Connectivity is changing the world by the minute. People near and far are coming online and experiencing the transformative powers of the internet. In the United States alone, it is estimated that more than 87 percent of the country has internet access. Without question, its far reach is one of the biggest reasons why our country remains the world’s innovation hub.
Now comes the race to use this connectivity to link us, the users, to our “things,” and our “things” to each other. This web of connectivity, or Internet of Things (“IoT”), is rapidly ushering in a new paradigm that is making our lives more convenient, improving our health, increasing operational efficiencies, and so much more.
For instance, one wearable device detects abnormal temperatures, which can indicate breast cancer in skin cells. A connected toilet measures blood pressure and glucose levels. A smart home thermostat can be adjusted from mobile devices. Biochips measure water contaminants and pollutants. Drones deliver medical supplies to remote areas, and driverless cars are no longer science fiction. In our increasingly connected world, these examples barely scratch the surface of the innovative products and services that could enter the marketplace, so long as new ideas are encouraged and not hampered with shortsighted and reflexive regulations.
But what happens if these devices and the software that power them aren’t secure? For years, our collective psyche linked “cybersecurity” with government projects or national defense. However, in 2016, when the internet is nearly ubiquitous, everything from wearable devices to toilets, thermostats, and cars must employ robust security to ensure these products function properly and users stay safe. Before connected technologies existed, a hacker might only steal identities and drain bank accounts. But in today’s digital ecosystem, criminals could endanger lives by tampering with medical devices, meddling with surgical equipment, or hacking the cars we drive. Just last month, a study found that hackers could break into 24 different types of cars from 19 manufacturers with equipment costing only a few hundred dollars!
The Internet of Things has tremendous promise to change our lives for the better. Some estimate that by 2020, the IoT market will approach $2 trillion, with nearly 50 billion connected objects. And while more conservative estimates put the number of connected objects closer to 20 billion by 2020, the reality is that each of these billions of new products will have incredible capacities to collect and store very sensitive data. Encrypting and securing this data from bad actors must be prioritized by developers and policymakers so that IoT can realize its full potential.
Strap, a human data and mHealth data science and analytics company, insists that “encryption and obfuscation working in the Internet of Things space is paramount to reliability and quality of service.” Co-founder and COO Patrick Henshaw explains: “In order to provide not only a level of service but to maintain our data's integrity, we have to be able to encrypt and maintain compliance with the latest security measures and encryption standards applicable to not only the industry itself, but in our case, to the extent of [complying with stringent health care regulations].”
Despite the prevalence of IoT and the importance of securing it, some state and federal policymakers insist on weakening encryption. Critics say they appreciate encryption and the very important role it plays in today’s digital ecosystem, but they argue that it is a favored tool of bad actors and is hurting criminal investigations. Some have even gone so far as to introduce legislation that would force developers to deliberately undermine their software security, which runs counter to market demands and industry best practices. If these bills become law, they would actually make an untold number of Americans less secure.
While their goals to keep the nation safe are noble, policymakers pursuing avenues to disrupt encryption will be met with dead ends. In 2016, there is no tradeoff to be had. Robust encryption, whether employed in smartphones or IoT, is here to stay, and for good reason: consumers demand strong security. A recent study showed that the biggest threat to the adoption of smart home technologies are hacking concerns, with 92 percent of consumers worried about exposing personal data to hackers.
Since our country’s inception, the United States has nurtured and celebrated the bright minds who change the world. The country that helped a man harness electricity also helped another light up the night. The country that helped a pair of brothers take to the sky was also the first to put humans on the moon. The country that created the internet also helped a woman invent the first computer code translator. Each of these was accomplished, in no small part, because our policymakers refused to give in to hysteria and the unknown and instead encouraged innovators to tinker, create, and take risks.
As we transition into a new chapter where the internet isn’t simply a way to communicate, entertain, or do business, but rather a way to live, it is imperative that policymakers take a similar approach to this budding sector. Creators, tinkerers, and risk-takers built the United States into the world’s innovative hub, and because of their efforts, people here and abroad are enjoying longer, healthier, and more prosperous lives. Weakening encryption in the name of “security” threatens to undo this incredible progress. In today’s digital ecosystem, all of our things — smartphones, wearables, smart toilets, thermostats, or cars — must be encrypted if the sector is to grow and change the world.
U.S. Director of Policy and Government Relations