Privacy is often presented as a key issue that must be addressed should the Internet of Things ever reach its full potential (along with security, interoperability, governance, skin rashes from wearables, etc).
IoT privacy concerns seem to fall into 4 categories - worries about:
The risk of personal data, if collected appropriately
Being compromised/breached by a malicious attacker
Being inappropriately used by the party that collected it
Being inappropriately shared with another entity
the risk of personal data being inappropriately collected
Where 'appropriately' is shorthand for 'in a manner that followed appropriate regulations and with the user's knowledge and informed consent'.
As I see them, these four different concerns tease out different interpretations of privacy.
The last concern reflects our fear of a surveillance state of CCTVs, Google Glass, thermostats and countless other sensors constantly monitoring us. It is consistent with the 'right to be let alone' interpretation of privacy, as argued by US Supreme Court Justice Louis Brandeis. Other than relying on Tor for online interactions and wearing a mask when going outside, the defenses against this concern are mostly non-technical, ie government regulations, rules against phones in the dressing room, etiquette & societal norms governing when to wear Google Glass, etc.
I'd argue that the first concern is actually a security risk and not a privacy risk. As I see it - it is a security breach when both the user & data custodian are 'surprised' and disappointed, it is a privacy breach when only the user is. But let's put that aside for now because, for many, security & privacy are intertwined. The corresponding privacy interpretation would be akin to the Hippocratic 'First, do no harm' of medicine, ie "don't lose my stuff".
The first, second, and third concerns are of course what users already confront today in their interactions with online providers. Users fear that the identity attributes and personal information provided to those providers will either be hacked, knowingly and intentionally monetized, or sold to some unknown 3rd party for nefarious purposes.
The second and third concerns hilite another privacy interpretation, that of the user 'being in control' over their own data. It's this interpretation that says the Faustian bargain we make with the likes of Facebook (where we tell them our innermost secrets and they advertise to us accordingly) is perfectly fine from a privacy PoV, just so long as we are told *how* it will be used and shared and, ideally, are given means to fine tune the permissions we assign them.
Along that line, Facebook recently announced support within Facebook Login for more fine-grained authorizations as to how a user's account data is shared with 3rd party apps they connect Facebook to.
Contrast this to the previous model of a user's authorization of some 3rd party site to access their Facebook data being a binary all-or-nothing decision. As important as such granular consent controls are for tweets & cat pics, they will be critical for the IoT - ensuring users stay in control of their toast-browning metrics, fridge crisper temperature patterns, and all the other data generated by IoT sensors.
IoT arguably amplifies the potential for users losing control because many of the interactions between things & applications will occur without real-time user involvement - the Nest Protect detecting carbon monoxide and sending an 'Off' signal to the furnace, the HA system closing the garage door when it detects nobody is in the house, etc. These are of course the sorts of IoT scenarios that promise to qualitatively change our lives, and not simply quantitatively ease some of the associated burdens. But the fact that they need to happen without our active participation hilites the importance of the user being given a clear, intuitive and granular UX when initially authorizing such subsequent interactions.
On today's Internet, users have become familiarized with authorization ceremonies with the logic of 'I consent to Web Site/Application X to perform operations A & B against my D, E & F data'. Ensuring users stay in control of their corner of the IoT will require we port the above consent ceremony to 'I consent to the Nest Protect to perform operations 'turn on/off' against Acme Furnace Model 312' and all the other device-to-device interactions implied by the IoT.
And remember that the above Facebook UI and the user's consent is actually manifested in the issuance by Facebook of an OAuth security token to the requesting application. The application presents this token to Facebook whenever requesting the user's data and so proves it is operating with the user's consent. Beyond the relevance of the authorization UI itself, there is some early work examining the potential for applying the security protocols that underlie the above Facebook UX (like OAuth & OpenID Connect) to the protocols expected to form the IoT architecture (like MQTT, CoAP etc). Watch this space.
Privacy will indeed be critical to the IoT. But as IoT arguably doesn't introduce new privacy concerns, but merely amplifies existing concerns, the authorization models & identity standards we've developed over the last few years to enable privacy for the existing Internet are likely to apply.