What a wacky week it has been in the wonderful world of the internet of things. On Sunday, people all over the United States, as well as parts of Europe, found they were locked out of buildings or stuck inside in rising summer heat with disabled air conditioning, all because of US-based problems in Google's cloud services.
The connection – or lack of one, in this case – is that Google owns Nest, the service comprising various internet-linked devices that let people remotely control thermostats, air conditioning, baby monitors and door locks.
Nest users on Twitter on Sunday revealed homeowners couldn't unlock a property for guests, or turn on air conditioning. Also down were G Suite services, such as Google calendars, docs, and Gmail. YouTube, Instagram and other services were also cut.
Businesses are fortunate the problem happened on a Sunday because so many use G Suite for everyday operations. Imagine half a workday unable to access critical company documents, or work calendars, or company email, or anything backed up to Google Drive.
G Suite is advertised with the tag line “Freedom to work from anywhere”. To that you can now add “Freedom to experience network shutdowns from anywhere”.
Devices, sensors and other items that have an IP address and connect to the internet, sending data across the network and managed by it, make up this rapidly expanding internet of things.
The issue with Google is that it is a central hub for widely used services and it also runs the cloud service network they are based on, creating an enormous single point of failure.
The outage, which lasted four hours, also affected third party services utilising the Google cloud, even iPhone services because iCloud turns out, in part, to be the Google Cloud.
Cloud services
Until Sunday, most people probably had never thought about the implications of concentrating so many of these services under a few huge tech companies, and on just a handful of cloud services.
Most of the cloud is controlled by just four corporations – Amazon, Microsoft and Google in the US, and China's Alibaba. A Goldman Sachs report last year said these four hold 56 per cent of the world public cloud market and continue to consolidate market share.
Amazon, at 47 per cent, is largest, followed by Microsoft at 17 per cent, with Alibaba at 8 per cent and Google at 7 per cent. But think about that. Millions of people globally were affected by Sunday’s cloud network problems at Google, yet it is the smallest operator of the big four.
Such IoT issues are regularly highlighted on the entertainingly disturbing Twitter account, Internet of S**t. (This week it tweeted that an IoT toothbrush firm that sends your dental hygiene data to insurance companies to enable you to lower your dental premiums, received $50 million in venture capital).
Laugh as you must, but this is the other, equally worrying, side of the IoT – devices that gather data in the background and send it . . . somewhere. Maybe to the manufacturer of the device, where it generally goes to third parties, or maybe directly to the third parties.
Because really, the devices – be they toothbrushes, thermostats, televisions, cars, watches, or anything else “smart” – is just the intake valve for your data, in yet another form of monetising surveillance.
So you get a few euro off your insurance, or a device costs less because your data ultimately subsidises it, but in exchange for what? In most cases (such as your television) you don’t really know.
Insurance premiums
And even when data is used to lower insurance premiums, who gets the best of this trade-off? For a start, as UCC computer science professor Barry O’Sullivan outlined on RTÉ’s DriveTime this week, there’s no contractual guarantee from many of these services that individuals get anything at all.
He called such data-acquisition arrangements “the beginning of a very slippery slope of using our privacy as currency”.
A lower insurance premium may seem a good trade-off, but what about when a bank refuses you a mortgage because you can’t get life insurance because your IoT-obtained car data suggests you drive too fast, or your smartwatch heart stats indicate you’re in poor health?
As commentator Anton Savage remarked on the same segment, another big impact will be when two-way telemetrics become more widespread and data can be sent causing the device to respond – a car to shut down, for example (which can already be done by some US services). In short, for tech companies to control your activities, live.
Add into the mix that opting out of data transfer is already no longer an option on some devices (or they don’t work at all). Or, that there’s nothing to prevent an insurer from refusing to insure a person who refuses to use such devices. Or, that security is a huge issue with internet-enabled devices, which have been shown to be remotely hackable. And, that the whole area of IoT is not centrally regulated, or subject to international technical standards and safeguards.
Welcome to the Internet of S**t.