As IoT technology becomes digitally woven throughout consumers’ homes, cars and wardrobes, the kind of relationships companies build with their users becomes ever more intimate and personal.
When the product you sell can hear what its owners are saying, capture data on their daily activities, help drive their cars and even watch over their sleeping children, factors like price, quality and durability fade beside the most important consideration of all: Can your company be trusted?
When making these changes, we took the time to work with experts in the privacy community to understand best practices and make sure the language we chose was clear, future-fit and avoided as much confusing legal jargon as possible.
Despite best intentions, however, many Sonos customers — and media observers — focused on the more austere aspects of the new policy. Notably, how it expanded Sonos’ data collection practices, but offered no opt-out. Customers who declined its terms would no longer be able to update their Sonos software, leaving their costly high-end system destined to lose functionality over time.
It’s a whole new IoT world
Should the Sonos privacy and PR teams have anticipated this backlash? Difficult to say. The race is on across all reaches of the IoT landscape — connected home, connected car, digital healthcare, smart city and so on — to launch new offerings with greater capabilities and convenience. There’s plenty of demand, and Sonos must innovate to meet consumer needs and stay competitive.
Let’s not lose sight of the fact that Sonos is in the business of providing a secure experience through wireless streaming media devices that live on your home network but must connect to third-party streaming services. Securing these devices and protecting the personal data of customers is the right thing to do, and in Sonos’ best interests. Yet pushing the technology envelope could possibly bring companies with IoT business models into conflict with the emerging privacy regulatory framework.
Of course, customers don’t necessarily care whether a company is in full legal compliance, but they care very much about whether it’s trustworthy. The 2017 MEF Global Trust Report surveyed consumers across 10 global markets and showed the importance of trust in today’s digital economy:
- 40% of respondents named one or more trust issues as their biggest barrier to using more apps and services
- 82% have taken action due to concerns over privacy and/or security, including deleting or discontinuing use of a service, warning friends or family, or switching to a competitive service
In this light, Sonos has taken a considerable risk in an area of real consumer sensitivity: how their data is used. In the MEF report, only 3% of respondents said that they were always willing to share data — half the previous year’s figure — while 39% said they never share it.
Keeping the (good) faith with consumers
Good faith is keenly important in an area like IoT, where the rules aren’t written yet. In spite of ample evidence of IoT security gaps that can endanger users of everything from cars to pacemakers, lawmakers have been slow to set standards and mandates. The Internet of Things Cybersecurity Improvement Act of 2017 under consideration by the Senate would cover only government contracts, not commercial markets. The EU’s General Data Protection Regulation, enforced as of May 2018, will likely bear heavily on IoT providers.
In the meantime, consumers shopping for IoT products don’t always keep security top of mind. What happens when a poorly secured IoT device compromises a customer’s entire home network, including financial and health records on Dad’s laptop? Or when a hacker gains control over a smart home vendor’s systems to wreak havoc across their entire customer base?
Your message to consumers should be clear:
Nothing is more important to us than protecting our customers. We’re taking every step to safeguard your data, fortify our products and prevent new vulnerabilities from entering your home. You have choice and control about the data you share through our products — not because of regulations, but because it’s the right thing for us to do.
Sonos isn’t the first company to struggle to find the right balance between privacy, security and data collection. It won’t be the last, as IoT becomes more pervasive. One lesson other players in the space should learn from this controversy? An open discussion of data practices and a dialog with consumers are crucial to reaching that balance.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.