img(height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=2939831959404383&ev=PageView&noscript=1")

Ambient computing: privacy and security

Words:
Dan Cash

Risks, opportunities and relying on computers

The Internet of Things (IoT) is becoming part of the everyday fabric of our lives with what is termed ‘ambient computing’. But it brings many of the same challenges we all face online. Regular reports of data breaches and Cambridge Analytica’s activities have brought this into focus recently. Privacy and security are key considerations when connecting to the wider web. 

Regarding privacy, designers must ensure systems specified in buildings respect GDPR (general data protection regulations), and prevent harvesting of personal data without consent. In domestic situations this is relatively straightforward, as a homeowner is required to sign up to a vendor’s terms and conditions when registering.

In commercial buildings, privacy is more complex as systems are designed to enhance an occupant’s experience of a space; for example a network of information display screens around a building that can tailor displays for nearby occupants by detecting their mobile phones. These systems know who the occupant is and require them to ‘opt-in’ to be tracked. Further issues arise with connected systems and other functionalities use the user’s data. If a user hasn’t opted into these other systems (perhaps an app-operated locker) this would be a breach of the GDPR; so building operators must consider the functionality they want to achieve and what data is required when setting a brief.

Designers must ensure systems specified in buildings respect data protection regulations and prevent harvesting of personal data without consent

Security is a highly specialised field and there is no common standardised communication method for IoT devices from a single regulatory body. This means there is a layer of integration between a device and a system – posing potential security risks. In commercial projects, systems are generally designed to connect to a network that has specific security requirements. As the number of systems increases, the maintenance burden rises to keep software up to date and ensure no weak points occur. The IT system design must also be more closely aligned with the overall design for its building. Historically, the active IT equipment that drives a building’s data network has been procured outside the main contract for a project, but as ambient computing causes systems to converge, integrated approaches are required.

Domestic security can be a larger issue as homeowners seldom take all the necessary ­precautions to protect themselves. When proposing smart devices – such as learning thermostats, lighting controls or smart meters – for a dwelling, we advise that two wi-fi networks be used. One is to connect the IoT devices; the second would handle all traffic from personal devices that may handle banking and payment ­details, such as phones, laptops and media hubs .

Domestic systems, then, pose less of a privacy risk but may be more prone to compromises in security. In commercial systems security will be robust, but privacy issues are more complex to avoid artificial breaches of the GDPR.

Opportunities in the use of ambient computing are exciting. But we need to ensure security and privacy are carefully considered in system design, so we can confidently employ these ­impactful technologies. 

Dan Cash is senior engineer at Max Fordham

 

Latest

Do fewer applications mean towers are falling out of fashion? Plus inspector reins in PDR, ‘less urban’ plans for new garden village and Barbican residents question disjointed development. Meanwhile, Italy magics Harry Potter into the built environment

Fewer applications, but approvals rise. Plus PDR extreme checked

St Mary’s Calne and Woods Bagot both have something extra in their pockets with the new library in the school orchard

Interior ‘trees’ join those in the orchard alongside

A set of sleek Lifeline Speedlane Swing turnstiles guides workers and visitors into the Stiff + Trevillion office refurbishment above London Cannon Street Station

Lifeline Speedlane Swing turnstiles guide workers into the Stiff + Trevillion office reburbishment

Pooja Agrawal takes up the role of chief executive of Public Practice in June. She talks about the successes and ambitions of the organisation she co-founded and its impact on local authorities and the profession

The new CEO on why local authority placements work

Edmund Harris’ intriguing blog cataloguing Less Eminent Victorians is an engaging, enlightening and diverting investigation, finds Hugh Pearman

Edmund Harris’ engaging, enlightening and diverting investigative online blog