Data Privacy and Governance in IoT and Smart Homes
Smart homes rely on IoT for communication between devices, apps, and people.
IoT data coming from the simplest home automation products could be used to derive significant insights. It could range anywhere from a person’s schedule based on wake up/sleep settings, to the time they are back at home; personal mood insights based on lighting settings and choices; the time the person eats his meals; usage of appliances like microwaves/ovens, television sets, etc. Together, these data points can provide correlated insights that can develop a personally identifiable digital profile.
With digital identity of people susceptible to data threats and hacks, total reliance on cloud-based third party service providers and central servers is no longer a safe option for consumers.
Service Providers are expected to provide uninterrupted smart home services that draw inputs from personal and private data. They need access to such information to fulfill a routine or service.
This brings us to recap and question the dependency on cloud to deliver smart home services.
Storage on Cloud
Let’s summarize the world’s centralized story until now.
Centralized servers on-the-cloud that store, retrieve, and share data are managed by third-party service providers.
In Spite of their best intentions of securing their servers and databases, service providers are subject to data breaches that are an inherent part of software engineering.
Internet users lose control of their own private data and information that was stolen during the data breach is sold off on data exchanges for advertising. Using COCO’s Device SDK you can design your IoT solution with the flexibility that enables you to balance the right combination of storage on cloud and storage on device keeping privacy and long term storage needs in mind. Additionally, you can provide consumers complete control over granting/revoking the access of their IoT device data to 3rd party apps, and other users.
Own Your Data: empowering data owners with COCO
COCO — an Internet of Everything (IoE) platform enables app developers and device makers to safeguard users’ right to data privacy by circumventing the fundamental flaw of the centralized approach of streaming to the cloud in most connectivity architectures today.
COCO empowers data owners to build and use Decentralized Communication Networks that are immune to data breaches and identity thefts by eliminating any central point of failure. The platform also enables the owners of a network to control the data generated within the network.
User consent, data access, and storage have been critical areas of focus for international data privacy legislation. A Smart Home platform encouraging decentralized communication networks can facilitate tuning into privacy at different layers of customer experience.
Proactive approach for data ownership
Personal data collected via IoT or a smart home could be video footage, energy meter data, heart rate, about when you sleep or who you sleep with. By separating out data storage from software services, COCO continues to provide the freedoms of data exchange on the internet, while maintaining the anonymity of the network owner. This ensures ownership to the users participating in the network, giving them more control, privacy, and independence. This design proactively prevents data breaches, loss and mishaps as prescribed by international legislations such as GDPR, CCPA, Data Protection Act, other rules, and regulations.
No Central Point of Failure with Mesh Topology
Using a Mesh Topology architecture inherently implies that there are no central points of failure. Essentially there is no central server storing all the data generated in the network, making it near impossible for data breaches and data theft attempts. It is resilient to disruptions like public internet outages and node malfunctions, as it inherently provides more than one pathway for the data to be transferred from the sender to the receiver.
Eliminate MITM with Encrypted & Secure technology
COCO’s Smart home platform built on a decentralized hybrid P2P architecture uses well-established security standards for encryption and data transfer. All data transfer operations are encrypted with a unique encrypted key generated during the connection between the two nodes. The COCONet enables security via the use of ECDH for key exchange, ECDSA for message signing, and ChaChaPoly-1305 for the encryption algorithm. This eliminates MITM (man-in-the-middle) attacks and empowering the data owners to control their network.
Personal Identity Uncompromised with the anonymous exchange of data
COCO’s architecture separates data storage from software services and lets the network owner choose the applications and devices with which they intend to share data. Though the apps and devices themselves could be bad actors and aggregate the owner’s data from within the network to central servers controlled by them, the identity of the data owner is never shared with the service apps and devices. This ananomizes all data exchanges between the services and protects the privacy of the data owner.
Bring your smart idea to market
Develop a customized IP using COCO SDKs which will help you leverage options between on-prem and SaaS hosted solutions on the public cloud. Ready-to-deploy SDKs help you develop your own intellectual property (IP) and scale your solutions with flexibility. Read Further