Roadmap for the Emerging IoT
FELL M., MELIN H., Roadmap for the Emerging IoT, Carré&Strauss, 2014
|Topics||Business Model, Competition, Consumer, Data Protection, Property, Security, Information Security, Technology, Interoperability|
IoT --> XaaS (Everything-as-a-Service) --> Everything-at-Your-Service
Privacy, property, security and competition have to be safeguarded.
To realize an Everything-at-Your-Service reality, we have to defeat watered-down ownership, market segmentation and locked-in services. We need to equip consumers with the necessary powers and rights, and to identify and guarantee their interests, because it’s consumers’ free power of informed choice and active market participation that can drive European economy towards an Everything-at-Your-Service future.
(NB about locked-in services: The WP29's Opinion about privacy and IoT depicts this user lock-in situation (pp. 19-20). For the Working Party, this attitude prevents the effective exercise of the right of access granted to individuals by art. 12(a) of the Data protection Directive. The draft General Data Protection Regulation wants to introduce the right to portability. Moreover, for the IoT Expert Group, in its Final Meeting Report, p. 10, says that locking-in is also a danger for competitiveness, because some service providers can emerge as leaders, reducing consumers’ choice and perhaps leading to situations of factual monopolies.)
Highly fluid value chain (value chain = series of activities that add value to final product), because stakeholders try to place themselves in strategically in the IoT value chain, in order to share the maximum amount of value. The value chain should ultimately deliver enhanced value to the end consumer. Solutions offered by IoT should thus be useful (marketing + engineering), usable (engineering + design) and desirable (marketing + design): this result can be joint intertwining the disciplines of engineering, marketing and design.
In 2012, the European Commission explored IoT, but with modest results.
IoT is rapidly emerging: the number of devices connected to the Internet is rapidly increasing, because they are more and more small, cheap and wireless.
We have different definitions of IoT.
- Physical object + sensors, actuators, controllers + Internet.
- Internet of Everything (IoE): networked connection of people, process, data and things.
- Industrial Internet.
- Smarter Planet, Cities, etc.: instrumented, interconnected and intelligent organizations and societies.
- Embedded Internet.
- Machine-to-Machine (M2M).
Billions of smart connected objects Big amounts of data Useful actions that can control and command things to make our lives easier and safer and that can improve sustainability.
IoT has the potential for a great economic impact.
Fusion of both product and service: we are switching to a reality of XaaS (SEE ISTAG Report, p. 12: it defines the aggregation of products and services as the creation of "end-to-end-solutions"; products will not disappear, but they will be embedded in solutions). Every product is connected to a service system, and every system relies on products that deliver value to consumers. Every product and service has an interface. To deliver a brand experience to consumers, both logical and empathetic aspects have to be considered in shaping the system.
3D printing is an alternative to traditional product supply chain. With 3D printing, products will transform themselves in on-demand services: the ISTAG Report says that it is unlikely that products will disappear, but with 3D printing it may be! In the sense that products will be the consequence of a service, and not furnished weaved with the service.
IoT architecture’s backbone is formed by three building blocks (that enable XaaS):
- Sensors and actuators: they allow objects to interact with the physical environment, measuring its state or changing/affecting it (sensors = mechanical, optical, magnetic or thermal signal current and voltage processing of the data collected; actuators = current and voltage mechanical, optical, magnetic or thermal change; in the world of “Big Data”, most of the data is not user-generated, but machine-generated).
- Embedded processing: what gives smart objects their intelligence (usually embedded processing is a function realized by a microcontroller, which is a small low powered computer on a chip, only equipped with a processor and a memory).
- Connectivity and the cloud: smart object can use different communication technologies (wireless, Bluetooth, RFID, etc.) to create different network topologies (ring, line, star, fully connected, etc.); maybe surprisingly, realizing connectivity through Internet has not been the majority rule for a long time (manufacturers want to have a proprietary control on the communication standards; there was the misguided belief that specific solutions would have given better performances than the general-purpose Internet, even if, yet, it is more scalable, secure and reliable; the cost was high: today, thanks to microcontrollers, it isn’t anymore); today, there is a battle between open standards and proprietary standards, and between decentralized design and centralized control; so, a battle between the IoT (smart devices with their own IP addresses: here, IP is extended till the end of the network) and the Bitnet of Things (BoT; dumb devices wired to a proprietary controller with an Internet connection: here, devices are linked to the Internet only indirectly); the cloud supply smart objects with processing, decision-making and Internet-related services: it can be used more or less, it depends from the will of the manufacturer to allow most of the thinking to be done locally or not (here also: dumb vs. smart objects).
IoT technology backbone is made possible by IoT value chain.
Value chain of the IoT:
- The smart module manufacturers (sensors, actuators, SIM cards, etc.).
- The smart objects manufacturer.
- The network operator, who enables and manages the communication with the smart objects.
- The service enablers (clouds and platforms), that provide intelligence to the smart objects and distribute information correctly to third parties.
- The system integrators, who physically integrate the smart module into the smart object, and who integrate the smart objects with the cloud services through APIs (application programming interfaces).
- The service providers, who bundle solutions and who set tariffs, billing and customer care.
- The reseller, who markets both the smart object and the related smart services (often he is also the smart object manufacturer).
- The OTT players, who provide services over the Internet that bypass traditional distribution and so cause a disruption with traditional business models.
The value chain enables XaaS solutions that, properly executed, deliver value to end consumers.
When are XaaS solutions properly executed? And so, how should the future governance of the IoT be?
Governance = “The collection of control mechanisms that a society adopts to prevent or dissuade potentially self-interested stakeholders from engaging in activities detrimental to the welfare of other stakeholders”.
It’s important to establish a framework for the governance of the IoT, because IoT distributes significant powers to different stakeholders in the value chain, powers that can impair other stakeholders involved in the value chain (AND THE CONSUMERS!!!):
- Power over network standards (of the smart module manufacturer): if I establish proprietary standards, the risk/effect is that smart things with different standards can’t be interconnected. It’s better to use Internet to link things.
- Power over products and their distribution (of the smart object manufacturer): all the products necessary to apply a solution should be available on a given market, and their manufacturers should agree to cooperate; distribution systems and intellectual property applied by some stakeholder may impair other stakeholders and the consumers.
- Power over network traffic (of the network operator): network operators can cripple the service component of an IoT solution (net neutrality – which is the principle according to which all Internet traffic should be treated the same – may be the solution?); it may be difficult to switch from a network operator to another; it may be difficult for consumers to afford to pay for their IoT data use (e.g. a lot of smart things are mobile things, then subjected to roaming fees).
- Power over services and their “distribution” - isn’t it better to say “communication to the public” or “making available”? – (of the service enabler, the system integrator and the service provider): XaaS potentially opens sophisticated market segmentation strategies (e.g. Mini’s heated seats), also because of the smart devices’ unique identifiers, that can be employed to control the delivery of services at a very granular level (may a solution be found in short-lived and one-off identifiers? SEE IoT Expert Group Final Meeting Report). The whole notion of who owns which property rights (= to exclude, to transfer, to possess and use, to destroy) in the IoT world has to be re-examined (PROBLEMS WITH PROPERTY RIGHTS). Moreover, service enablers can decide to – for example – remove some native apps from their Stores, causing damages not only to customers, but also to service providers: a solution may be that system integrators provide availability of the apps on a multiplicity of Stores, or, as an alternative, they create web apps instead of native apps. Also PROBLEMS WITH PRIVACY (SEE WP29’s Opinion about privacy and IoT): for some people, we are over privacy (no informed consent, lack of control, etc.); for others, privacy still exists, but to have access to services they need, consumers accept to renounce to it: so, we can force third parties to throw away data, but then the services won’t work, or we can establish what third parties can do with those data. Also PROBLEMS WITH SECURITY: when objects are connected their value to potential aggressors increases, and attacks’ consequences may be huge; moreover, who is liable for the damages done?; additionally, a IoT service which is secure might not always be safe for end consumers, because it could be programmed to be secure in the interest of the society at large, whose interest may be in contrast with consumers’ interests (e.g. Google’s car).
All this issues in the IoT world can be resolved reconciling interests, determining who is right, or determining wo is more powerful: with this distribution of power among the different stakeholders involved, most of the issues are resolved through the third option. But this is a distressed system, because most powerful stakeholders take decisions that impair other stakeholders in the value chain and the end consumers. For an effective system, most of the issues should be resolved reconciling interests, and, for the issues that can’t be resolved through this way, we should find low cost ways to determine rights and power.
BALANCING POWER, RIGHTS AND INTERESTS IN AN IoT WORLD:
- Points of departure:
- We know the value chain
- We know how powers are distributed along the value chain
- We know what rights must be especially considered: property, privacy, security and competition
- We know that there are many interests at stake, and that each stakeholder can hold a plurality of interests
- We have to extend the notion of “rights” to a notion of “relationship between interests”: for every right we have to examine, we have to remember that the right owner may hold 4 distinct entitlements: rights, privileges, powers, immunities; each of these entitlements is linked to correlative counterpart: duties, no-rights, liabilities, disabilities.
- We must adopt a trial-and-error approach, because the system we are analyzing is complex and non-linear.
- A practical method to implement this trial-and-error approach is to follow – for each specific IoT instance – the cycle OODA (observe, orient, decide, act): for each step, we have to consider who is in the best place to do the activity at stake (individuals or crowds; experts, non-experts or algorithms; agents belonging to the private sector, the public sector or the civil society; etc.)
- We have, however, to remain out of the cycle, out of the loop
- We must choose a sectorial level (for example Smart Commerce??) and operate on it, instead of speaking generally of the IoT governance, too nebulous (DEFINE SCOPE)
- We must identify all the interests, rights and power at stake in the value chain (OBSERVE)
- Investigate about the configuration of these interests, rights and power: is it a distressed or an effective system? (ORIENT)
- If the system is distressed, establish what should be the objective and goals of an effective system (DECIDE)
- Is there place for an intervention in the system? When should we intervene? How should we intervene? (ACT)