The market for connected, electronic devices is rapidly expanding: The consumer internet of things (CIoT) is predicted to grow from $45 billion to $154 billion by 2028, and already accounts for 60% of all IoT-connected devices.
But this growth contains a strange paradox: That consumers, while coveting such technology, also mistrust it. Seventy-five per cent of consumers worldwide are concerned about providers using their data without permission, and 63% find these devices to be “creepy”.
A global survey by PwC in 2020 found that people have concerns about security and privacy, but often feel trapped with their service providers due to a lack of trusted alternatives. Consumers want trusted alternatives, with 83% wanting control over their data and 85% wishing for companies they can trust with their data. Given a trustworthy option, consumers would not only change providers but are also willing to pay for more enhanced security.
The use of connected devices has been accelerated by COVID-19 in some domains like smart homes and wearables. Despite the benefits of time-saving and personalized experiences, these devices and their associated services require proper governance.
The World Economic Forum’s State of the Connected World 2020 report outlines how the gap between IoT governance – laws, standards and self-governance approaches to mitigate harm – and the pace of technological change (including potential risks) appears to be widening.
Consumer mistrust is not just a result of misunderstanding of how technology works. The report highlights that security and privacy pose the greatest risk for the consumer domain, and that more related governance structures are needed to ensure connected devices help advance shared societal benefits such as tackling the digital divide.
The Forum launched the Trustworthy IoT Coalition to address some of these challenges. This multistakeholder global community aims to increase the “trustworthiness” of consumer-facing connected devices for all consumers and the value chain.
Recognizing that trustworthiness is subjective, community experts noted that many personal, social, environmental, commercial and governmental factors can potentially impact consumer trust for IoT devices.
To encourage stakeholders to think more comprehensively about building trustworthy connected devices, members of the coalition conducted a review to identify model practices in the industry. This preliminary review (of frameworks, guides and articles) shows that CIoT governance initiatives vary widely among business, government, civil society and academic organizations around the world. To build consumer trust, alignment is needed for those stakeholders across the ecosystem.
Currently, only a handful of organizations have presented guides that look at the overall impact of consumer-facing connected devices on people, the planet and for economic progress – with Consumers International’s Trust by Design Guideline for Consumer IOT being one of them.
Trust by Design provides high-level checklists to help manufacturers create trustworthy devices that can meet legal requirements – though it may not indicate how to meet all obligations. It gives manufacturers the opportunity to assess and reduce risks by understanding whether they meet, or are working towards, requirements across six areas: security, privacy, transparency, supporting vulnerable groups, customer support and complaint handling, and the environment.
This guide provides an important starting point, reflecting IoT manufacturers’ input and consumer demands. It also has the potential to be built into tools such as labels.
Most governance efforts across the public-private sector nonetheless operate in silos and are narrowly focused. They mainly focus on tackling security and privacy issues at the baseline level. There are some efforts to address repairability. The French government, for instance, is the first to require manufacturers to inform consumers about the repairability level of devices like smartphones in a transition towards a circular economy and e-waste reduction.
On the whole, however, it appears that very little progress has been made with CIoT governance, which raises an important question: Who is responsible and accountable for safeguarding the connected future?
Many coalition members argue that connected devices must be trustworthy from infancy. This requires stakeholders across the value chain (businesses, regulators and consumers) to think collectively and holistically about the widespread impact of CIoT on the world.
Businesses, for instance, can take a lead by considering 3 strategic actions to make a positive impact:
For example, manufacturers can actively understand a variety of consumer concerns before designing connected devices and services through consumer research, focus group studies and multistakeholder engagement (including speaking to consumer advocates). Sellers can adopt best practices and standards (when selecting devices for instance) to minimize the negative impact on consumers. This can help identify new business models, increase brand loyalty and customer retention.
This is needed for a complete understanding of the risk of connected devices on society, the environment and the economy for the entire product lifecycle (pre-market, sales and after-market). For example, vendors can understand the impact of extending product life using repairability options and security updates on customer retention and e-waste. This can help differentiate product offerings, meet ESG goals and attract new customers.
For example, manufacturers can adapt the Trust by Design Guideline, which has been developed through consumer research in collaboration with IoT manufacturers, and with input from stakeholders from over 100 countries. This can help meet legal requirements and reduce future risks and costs.
The World Economic Forum's Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. The centre is an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors.
Since its launch the centre has driven impact throughout the cybersecurity ecosystem:
Contact us for more information on how to get involved.
Businesses are only a part of the solution. The adaption and scalability of CIoT requires stakeholders across the value chain to act together and take greater responsibility to create a resilient, equitable, sustainable and inclusive future for all. It is through proper governance and collaboration that we can build consumer trust.