Last week CONTEXT hosted the retail segment of the Smart Homes & Building Association (SH&BA) ‘Smart Home Breakthrough’ summit. The event brought together leading technology providers, retailers, academics and industry bodies to discuss privacy and security in the smart home. It was a groundbreaking day with an exchange of varying perspectives from retailers, consumer associations, industry, Government and academics about how we approach the increasingly connected home, the data that it generates, and what this all means for the end-consumer.
Cyber security in the smart home is an increasingly important topic that will underpin the smart home breakthrough. CONTEXT recently participated in Sky News’ technology show Swipe to discuss this, and the key message is that consumers need to acquire both the confidence in the technology, and learn about their responsibilities for protecting their data and their privacy. This is brought into sharp relief because of continued company data breaches.
So in preparation for the summit, we developed an industry manifesto aimed at manufacturers and services providers. The manifesto formalises much of the current discourse on smart home security, providing a range of principles to be taken into consideration during the development of smart home devices, appliances and services.
Many leading industry voices contributed invaluable insight including Dixons Carphone, Euronics, the Which Association, the SH&BA, Intel, D-Link, Deutsche Telekom, and Nottingham Universities. The recommendations for building consumer trust in the smart home sit across three categories; data security, data policy and consumer support.
The Smart Home Cyber Security Manifesto
- The smart home must be secure by design – Security cannot be added as an afterthought. Products and services must be secure across design, development, promotion and maintenance stages, and throughout the entire supply chain.
- The smart home must be able to authenticate all users – From knowing your heating preferences, to recommending which movie to watch, it is vital that everyone connected to the home network can be accounted for.
- All data that flows through the smart home must be encrypted – This is especially true of the personal and financial data of users.
- More must be done to deliver end-to-end security – As most smart home devices and services will connect through the cloud and other data centres, each step must be secure and not endanger the end-user.
- Companies must adopt transparent data policies – It must be made explicitly clear what personal data is collected and what that data is then used for. Consumers must be told if any company sells their data to marketers or any other third-party.
- All smart homes must offer the same level of privacy as homes do now. That means when the doors are closed, and the curtains pulled down, no company or person should expect to be able to access any activity of the home owner.
- All smart home devices and services must be accessible and understandable for all users, regardless of technical prowess – The end-user should never be blamed for a security vulnerability that arises in the installation or the running of a product or service.
- All devices and services must launch with long-term support – This means regular security updates and on-going support must be made available to ensure consumer peace of mind.
If the smart home industry acts on these recommendations, we believe that consumer trust will grow and adoption of the smart home will accelerate.
We are very interested in hearing your thoughts on this manifesto, so please do not hesitate to get in touch.