This article belongs to *Privacy Included: Rethinking the Smart Home, a special edition of Mozilla’s Internet Health Report.
There may be just one brand name on the box, but when you speak to a smart home assistant or jog with a fitness tracker, you’re interacting not with a single technology, but with a number of deeply connected technologies that may also be manufactured and maintained by different companies. In the design of any smart device there are decisions about five key components that will have lasting impact on the privacy, security, interoperability and sustainability of the product — and therefore also on the wider ecosystem of the Internet of Things (IoT).
Affordable hardware makes IoT accessible to startups and open hardware creators. But with low cost, poor quality may follow. Is a device designed sustainably or will it quickly end up as e-waste? An aesthetic of sleek surfaces, glued parts, and tiny size often trumps access to repair and replace parts. Low prices may also signal hidden motives to collect data. Hardware determines whether devices connect to networks via Wi-Fi, Bluetooth, ZigBee, or mobile connections, like 5G.
Any IoT device counts on several different kinds of software to function. As on any computer or phone, there is an operating system. A range of free and open source solutions are popular among IoT developers. An app to control a device, as well as software for data collection or machine learning, is often purchased as a service. For security, software should incorporate best practices, like automatic software updates and encrypting all network communications by default.
Often connected ‘things’ in a home can’t work together because of brand ecosystems. For instance, using Apple AirPlay with Amazon’s Fire TV is not easy. Network protocols like WiFi and Bluetooth can enable workarounds, but interoperability should be a critical component of a healthier IoT ecosystem. Projects like Mozilla WebThings and HomeAssistant let users control a variety of smart devices from a single platform, even when they aren’t designed to talk to each other.
Personal data collection and monetization is a dominant business model in today’s IoT ecosystem, but there are also responsible creators who chose to minimize data collection to protect user privacy (or sometimes simply to lower costs). Most devices need to store and process data to function. This can happen either on a cloud server or locally on a device within a home network. Business models that treat data as a liability instead of an asset are still too scarce.