General Presentation

From Wiki IoT
Jump to: navigation, search

The Internet of Things can be defined as the technological phenomenon by which billions of items – often, traditional items – are equipped with sensors, actuators, embedded computational capabilities and connectivity, in order to communicate among themselves and with people and enable a remote and/or automated monitoring and command of environments. Potential applications of IoT are unlimited, and a lot of them have already been implemented: all the sectors – Public/Administration, Industrial/Business, Consumer – have been touched. But the phenomenon is destined to grow: according to Gartner, in 2020 the connected objects will be 26 billions, not to mention computers, smartphones and tablets, and “consumer applications will drive the number of connected things”. Therefore, we are going to concentrate our investigation on what can be defined as the “Internet of Consumer Things”. With this expression, we identify those IoT products which are marketed as consumer-oriented products (regardless of the possibility or not to qualify the actual particular purchaser as a “consumer” in the juridical sense of the term). These IoT products presents three main classes of challenges, challenges which are almost absent when dealing with their dumb counterparts:

  1. Usability challenges. The IoT products that we find today on the market show a main peculiarity: in order to be usable by the consumer as smart items, the hardware (i.e. the item with its sensors and actuators and its processor) and the embedded software are not sufficient; indeed, they need to be intertwined with what is usually defined as “service” (e.g. cloud storage and processing, web and native apps, account). An “IoT product” can then be seen as the sum of the hardware, the software and the “service”. Therefore, there is a risk of contrast between the never-ending nature of the ownership the consumer can acquire on the hardware part of the IoT product, the ownership issues concerning the software part (not only the embedded software, but also e.g. the native apps) of the product (issues related to the juridical qualification of the End-User Licence Agreement which usually accompanies software), and the precarious nature of the “service” provided. Not to mention the power – that the product provider often confers to himself – of remotely affecting consumer's usability of the product. To these issues, we must add the problems related to the consumer's re-usability of the data collected by the product.
  2. Safety challenges. IoT and Big Data are two phenomenons that mutually enable each other (Big Data highly relies on IoT for data collection; IoT needs Big Data – and Big Understanding of it through Artificial Intelligence (AI) – to carry out most of its functionalities): this causes privacy and data protection issues, as well as information security issues (confidentiality, integrity and availability of information). Moreover, in the IoT – given that the Internet and the digital come in the material dimension – information technologies (IT) are intertwined with operational technologies (OT): this means that IoT products' weaknesses and deficiencies may harm not only information security, but also material security of consumers.
  3. Personality challenges. The use of IoT products may impair consumers' personality: the causes can be especially found in the remote and automated control of environments they enable. Indeed, remotely controlling an environment through an IoT product means relying on its “perceptions” to make decisions (with the term “perceptions”, we refer to the data collected by the sensors and possibly to the results of its processing by the local or remote data analytics functionalities of the product): this may affect consumers' internal autonomy. Then, the automated control of environments by the product may impair consumers' external autonomy (the product takes decisions and acts on behalf of the consumer), identity (the product may take decisions on the basis of a consumer profiling, profiling which may not correspond to the actual identity of the consumer) and freedom (when the consumer can't choose to stand in for the product). Furthermore, if the attitude of relying more and more on IoT products, on one hand, can be seen as a consumer empowerment, on the other hand can progressively impair consumer's competence.

Our project is going to focus on the first class of challenges illustrated, the usability challenges, taking into account the issues concerning the two other classes only when a relation with usability challenges is found. Nonetheless, in the future we may look after safety and personality challenges raised by the Internet of Consumer Things.

GENERAL SCHEME OF THE IoT ANALYSIS

  1. Selection of the use case to analyze.
    1. What IoT consumer-oriented product are we going to examine?
    2. Identification of the elements of the product chosen (hardware, software, apps, account, cloud storage and processing, data).
  2. Identification of the usability level of the product chosen.
    1. Identification of the contractual characteristics of the product (→ consumer's ownership).
      1. Identification of the contractual terms and conditions which apply to each element (at this step of the analysis, we will take into consideration the legislation only in so far as its predominance on what established by the parties is self-evident).
      2. Juridical qualification of the contractual relationship established by those contractual terms and conditions between the provider and the consumer.
      3. Identification of the extent of the right of ownership on the product established by those terms and conditions.
    2. Identification of the technical characteristics of the product (→ consumer's corpus possessionis).
      1. Identification of the duration of the role of the product provider with relation to the provision of each element (momentary vs. recurring/continuing).
      2. Identification of the necessary or non-necessary nature of the relationship between each of the elements of the product (do I need the all three types of elements to make the overall product work? and, if yes, do I need these particular “branded” elements to make the overall product work?).
      3. Identification of the actual material power the product provider has to affect the consumer usability of the product purchased (can he impede the product enjoyment, e.g. through remote access, through TPMs, etc.?).
      4. Identification of the actual possibilities consumers have to dispose of their data (access, cancellation, preservation, portability).
  3. Identification of the level of transparency implemented by the IoT product provider (N.B. The level of transparency depends not only on the clarity of the content of the terms and conditions, but also on where these terms and conditions are placed, on the modality the business-to-consumer transaction is carried out, on advertising etc.).
  4. Verification of the extent of the gap between what consumers expect to and what they can actually carry out with the product.
    1. Illustration of the factual and juridical operations the consumer expects to carry out with the product (on the basis of the level of transparency implemented).
      1. Enjoy the product for an unlimited period, technological progress permitting.
      2. Use the device (device = hardware+software) in combination with a third-party service (additional or alternative).
      3. Delete or obtain the deletion of his data from the device and/or from the account (account = the telematic “service” associated to a particular consumer).
      4. Reuse the data (preserve them, use them in combination with other services, sell them).
      5. Sell the device.
      6. Sell the device and transfer its copy of the native app that enable its use.
      7. Sell the device and transfer the account.
    2. Illustration of the juridical and factual operations the consumer can actually carry out (on the basis of his ownership and corpus possessionis).
      1. For each desired operation illustrated above, examination if it is possible or not.
      2. If it is not possible, clarification if this is due to contractual reasons, technical reasons or both.
  5. Repetition of the above-illustrated analysis in relation to other use cases.
  6. Verification if the existing legislation could reduce the gap between what consumers expect to and what they can actually carry out with the product.
    1. Can the existing legislation increase consumer's ownership? (e.g. rules for the juridical qualification of IT contracts may be applied to try to make the IoT contractual terms and conditions fairer for consumers or to apply particular bodies of law, for example the Consumer Sales Directive)
    2. Can the existing legislation increase consumer's corpus possessionis? (e.g. data protection legislation can help for data deletion and data portability; competition law may help the freedom of choice among differently branded services)
    3. Can the existing legislation increase transparency? (e.g. the provisions of the Consumer Rights Directive may increase the transparency concerning interoperability and functionality of the product)
  7. Suggestion of a business model (e.g. terms and conditions, cloud-avoiding products, modalities of the contractual transactions, technical architectures, publication of collected non-personal data in an organized form in order to enable an interdisciplinary IoT standardized vocabulary through RFID, Digital DIY, mandatory symbols on items) able to reduce the gap between what the consumers expect to and what they can actually carry out with the product.
    1. Suggestions for an improved ownership.
    2. Suggestions for an improved corpus possessionis.
    3. Suggestions for an improved transparency.