Measuring rewards and risks: data security and privacy in an IoT world

The Internet of Everything (IoE) – a topic about which MachNation has written all year — is the evolution of technology, business strategies and human-to-technology engagement in ways that re-invent how organizations deliver value. It is a global transformation that impacts public and private sector organizations. The emergence of the Internet of Things (IoT) – as a key component of the IoE — is driving market attention to the business opportunities afforded by connecting physical objects to the Internet. [See Note i]

The IoE has the potential to create new industries and businesses, address issues of global environmental importance, bring economic stability to unstable nations, educate populations in new ways,  and fuel myriad other public- and private-sector endeavors. Much societal and private-sector benefits can come from the IoE.

In this connected world – a world where countless things are tracked, monitored and controlled — we must carefully balance issues of data security and privacy against the value of the solutions to society.  Modern corporate social responsibility must include self-imposed data security and privacy principles. This is what a new initiative from 14 enterprises in Germany is aiming at. This initiative called “The Charter of Digital Networking” recognizes that IoE cannot be separated from the overall digitalization of our societies – it is a fundamental part of it – and will have transformational effect to all involved. “We weigh social opportunities and risks against each other,” states Principle 3 of the Charter of Digital Networking [see Note ii] signed in Hamburg by 14 enterprises and submitted to German Chancellor Angela Merkel. We have a responsibility to protect the data generated by IoT solutions and secure the solutions end-to-end. We also have a responsibility to carefully and thoughtfully create these data by connecting the unconnected. According to MachNation research, IoT will be a USD4 trillion industry by 2024.

Figure 1: Balancing the Internet of Things [Source: MachNation, 2014]

Security and value scale

Data privacy – a serious issue

Issues of data privacy and security must be addressed in the new IoT world. In the not-so-distant future, we will be mashing-up personal data with machine-generated data to offer new services to new segments of the market. Anyone with access to these data mash-ups will have the potential to infringe on personal, corporate and governmental privacy on a daily basis.

Security breaches or violations of privacy have a material impact on the world. We have certainly seen recent high-profile cases of corporate cyber-attacks that create tremendous economic costs for society. Credit card breaches are just one example of security and privacy breaches that impact us. Recent government usage of personal data for national security purposes is another public case that brings issues of privacy and security to heightened attention and calls into question some of the very fundamental tenants of a governments’ rights in countries based on individual freedoms. We must carefully consider issues of privacy and security in the hyper-connected world.

Improvement of society – a serious issue

Yet we also recognize that access to and sharing of data during the Internet era has led to phenomenal advancements in all fields of sciences, arts and industry. Broadband access and the real-time availability of data has made the collective knowledge of humankind available to virtually every Internet-connected individual.

In the next Internet era – the Internet of Things era – knowledge will multiple exponentially. We will connect things – cars, trucks, water pumps, corn fields, mining equipment, animals and factory equipment – to allow us to better track, monitor and control these assets. The data generated will help us improve processes and better our world and economies. The data generated by these things combined with data from other sources will provide us with insights not previously recognized.

The balance we must create

MachNation believes that the concepts expressed in the Charter[iii] recognize the trade-offs between the needs for privacy and security and the opportunity for increases in social and corporate good. We have an obligation to protect personal data, especially as those data are combined with data from other sources. Data protection laws should be clear, uniform and consistently applied to all public and private sector organizations.

We should have open and interoperable architectures that allow for the rapid advancement of IoT solutions. Innovation more readily happens when companies and people can create solutions that interoperate and are built on open platforms.

We need standards for data formats. Currently, there are no standards for the data delivered from end-point devices to application enablement platforms, applications and analytics tools. This means that implementers of IoT solutions must carefully understand and in many cases manually configure upstream systems to handle many different data formats. A standard to help in the consistent formatting of data would remove costs in the development of IoT solutions and spur more innovation.

Finally, we need to use and improve upon enterprise and carrier-grade security and networking solutions in IoT deployments. In the past, many connected asset solutions had been adopted by operations functions within an enterprise. These solutions – whether factory automation, smart metering, industrial asset tracking, fleet monitoring or other – have not always received the same levels of enterprise security scrutiny as more traditional technology like PCs, laptops, desktop computers and servers that IT departments manage. Technology adopted by operations technology (OT) departments should use the same enterprise and carrier-grade security and networking as traditional technology deployed by IT departments.


In an IoT world we must carefully balance data security and privacy needs against the value that these solutions provide to society and businesses. Some of the fundamental building-blocks of technology are merging to allow a more rapid deployment of IoT solutions. But we must ensure that consumer, enterprise and governmental privacy laws are fully supported and that IoT solutions have the same level of enterprise and carrier-grade security and networking as more traditional IT technology. Spurring the deployment of IoT by addressing data security and privacy concerns will yield tremendous value to society and businesses.



[i] “The Development of the Internet of Everything,” June 2014, MachNation.

[ii] “Charta der digitalen Vernetzung,” Hamburg, 21.Oktober 2014. Charter initiators were representatives from Alstom, BITKOM, BMW, Bosch, Cisco, Cumulocity, Deutsche Bahn, Deutsche Telekom, Hasso Plattner Institut, Intel, Oracle, RWE, VATM and Vodafone. Principle 3 reads (in original language), “Wir suchen den offenen Dialog über alle Branchen und gesellschaftlichen Gruppen hinweg, um gemeinsam den technologischen Fortschritt im Sinne der Gesellschaft voranzubringen. Dabei wägen wir gesellschaftliche Chancen und Risiken gegeneinander ab.”

[iii] ibid

Scroll to top