Big tech is using their voice service and smart home platforms to lure home owners into their walled gardens. While smart home owners don't pay with $$$, they pay with their privacy. Escape paths from the walled gardens will be hard to find.
Smart home devices and services are being promoted as the latest “must haves” for homeowners. The proliferation and complexities of the devices, their functions and interfaces, as well as the lack of standards are making it difficult for all but the most ingenious geeks to install and manage their smart homes on their own.
Recognizing this problem as an opportunity, big tech companies are luring homeowners into walled gardens with the promise of simple consumable benefits. What they are hiding in this siren call, however, is the high and mostly hidden price consumers are paying for this convenience. While they may not pay $$ for those services, they pay with their privacy, exposing their lives to the garden operators through the data generated by their devices. And they will be locked into those walled gardens: the more devices they connect, the harder an escape will be.
For now, escape paths out of the walled gardens appear hard to find. However, the history of personal computing shows that a lock-in does not have to persist forever. The move from main frames to personal computers put consumers in charge of their computing applications. And the World Wide Web put consumers in charge of their Internet services. Both these developments not only gave consumers more control over their activities, but they also unleashed a vast growth of new businesses serving consumers. Let’s examine how these developments evolved, and what a comparable development could hold for the smart home.
Personal computing breaks through: dumb terminals yield to powerful laptops
In the early days of individual access to computers, people used dumb terminals connected to mini-computers or mainframes. All functions available to users were determined by the programs available on those central computers. As they were expensive to operate, the applications available were limited. This led to computing environments being vertically integrated: hardware, operating system, user terminals, and applications were stacked and depended on the platform that determined all the properties. (If you are truly a computer aficionado, check out this history of the mainframe.)
It was greatly liberating to see the advent of personal computers, most visible with the PC. This broke apart the vertically integrated environment. While the processor and the operating system were still mutually dependent on the “Wintel” platform, an array of system manufacturers emerged, creating choice and opening new markets. The widely accessible application platform enabled a large base of creative programmers and drove a great expansion of applications available to users. Client/server architecture was an intermediate stage.
Ultimately, this development turned the world of computing on its head. These platforms placed a generation of end-users with their laptops and desktops in charge of their computing world. Shrink wrapped software came to be sold like ordinary consumer goods.
Internet access - from walled gardens to the Worldwide Web
In the early days of the Internet, no one was more prolific in attempting to lure you to their patch of turf than AOL. Not only were those AOL install disks voted the most annoying (and wasteful) marketing campaign, it's estimated that at least a billion of them were shipped.
Of course, AOL, CompuServe, Prodigy, and Genie were the vertically integrated application equivalent of “walled gardens”. They controlled all aspects of the clients and services available to their users. They dictated the terms and dominated the online customer experience.
AOL (and the egos within) grew so outsized that in 2000, they bought Time Warner for a staggering $165B in pursuit of creating a multi-screen content empire. Fifteen years later, in what could be among the greatest shows of value destruction in modern history, Verizon agreed to buy AOL, only this time the deal was $4.4B.
The open platform empowered users, driving new services
The open browser architecture enabled a large range of devices to access those services. Internet access expanded from computers, tablets, and phones to watches and refrigerators.
The open content platform unleashed vast creativity in content providers and generated a tsunami of services, from information services to social media, e-commerce, payments, messaging, and many others. By 2016, more than half of the earth’s population was using the Internet. Linkedin had 100M users, Twitter 320M, Instagram 400M, and Facebook an astounding 1.6B users. Retail e-commerce racked up $1.55T sales worldwide. A great variety of messaging applications emerged supporting text, voice, and video messaging, undercutting the messaging business of telcos.
These two developments – open content platform and open browser architecture - put consumers in charge of what services they want, when they want them, how they want them, and where they want them.
Will history repeat itself with the Internet of Things?
For now, most consumer IoT devices are connected either to walled gardens: Amazon Alexa,Google Assistant, Samsung Smartthings, and Apple Home, or only to their manufacturers’ services, such as door locks, home surveillance cameras or even connected kitchen appliances. These devices rely on control from the cloud to fulfill their function and create value for their users.
Artificial intelligence and the rapid expansion of hardware capabilities supporting it create the technical foundation for devices at the edge to become more autonomous. As the market expands and moves past the early adopters, production costs and final device costs are decreasing.
It is not necessarily guaranteed that devices can collaborate across ecosystems or can be orchestrated with other devices. To do so requires the seamless interoperation of devices to avoid constraining users' choices by the individual ecosystem in which each device operates. This would enable the inter-networking of IoT devices to achieve higher-level functionality. Collections of sensors and devices that contextualize users’ lives can increase their usefulness and acceptance. Naturally, improved security is also needed to achieve breakthrough acceptance and autonomy.
What standards could open up the walled gardens?
Edge runtime environment: The software environment of home devices and its management require substantial simplification and unification. Docker containers are starting to play that role in the enterprise world. Simplified versions, broadly accepted, could reduce the complexity of IoT software management.
Distribution protocol for containers: The high volume of consumer software that must be deployed and maintained requires efficient automated management. Enterprise computing solves this problem using Kubernetes. Adapting Kubernetes to the high volume, simplicity and security demanded by consumer device software could provide a path forward.
Radios: The diverse range of communication requirements of consumer devices has driven the emergence of a wide range of radio technologies: Bluetooth, Z-Wave, Zigbee, WiFi, 4G/LTE, DECT, LoRA, and many others. Most require dedicated chips, increasing the development and product cost, and reducing interoperability across radio types. Home hubs dedicated to linking devices with different radios increase deployment cost and complexity. 5G and software defined radios promise to cover a broad range of usage scenarios.
Standard APIs for sensors and actuators: Today, developers of sensors and devices choose their APIs to best suit their specific functions, rather than focusing on the role the devices play in their ecosystem. Integrating them into home ecosystems requires adaptation software. This software can be cumbersome, and sometimes functions get lost in translation. Naturally, control of the APIs often is the key to monetization by manufacturers. As a consequence, those APIs may remain proprietary for some time to come. Open intermediating services such as IFTTT can play an important role in accelerating interconnected services.
Are the walls just moving up the stack?
In a step intended tp move towards interoperability, the Connected Home over IP project promotes the interconnectivity of home IoT devices. This approach creates a unified open-source connection protocol over IP on top of diverse radios, addressing a key layer in the protocol stack. However, it leaves open many other issues required to obtain true interoperability. Creating standards at the application or user interface layers is much more complex and controversial. Spanning broad functionality sets and a large number of players, these architectural layers involve functional semantics, ontologies, data formats, security, and identities. Radio standards such as BLE or 5G require new chips being developed that are costly and usually slow to roll out.
As promising as the intent, this project carries serious implications for consumer autonomy. As stated on the project web site “The project aims to make it easier for manufacturers to build devices that are compatible with smart home and voice services such as Amazon’s Alexa, Apple’s Siri, Google’s Assistant, and others.” And “The Working Group at this time does not intend to standardize smart home user interfaces such as voice assistants, smart displays, or desktop and mobile apps.”
This is an indication that the ‘walls’ of the walled gardens are moving up the stack, from connectivity to the layer collecting consumer data. As voice assistants are becoming dominant interfaces to consumer IoT functions, fragmented connectivity standards are just slowing down the expansion of the big data collection platforms – the voice assistant services. Standardizing the interconnectivity layer will remove an obstacle to growth and market dominance of the big proprietary voice services.
Voice service procedures – Alexa routines, Google routines, and Apple shortcuts create the ability to invoke multiple device commands with a single phrase. They enable multi-device applications that create a lock-in effect into the voice service for all the devices involved. They also move the application control away from the device manufacturers and application providers to the voice service skill creators. The voice service platforms become the walled gardens.
Is there a path to consumer autonomy for IoT?
While consumers can benefit from a unified interface and more powerful skills, they are paying for this with increased exposure of their lives and a lock-in to their voice interface services. Consolidation at the user interface layer where most data are collected will make it more difficult for consumers to assert sovereignty over their data.
Some device manufacturers are looking to give consumers a choice of the voice interfaces they use. However, the voice service providers’ overwhelming market power over device manufacturers renders this approach tenuous. The recent regulatory initiatives to give consumers more control of their data, the GDPR in Europe, and the California Consumer Privacy Act, may eventually do more to address this issue.
While there are some obvious cross currents, increasing autonomy of consumer IoT devices and vertical disintegration of IoT services will vastly increase consumers’ choices. Improved inter-networking of devices will increase their usefulness.
Breaking the market power of the proprietary platforms, including the voice service / data collection platforms, will unleash huge new opportunities for independent service providers. Escaping the walled gardens can lead to the kind of business expansion we experienced in the PC revolution and with the World Wide Web. It can shift the initiative driving the evolution of the consumer IoT from the proprietary platforms to the consumers. It can unleash the creativity and diversity that device autonomy achieved for the digital information space. It can lead to an explosion of independent cloud services to provide functions for the newly liberated users.
A non-profit initiative, the World Wide Web Consortium, focused on the practical application of document sharing and and in doing that created the foundation for the businesses using the World Wide Web. Could a similar initiative, possibly built on IFTTT, create the Internet of home services?
Note: An earlier version of this blog was published on Linkedin in September 2018. This update addresses some of the interesting developments that have happened since.
Appendix: Data Sovereignty - who controls consumer data?
Data sovereignty specifies who has what control about who can do what with data.
Much of the discussion about user data control and privacy revolves around data ownership. However, this term can be misleading.
The term ownership evolved in the physical world where it applies to physical objects. These objects are well defined, can be created, traded, used, and destroyed. When they are replicated, the replicas acquire separate ownership as part of the creation.
Data differ in many ways. They can be replicated and transferred without impacting the original copy and often out of the control of the creators. On most data transfers, the originators lose control, and the data can then be used in ways with which the creators may or may not agree. This makes it difficult to define data ownership in the classical sense.
The term data sovereignty is more appropriate.
Data sovereignty has many facets and is far from legally settled. For businesses, access to data from consumer devices and the ability to exploit them creates tremendous value. For consumers, exposure of their data often involves the risk of serious privacy violations and identity theft when services’ web sites are hacked. Data collected from IoT devices usually are subject to complex privacy policies. These policies often appear to be written in ways to make consumers avoid reading them and to confuse them when they do. And most don’t give consumers choices, insisting on a “take it or leave it” approach.
There are few legal protections for personal data. Generally, data are subject to the laws of the country where they are collected and processed. Some countries require that data about their citizens are stored in-country, and local laws apply. The European General Data Protection Regulation (GDPR) is an example. Others are the California Data Privacy Act and the Australia Consumer Data Right. However, international conflicts can arise. The EU allows data to be transferred only to countries that have equivalent protections. An EU court recently decided that the US protections are not equivalent, invalidating the US_EU data privacy shield, the governing data transfer agreement. US law on the other hand gives its courts access to data managed by US companies regardless of where the data is stored, insisting on extraterritorial reach. The handling of personally identifiable (PII) data involves other complexities: Someone could create PII data about somebody else. According to the GDPR, the creator has no right to the data, and the subject person would not even know the creation.
Clearly, data sovereignty is an evolving concept!
About the author
Martin G. Kienzle has been researching smart home technologies and services for over a decade. He’s been involved in smart home demos and prototypes. He advised device manufacturers and service companies. In the process he has developed deep insights into the promise and the pitfalls of smart home devices and services. Martin is a Senior Member of the IEEE.