We’ve recently discussed the ways of managing big data. One of the growing contributors and collectors of big data is the internet of things.

What is the internet of things?

The definition of the ‘internet of things’ is changing all the time. As Paul Adams from Nokia put it, “If you get 10 analysts in a room and ask for a definition of IoT then you’ll get 15 different answers.”

As internet of things development progresses, we’re seeing definitions that move away from the traditional ‘smart devices’ that you have on your kitchen counter, in your pocket or on your wrist. Instead the internet of things ‘umbrella’ has grown to include smart bus stops, smart pacemakers, and, probably, smart umbrellas.

Previously IoT devices were considered only to be those that you plugged into a wall, or those that contained a battery. Now, an IoT device is seen by some as anything that can collect data.


The sensors required to collect this data are getting smaller and more powerful, and the data they provide is more helpful. A series of sensors on a series of bus stops around London can collect environmental data that can be used to tell mothers with new-born babies which areas of the city have the highest levels of air pollution – and thus which areas to avoid.

A sensor on a pacemaker implanted in someone’s chest can connect to a phone and alert a doctor when a patient suffers heart failure.

A sensor placed behind a famous painting in an art gallery can collect and store data on how damp the air around the painting is. And that information can be sent to actuaries to help calculate insurance premiums. The internet of things can be anywhere. And everywhere.

It’s estimated that by 2020 there will be between 20 and 30 billion ‘devices’ connected to the internet. I’ve put ‘devices’ in inverted commas because it doesn’t mean devices in the traditional sense: phones, computers, tablets, but also includes watches, and shoes, and bus stops, and umbrellas.

Data, data, data

The problem with this is that with all of these devices comes data. And lots of it. ‘Big data’ isn’t even a big enough word to describe the amount of data. It’s Really Big Data. Really Very Large Data. The sensor on the bus stop is collecting environmental data (atmospheric molecules, humidity, rainfall, and so on) and it’s collecting that data every second of the day. And so are the other 100 bus stops across the city. That’s a lot of data. But, the question becomes, who owns that data? Is it the city’s data? Is it the community’s? Is it the vendor’s data?

A smart pacemaker is tracking the vitals of the patient, but it’s also tracking their location with GPS sensors. So, if the patient collapses, ambulances and emergency contacts can be notified of their location. But, again, who owns that data? Does the manufacturer? Does the patient? Does the doctor?

At the moment, this is all kind of up in the air, so to speak, but when the General Data Protection Regulation (GDPR) launches in May, everything is going to get a lot more, well… regulated.

The answers to the questions over data ownership will have more transparent answers, and the users and consumers of IoT devices will have more rights to their data than they do currently.

Know your rights

With GDPR, consumers will have the right to know who and what is processing the data collected on them, and also: why the data is being processed. An ICO study showed that currently “59% of devices failed to adequately explain to customers how their personal information was collected, used and disclosed.”

Under GDPR, if a consumer wants access to their data, the controller of the data will have a month to respond. We’ve also previously touched on the ‘right to be forgotten’ which gives users the right to request that their data is deleted by its controller. As well as this, the ‘right to restrict data processing’ gives users the right to not have their data evaluated by automated processing.

How these rights will coincide with current IoT processes is yet to be discovered. Plus, there’s the added discussion of: ‘How do you know if a sensor is collecting your data’. The bus stop that collects atmospheric data for pollution might also have a video camera that tracks footfall. As a user of that bus stop, will you have the right to ask for your data to be deleted, even though it’s not ‘your device’? And how will you actually know that the bus stop is collecting your data? Those questions are still yet to be answered.

It’s an exciting time in the development of the internet of things, artificial intelligence and machine learning, but one that should be managed with caution and trepidation.