Data Privacy, IoT and Mozilla WebThings

Smart home devices help to make life a little easier, but at the same time they require the transfer of control over your information to their manufacturing companies. In a recent article by the New York Times Privacy Project on online privacy protection, the author recommended buying IoT devices only when the user is “willing to sacrifice some privacy for the sake of convenience.”

This is sensible advice, because companies that control smart home devices are aware that you are at home, not only when you tell them yourself. Soon they will use constantly switched on microphones and listen to virtually every sneeze , and then offer you cold medicine from their affiliated suppliers. Moreover, requiring to transfer data and process logic only on its servers reduces the interoperability of different platforms. Leading companies will select from consumers the choice of technologies that they need.

At Mozilla, we believe that the user must have control over their devices and the data that these devices generate. You have to own the data, you have to control where they go, you should be able to make changes to your profile if it is not accurate .

Mozilla WebThings follows architecture-level privacy , a set of principles from Dr. Ann Cavoukian , which take into account maintaining the confidentiality of user data throughout product design and development. We offer an alternative approach to the Internet of things, which will be basically private and will return to users control over their data.

User Attitudes toward Privacy and IoT

Before considering the architecture of WebThings, let's talk about what users think about privacy in the context of smart home devices, and why it is so important to give people the opportunity to take responsibility for themselves.

Today, when you buy a “smart home” device, you get a convenient opportunity to control and monitor your home via the Internet. You can turn off the lights at home while in the office. You can check if the garage door is open. Previous studies have shown that users passively (and sometimes actively) agree to exchange confidentiality for the convenience of managing a home. When the user has no choice of alternatives to receive convenience in exchange for the loss of privacy, he is reluctant, but agrees to such an exchange.

Nevertheless, although people buy and use smart home devices, this does not mean that they are comfortable living with such a status quo. A recent user survey showed that almost half (45%) of the 188 smart home owners were concerned about the privacy or security of their devices .

User Survey Results

In the fall of 2018, our research team conducted a diary-based study in which 11 users from the USA and the UK took part. We wanted to find out how convenient and practical our project is WebThings. We gave each participant a Raspberry Pi with WebThings 0.5 pre-installed and several smart devices.

Smart devices are issued to study participants

We observed (on site or via video chat) how each of the participants went through the entire installation and configuration of the “smart home” . Then we asked the participants to keep a diary in order to document their interaction with the smart home, as well as to keep track of the problems encountered in the process. Two weeks later we talked to each participant about their impressions. Several participants, for whom the concept of a smart home was new, were delighted with the IoT's ability to simplify routine tasks; some were disappointed by the lack of reliability of some devices. The impressions of the others were somewhere in the middle: users wanted to create more complex algorithms and rules, they wanted an application on a smartphone to receive notifications.

In addition, we learned about user attitudes to data collection. To our surprise, all 11 participants were firmly convinced that we collect data about them . They have already learned to expect a similar data collection, since it is such a model that prevails in most platforms and online services. Some participants felt that data was collected for quality improvement or for research purposes. However, having learned that no data was collected about them, two of the participants expressed relief - they had one less reason to worry about the misuse of their data in the future.

On the contrary, there were participants who did not care at all about data collection: they believed that companies were not interested in such insignificant information as turning on or off a light bulb. They did not see the consequences of how the collected data could be used against them. This showed us that we should better demonstrate to users that outsiders can learn from the data from your smart home . For example, it is not difficult to establish when you are not at home, using data from the door sensor.

Door sensor logs can show when someone is out

From this study, we learned what people think of the privacy of the data that smart home generates. And at the same time, in the absence of an alternative, they are ready to sacrifice privacy for the sake of comfort. And some do not worry about privacy, not seeing the long-term negative effects of data collection. We believe that confidentiality should be a right for everyone , regardless of socio-economic status or technical skills. Now we will tell how we do it.

Decentralized data management gives users privacy

Manufacturers of smart home devices have designed their products so that they provide them with more services than buyers. Using a typical IoT stack, in which devices cannot easily interact, they can build a robust picture of user behavior, preferences, and actions from the data they collected on their servers.

Take a simple example of a smart bulb. You buy a light bulb and download the app for your smartphone. You may need to set up a unit to transfer data from the bulb to the Internet and, possibly, set up a “subscription to the cloud user account” at the bulb manufacturer to monitor it at home or remotely. Now imagine five years later, when you install dozens or hundreds of smart devices - home appliances, power saving devices, sensors, security systems. How many applications and accounts will you have by that time?

The current operating model requires you to transfer your data to manufacturing companies for proper operation of your devices. This, in turn, requires that you work only with the devices and services of these companies - in such fenced reserves .

Mozilla solution returns data to users. In Mozilla WebThings there are no cloud servers of the company storing data of millions of users. User data is stored in the user's home. Backups can be stored anywhere. Remote access to devices comes from a single interface. The user does not need to install many applications, and all data is tunneled through a private subdomain with HTTPS encryption, which is created by the user .

The only data that Mozilla receives is when the subdomain checks our server for WebThings updates. The user may not give Internet access devices at all and manage them completely locally.

The decentralization of WebThings gateways means that each user has his own “data center”. The gateway becomes the central nervous system of the house. When data about smart devices of users is stored at their home, it becomes much more difficult for hackers to access immediately a multitude of user data. The decentralized approach provides two main advantages: complete confidentiality of user data, and secure storage of the best in its class https encryption .

The figure below compares the Mozilla approach with the approach of a typical manufacturer of smart home devices.

Comparison of Mozilla’s approach to a typical smart home manufacturer

The Mozilla approach provides users with an alternative to current offers, ensuring their data privacy and IoT device convenience.

Further decentralization efforts

When developing Mozilla WebThings, we deliberately isolated users from servers that could collect their data, including our own Mozilla servers, by offering a compatible decentralized IoT solution. Our decision not to collect data is an integral part of our mission and additionally takes into account our organization’s long-term interest in new decentralization technologies as a means of increasing user assistance.

Webthings has embodied our mission to treat personal security and privacy on the Internet as a fundamental right, returning power back to users. From a Mozilla point of view , decentralized technology can destroy centralized “authorities” and return more rights to users themselves .

Decentralization can be the result of social, political and technological efforts to redistribute power from a minority to a majority. We can achieve this by rethinking and rebuilding the network architecture. By allowing IoT devices to work on the local network without the need to transfer data to external servers, we will decentralize the existing IoT structure.

Using Mozilla WebThings, we create an example of how a decentralized distributed system through web protocols can affect the IoT ecosystem. Our team has already created a draft WebThing API specification to support standardization of web usage for other IoT devices and gateways.

Although this is one of the ways to achieve decentralization, there are complementary projects with similar goals at different stages of development in order to return power to the hands of users. Signals from other market players, such as the FreedomBox Foundation , Daplie and Douglass , show that individuals, households and communities are looking for ways to manage their data themselves.

By focusing on people first and foremost, Mozilla WebThings returns people a choice : about how confidential they want to see their data, and what devices they want to use in their system.