies. If a farm uses smart soil sensors that have a security flaw, what happens when a hacker gains access to the farm’s network and steals commercial data from unprotected folders? Is the device manufacturer to blame for the flaw or is it the farm’s responsibility for not having comprehensive network security?

The last couple of years have seen ransomware attacks on healthcare providers that have resulted in sensitive medical data being stolen and published online. The IoT allows for vastly more personal data to be collected from sensors and stored, not by healthcare companies but by tech firms, retailers, and HR departments. Suddenly the hackers have more targets available, with varying degrees of security expertise and competency. It seems likely that more of this data will be leaked in future.

As we are creating this data, we must consider privacy and security. These aren’t new topics. Even securing the IoT is a well-worn topic by this point. However, the more data we create, the greater the risk. More devices mean a greater attack surface, more targets, and more kinds of data to go after.

Data storage and sustainability

All this data has to be stored somewhere, usually in the cloud. We tend to think of cloud storage as a space that’s effectively infinite. Why not store everything we create when storage is so cheap? But the cost isn’t just financial; there is a sustainability cost too.

Data centre use has increased six-fold over the past decade. That isn’t only driven by IoT use, of course. Artificial intelligence, mobile phone use, increased cloud adoption and even cryptocurrency are all driving demand for data storage. Data centres use power not only to run the servers and switches and to keep the lights on, but also to keep the whole operation cool. All those servers generate a lot of heat.

Many data centres consume a lot of water for cooling, too. The Wall Street Journal reports that California’s data centres “consume roughly as much water in a year as 158,000 Olympic sized swimming pools”.  There is no sign that this will slow down. Once all our cities are smart, as well as our cars, homes, and offices, how much energy will be consumed in saving all this data?

Changing how we think about data

Fortunately, data centres are becoming greener. Newer ones are designed to consume less energy, such as by rearranging the positioning of servers to make it easier to clear out warm air, or by switching to flash storage, which generates less heat.

However, our default position of storing everything also needs to change. One way to limit the privacy and security risks of data is simply to destroy it once it has outlived its purpose. We can also reduce the amount of data we collect. A smart car might only need to monitor its tyre pressure every 10 seconds, instead of every second, for example. Regulations such as GDPR are already pushing organisations towards not collecting and storing unnecessary data.

If all of this sounds bleak, it’s worth remembering the benefits that IoT devices bring. They can help make us healthier, safer, and more efficient. We might have to use energy to store the data they create but they will help us to save energy too by giving us a better picture of how we use water, gas, and electricity. So, we should not reject their benefits simply because there are some risks. What we should do is rethink our relationship with data.