In The nightmare of easy and simple, T.Rob unpacks the can of worms that is:
- one company’s privacy policy,
- provided by another company’s automatic privacy policy generating system, which is
- hosted at that other company, and binds you to their privacy policy, which binds you to
- three other companies’ privacy policies, none of which assure you of any privacy, really. Then,
- the last of these is Google’s, which “is basically summed up as ‘we own your ass'” — and worse.
The company was GeniCan — a “smart garbage can” in the midst of being crowdfunded. GeniCan, like so many other connected devices, lives in the Internet of Things, or IoT. After exploring some of the many ways that IoT is already FUBAR in the privacy realm, T.Rob offers some constructive help:
The VRM Version
There is a possible version of this device that I’d actually use. It would be the one with the VRM-y, personal cloud architecture. How does that work? Same architecture I described in San Francisco:
-
The device emits signed data over pub/sub so that secondary and tertiary recipients of data can trust it.
-
By default, the device talks to the vendor’s service so users don’t need any other service or device to make it work.
-
The device can be configured to talk to a service of the user’s choosing instead of, or in addition to that of the manufacturer.
-
The device API is open.
Since privacy policy writing for IoT is pretty much a wide-open greenfield, that provides a helpful starting point. It will be good to see who picks up on it, and how.
Leave a Reply