IoT Privacy & Security Within the Home: Why You Should Care
Last month at WWDC, Apple announced their intention to use Differential Privacy in the next version of their iOS mobile operating system, iOS 10. Unlike Google and Facebook, whose business is to know more about you, Apple sells hardware, and does its best to not gather data about specific users. By employing clever techniques like Differential Privacy, Apple is able to get valuable statistical trend data to improve its products without prying into the lives of its users. We very much side with Apple on caring deeply about the user and their privacy. This is a step in the right direction for Apple, though they and other companies can do more still.
So, what’s the big fuss with gathering information about users? Consider the recent celebrity photo hack. Even the best-designed, secure cloud systems are susceptible to hacks, often at the mercy of social engineering attacks like phishing. Privacy becomes an even bigger deal when we start talking about Internet-connected IoT devices in the house, like a Wi-Fi connected camera. These devices are always on and always streaming video from inside your house to the cloud. If someone stole your password or even just guessed it, they could see into your home without you knowing. This is already happening, and yes, it is as scary as it sounds.
There is hope still
This insecure world of IoT devices is what drove us at Silk Labs to design the Silk platform with user privacy and security as the first priority. We achieve this in two ways:
Data is processed on the device, not in the cloud.
All user data leaving the device is end-to-end encrypted.
Today’s connected products are getting smarter. Cameras can examine a video to discern a person from a pet from a car. This added intelligence is a benefit for users, but it cannot come at the cost of user privacy. Whereas many of today’s solutions are happily streaming the video feed to the cloud for processing, the Silk platform protects the user by processing the data locally. Our deep learning intelligence algorithms are sophisticated enough to run on the device itself! By keeping the data on the device and out of the cloud, user privacy is maintained.
But what if you need to access your data when you are away from home? Say you want to see the video feed of your internet-connected camera. We've got you covered here, too. For this, we use end-to-end encryption. What this means is that all data that leaves the device is encrypted with a key that is only shared with your trusted smartphone. Even if someone were to guess your password and login to your account, their smartphone would not have the special key to decrypt and view your video. Only you and your smartphone -- not even Silk Labs -- can access your private video.
A secure future is not far off
The future of intelligent IoT products can be very scary if companies do not design security into every aspect of their product. This problem will only get worse as more and more devices become smart andconnected. Fortunately, products can be designed to protect the user’s data, from differential privacy to keeping the data on the device to end-to-end encryption.
The Silk platform has been designed with this level of security in mind. It is open-sourced and available for OEMs to use as the basis of their connected products. We welcome developers and OEMs alike to join us in building a safe and secure IoT future.
-The Silk Labs Team