COMMUNICATIONS & STRATEGIES No. 87, 3rd quarter 2012
Internet of Things: A new avenue of research
Summary : The Internet of Things (IoT) endows objects with intelligence and ability to communicate, connecting people and machines anywhere, anytime. IoT applications exist in various domains: health, domotics, security and control, the supply chain. IoT exemplifies - and is driven by - major changes in technological convergence, pervasiveness and ubiquity, increases in mobility, traceability, and so on. This special issue aims to develop a better understanding of what the Internet of Things is and what its potential impacts may be. This Dossier includes contributions from different fields of research in order to grasp the various dimensions of IoT in a multidisciplinary perspective (law, economics and management, political science, etc.).
Interview with Rudolf van der BERG
Economist & Policy Analyst, OECD
Conducted by Martin CAVE (Imperial College Business School, London)
C&S: Could you introduce yourself?
Rudolf van der BERG:
I'm an Economist/Policy Analyst at the Organisation for Economic Co-operation and Development (OECD) working on telecommunications and Internet-related policy. I've been working here for one and a half years and before that in the private and public sector in various roles. My most recent research focuses on machine-to-machine communication (M2M) and specifically the regulatory implications of liberalizing the telecommunications market to better enable M2M*.
As a disclaimer, this interview represents my personal views and not those of the OECD or its member countries.
What is the Internet of Things?
The term 'Internet of Things' (IoT) is a very flexible term and it isn't the only term used. Alternative terms like 'connected devices', 'M2M' and 'smart' are also used interchangeably and mean roughly the same thing. 5 years ago it meant mostly radio-frequency identification (RFID) enabled devices; however, as we're getting more creative, more things fall under the term. According to some, it is any Internet-enabled thing which is not a smartphone, personal computer or server. This distinction is rather moot though, as any connected device will no doubt be controlled through a smartphone, server or PC.
Essentially, it is a term that represents the next era of the Internet. Today there are several billion computers connected to the Internet. The next 20 billion hosts, however, will not be traditional computers but rather a variety of 'things': photo cameras, cars, sports shoes, watches, light bulbs, street lights, electric meters, home appliances, health monitoring equipment and home entertainment devices.
Why is this happening now?
The Computer Science lab of Carnegie Mellon University had a network connected Coke vending machine in 1982, so to some extent what we are seeing isn't new. What is new is the ubiquity of Internet connectivity. There is hardly a place in the developed world where there isn't some form of connectivity available. That connectivity now enables a global market for connected things. That market is now delivering on low-cost connectivity solutions.
For example, light bulb manufacturers are expecting LED light bulbs with Internet capabilities to be available in mass volume in the next 3-5 years. These new light bulbs will allow users to take advantage of dimming and colour display capabilities currently missing from standard lamps, and could easily transform spaces into modern multi-coloured light shows. Add to this that the LED light bulb is assembled like any other piece of electronics and adding connectivity comes at a relatively low extra cost, but does add functionality.
Connected street lights are a similar development, and promise a 70% decrease in energy use. That's up to 70 US dollars per street light per year! With roughly 5-7 million street lights in the UK, and a medium sized city easily managing over 10,000, the savings would be enormous. These new Internet-connected lights will also bring new functionalities: sensors that sense the presence of traffic, radio controls that allow street lights to be brighter at the request of emergency services, the possibility to signal routes through town by changing the colour of the lights, etc. Lower operational cost and more functionality? That's a win-win for every government in the OECD!
RFID was predicted to become really big; how is this different?
The difficulty with RFID was that the prices of tags haven't come down enough and RFID is competing with ink – a very versatile competitor – to deliver basic identification functionality. Add to this some technical difficulties, like reading tags when there is tin foil around, and implementation turned out more difficult than predicted. This doesn't mean there isn't a future for RFID, but it may not be as big and may take awhile longer.
The current trend is different in the respect that it is more high-end than RFID. Internet connectivity is installed in "things" that now already have ICTs on board, or where it is relatively cheap to add. If you now use a remote control to control a device, then in the near future there is likely to be a chipset available that allows Internet connectivity at the price point of a traditional infrared remote control. Furthermore many machines are already equipped with sensors and computing power. A car can have as many as 70 processing units (computers), many of which make the car more efficient, comfortable and safe. Connectivity is then a small step that promises an extra step in efficiency, comfort and safety.
What is the OECD's role in analyzing the Internet of Things?
The OECD performs trend and impact analysis of new technologies for its 34 member countries. Our analysis allows policy makers to understand the drivers behind technology, its impact on business and the role of governments in implementing and regulating these technologies. Several studies have already been specific instances of IoT, like RFID, sensor networks, smart energy grids, electric cars, smart water, eHealth, smart transport, etc. Our most recent work includes a study on machine-to-machine communication, and there are forthcoming studies on smart networks, cloud computing and big data.
What are the main policy topics involved in the Internet of Things?
There is very little that will not be impacted by the Internet of Things in the near future. It is just one application of ICTs and as a result carries with it many of the same policy issues as other ICTs. So the main policy areas for government – innovation, transport, health, environment, energy, and to a lesser extent, education – all are influenced. Governments can be one of the main drivers toward the roll out of connected devices, for instance, by creating policies that require smart meters. The European Union, for example, is now mandating its own location-based service system (eCall) to be built into every car from 2015. Governments will also need to put in place policies that anticipate the impact of the Internet of Things in such general areas as privacy, security, competition, numbering, spectrum, and job creation.
Could you expand a bit on Privacy?
Privacy is obviously an important point because devices are increasingly recording data that can be traced back to individuals. And it doesn't look like there is an opt-out available anymore. You can decide to leave your phone at home, but you can't opt-out of a street light sensing your presence. You can't opt-out of the European eCall system installed in your car, or the mobile networks recording its location. Now add to this the enormity of scale and you can begin to see how everything will communicate, everywhere.
Countries are debating the privacy implications of this new connectivity. For instance, smart meters have been dubbed by some as spying devices because they might instantaneously record what you do in your home. Many countries have responded by scaling back their roll outs and reducing the number of samples taken to once every 15 minutes. However, a consumer may want to share that information with a third party service provider, not being the energy company, because the same data can give important insights into energy savings and allow them to automate their home. Or the data could provide alerts when a freezer needs of de-icing or a fan develops a mechanical failure.
Governments understand the benefits, but still haven't determined how the current rules can effectively be applied to the new privacy concerns. Existing privacy frameworks were developed for a world where small units of data are stored by organizations we interact with. But today's reality is that large amounts of data are stored by a variety of organizations that may not have a relationship with us personally. Furthermore, even anonymously collected data can be increasingly combined with other data sources to become personally identifiable. The concepts of notice and consent that are now central to privacy regulation become more difficult in this context.
Take for instance the data from street lights (I like street lights as examples because they are everywhere and thus easy to relate to). Now if that street light is equipped with a sensor that measures the presence of pedestrians and cars to turn the light brighter, this action can generate data that can be stored. Not only could this provide great data on traffic volume at certain times of the day, it could also be used to verify whether your neighbour left the house at 3am and walked two streets down to the house of his friend and back again. Just follow the street light. Our privacy frameworks weren't designed with these kinds of situations in mind. We're now talking about billions of sensors, cloud-based processing and big data analysis.
With privacy often comes the question of security.
Security and reliability of Internet of Things is vital. It will control many elements of our lives and we will rely on it to work and not to be abused. With everything becoming more interconnected there are more interdependencies. Given the long lifecycle of Internet of Things, devices remain active for up to 30 years, it is difficult to foresee all possible uses. Looking at industrial control systems, used in factories and utilities, the signs aren't good. A recent study showed that almost all commonly used systems were susceptible to many basic attacks. In another case an industrial control system would reactivate the default password, which was "100" even when it had been changed. It is scary to see what will happen in the long run as these systems will remain online for 30 years and it is unclear who has the responsibility for their safe operation for all those years. There is however, room enough for a few scare stories. Could you imagine what happens if the neighbours kid could turn on all the lights in every house in the street (or city)? The solution lies probably in better accountability for these companies, but how this is achieved is still a question.
So what about competition, you've worked quite a lot on this?
Yes, competition – especially in the 2G/3G/4G networks – is affected greatly by the Internet of Things. GSM, CDMA, UMTS and LTE all share the incredible advantage of being available up to high speeds almost anywhere in the world. This is something few other networking technologies can do. So it is great for running applications on geographically-dispersed devices, either mobile or fixed. Another advantage is that the authentication method on 2G/3G/4G networks is via a unique smart card, i.e. a SIM-card.
SIM-cards are great from a machine and usability point of view, because they allow authentication to a network without user interaction. It is a secure, trusted element that allows user friendly operation. It is plug and play. Imagine using this easy type of authentication with a wifi-enabled alarm clock, thermostat, etc.
However, the drawback of the SIM-card is that it is not controlled by the end-user. It is the property of the telecom operator. This can causes problems when, for example, a company may want to switch mobile operators. Under the current system, businesses would have to physically remove every SIM-card in their devices and manually replace it with the SIM-card of another operator. Multiply this by 10,000 to 100 million devices and it is clear this model is economically unrealistic. So unfortunately, for the moment, anyone using a SIM-card for an IoT service is locked in with their mobile operator for as long as the device lives. Manufacturers of IoT devices have little room to make mistakes; even if they're unhappy with a mobile service provider, they can't recall several million cars to change operators.
In total, there are five market failures tied to the control of a SIM-card:
- 20 year lock-in with mobile operator
- Changing SIM is impossible for millions of devices
- No competition in roaming fees
- No way to route around network failure
- Research by Simula in Norway shows that 20% of devices are unavailable for more than 10 minutes/day
- Mobile networks only cover 80% of connected devices
- It isn't just the countryside with spotty network coverage. As a result of "cell site breathing" (contraction and expansion of cell site based on traffic demand) and radio propagation through and around buildings, networks can't reach all sites all of the time even in densely populated cities.
- No innovation, without the prior consent of the mobile operator, for instance to bypass mobile operator.
- There is a solution to this problem. Make the large scale end-user, i.e. the car manufacturer in the above example, the owner of the SIM-card and the associated authentication infrastructure. This would be the same as the way mobile roaming currently works: the car company doesn't own the infrastructure in the area it roams, but it can log on to mobile networks, as long as it can be authenticated and there is a place to send the bill. It's all bog-standard GSM-protocol. We've seen a lot of interest from big energy, car and consumer electronics companies. It would give them a competitive market for both national as well as international connectivity. It would save billions of euros every year.
There's just one problem: it's illegal.
Most national regulations stipulate that only providers of public electronic communications networks and services can have access to the IMSI-numbers that uniquely identify a SIM-card. In some countries the rules are even more stringent and even virtual network operators can't have access to these numbers.
Now a car company can't really claim it is offering (predominantly) an electronic communication service; otherwise it would have to qualify the vehicle as a very feature rich phone (to be fair, it does do more than an iPhone!). An energy company can just forget about trying to make a case. Consumer electronics companies might have a better case to make (an opportunity here for lawyers!), but it's fair to assume in many countries they wouldn't be allowed the numbers to enter the market either.
Now there doesn't really seem to be any technical reason to have this rule. True, there is some worry that there may be too big a market for connected devices and we run out of numbers (IMSI), but I can't really see how that is a problem. Even though countries currently use two digits, they could easily expand to three digits… and the ITU still holds over 500,000 numbers in reserve. But even if the Internet of Things does in fact prove to be really, really popular, what is the problem? That we have a well-functioning market that serves the needs of thousands of businesses? That companies save billions of euro every year? That telecommunication companies can offer their services to thousands of companies and not fear that a potential customer could be lost forever? Don't forget that if many companies would do this there is also a drive to update standards to allow more companies in. And if the opposite is true, that only a few big companies in the current market are going to successfully manage this transition, well, then I will stand corrected, but at least it isn't the government that breaks the market.
What is the impact on spectrum policy that you foresee?
Wireless technology is first and foremost a "last meter" technology. In theory, bits shouldn't travel exclusively in the air because they clog up the airwaves for other bits; they should only travel short distances and then hop on a wire. That being said, people want their devices to be free and unfettered. If our data needed to only travel through a wire, we would lose mobility. So basically any device will have a wireless component that will aim to reach the nearest antenna as quickly as possible, to save energy and to save bandwidth. We will therefore need pervasive wired broadband networks that at their endpoints connect to antennae for the last meter.
The Internet of Things will make spectrum policy even harder than before. It will force spectrum policy to move at the speed of the devices the Internet of Things is built into. A car generally lasts for 15 years; that means all the Internet-connected devices in it should work for that period too. It also means you can't shut down a wireless network in seven years from now, which is half way through the lifetime of a vehicle, because that will mean 75 million vehicles in Europe will not have a working network connection anymore. Many devices have similar lifecycle-related problems. Smart meters should work for 30 years – that means our choices today will be important for a very, very long time.
What is your perspective on jobs and growth and the Internet of Things?
In the M2M paper this wasn't examined. It is also out of my area of expertise. In general the impact of technology on growth and jobs is of great interest to the OECD, but it took years to see the macro-level impact of ICT's on society in general and we have only started with the introduction of the Internet of Things. Of course, the billions saved in the street light example could certainly be put to good use in various parts of the economy. However on a personal note and having just read Brynjolffson's "Race against the machine", I can also foresee a problem with employment growth. One of the prospects of the Internet of things is the autonomous machine, i.e. flying drones or Google's driverless car. Now fast forward 10-20 years and we may see the driverless taxi and the driverless truck. Those are jobs that are often held by lower skilled workers and those jobs may go away. That is potentially a big problem, because I don't know what, if anything will come back.
But there is no sense in being a Luddite and breaking the machines that promise to make our lives more simple and easier. It's just important to note that it will not be all positive and it will not be positive for everyone always.
Are governments currently taking the right role?
Well, I think governments are taking a more forward-looking role than in the past. Of course, I would like them to move a bit quicker with liberalizing the telecommunications market for large scale M2M users. I've been working on this issue for three years now and would like one day to call it done. Governments are however major instigators in Internet of Things, through eCall, smart meters, eHealth etc. They are also potential big users, as governments own and operate billions of machines and devices that will one day be hooked up. Even things that wouldn't be regarded often as machines or even as "things", like dykes in the Netherlands or roads and rivers, will be connected. Privacy regulators seem to be very aware of what is coming. They may not have a full answer yet, but they are forward-looking. On the security side of networks, we will have to improve the government's role in holding companies accountable for what they put in the market and how well it works and performs.
At the OECD we're working with governments on finding those answers and learning from best practices. We're working on the general horizontal policy issues that stem from the current trend towards the Internet of Things, Cloud and Big data. At the same time we work on best practices of using these technologies in specific verticals like transport, healthcare, energy and government.
Thank you very much. This has been an interesting and enlightening conversation.
Rudolf van der BERG has been an Economist/Policy Analyst at the OECD, since 2011. Here he has worked on topics regarding M2M, Smart networks, telephony and internet interconnection and telecommunications policy. He started his career at the NDIX Internet Exchange Point located in Germany and The Netherlands. He worked five years at the Ministry of Economic Affairs, first with a responsibility towards lawful intercept and he negotiated the EU Data retention directive. Later he wrote the first documents on Net Neutrality for the Dutch government and was seconded to the OECD to write on the future of Broadband networks. As a management consultant for Logica he worked with clients on structural separation of energy companies, smart metering, information exchange in the energy sector and next generation number portability. It was here where the topic of liberalization of the mobile market for M2M first became apparent through a clients question on how to move 10,000 devices from one operator to another. Subsequently he wrote analysis on the impact of liberalizing the market for the Dutch Ministry of Economic Affairs and a discussion paper for the OECD.
> For more information about our activities: www.comstrat.org
COMMUNICATIONS & STRATEGIES
* Machine-to-Machine Communications: Connecting Billions of Device, OECD 2012, DSTI/ICCP/CISP(2011)4/FINAL.