• The CIoT sector is experiencing rapid growth – but consumers still distrust such devices.
  • Stronger governance is needed to ensure technology is a force for societal good.
  • Businesses can adapt model IoT practices to assuage consumer fears.

The market for connected, electronic devices is rapidly expanding: The consumer internet of things (CIoT) is predicted to grow from $45 billion to $154 billion by 2028, and already accounts for 60% of all IoT-connected devices.

But this growth contains a strange paradox: That consumers, while coveting such technology, also mistrust it. Seventy-five per cent of consumers worldwide are concerned about providers using their data without permission, and 63% find these devices to be “creepy”.

A global survey by PwC in 2020 found that people have concerns about security and privacy, but often feel trapped with their service providers due to a lack of trusted alternatives. Consumers want trusted alternatives, with 83% wanting control over their data and 85% wishing for companies they can trust with their data. Given a trustworthy option, consumers would not only change providers but are also willing to pay for more enhanced security.

The use of connected devices has been accelerated by COVID-19 in some domains like smart homes and wearables. Despite the benefits of time-saving and personalized experiences, these devices and their associated services require proper governance.

The World Economic Forum’s State of the Connected World 2020 report outlines how the gap between IoT governance – laws, standards and self-governance approaches to mitigate harm – and the pace of technological change (including potential risks) appears to be widening.

Consumer mistrust is not just a result of misunderstanding of how technology works. The report highlights that security and privacy pose the greatest risk for the consumer domain, and that more related governance structures are needed to ensure connected devices help advance shared societal benefits such as tackling the digital divide.

The 'governance gap' in IoT technologies is still widening
The 'governance gap' in IoT technologies is still widening
Image: World Economic Forum

Towards Action

The Forum launched the Trustworthy IoT Coalition to address some of these challenges. This multistakeholder global community aims to increase the “trustworthiness” of consumer-facing connected devices for all consumers and the value chain.

Recognizing that trustworthiness is subjective, community experts noted that many personal, social, environmental, commercial and governmental factors can potentially impact consumer trust for IoT devices.

IoT organizations can work toward building greater trust in many areas
IoT organizations can work toward building greater trust in many areas
Image: World Economic Forum

To encourage stakeholders to think more comprehensively about building trustworthy connected devices, members of the coalition conducted a review to identify model practices in the industry. This preliminary review (of frameworks, guides and articles) shows that CIoT governance initiatives vary widely among business, government, civil society and academic organizations around the world. To build consumer trust, alignment is needed for those stakeholders across the ecosystem.

Currently, only a handful of organizations have presented guides that look at the overall impact of consumer-facing connected devices on people, the planet and for economic progress – with Consumers International’s Trust by Design Guideline for Consumer IOT being one of them.

Trust by Design provides high-level checklists to help manufacturers create trustworthy devices that can meet legal requirements – though it may not indicate how to meet all obligations. It gives manufacturers the opportunity to assess and reduce risks by understanding whether they meet, or are working towards, requirements across six areas: security, privacy, transparency, supporting vulnerable groups, customer support and complaint handling, and the environment.

This guide provides an important starting point, reflecting IoT manufacturers’ input and consumer demands. It also has the potential to be built into tools such as labels.

Most governance efforts across the public-private sector nonetheless operate in silos and are narrowly focused. They mainly focus on tackling security and privacy issues at the baseline level. There are some efforts to address repairability. The French government, for instance, is the first to require manufacturers to inform consumers about the repairability level of devices like smartphones in a transition towards a circular economy and e-waste reduction.

On the whole, however, it appears that very little progress has been made with CIoT governance, which raises an important question: Who is responsible and accountable for safeguarding the connected future?

Many coalition members argue that connected devices must be trustworthy from infancy. This requires stakeholders across the value chain (businesses, regulators and consumers) to think collectively and holistically about the widespread impact of CIoT on the world.

Businesses, for instance, can take a lead by considering 3 strategic actions to make a positive impact:

1. Create consumer-centric business models

For example, manufacturers can actively understand a variety of consumer concerns before designing connected devices and services through consumer research, focus group studies and multistakeholder engagement (including speaking to consumer advocates). Sellers can adopt best practices and standards (when selecting devices for instance) to minimize the negative impact on consumers. This can help identify new business models, increase brand loyalty and customer retention.

2. Conduct comprehensive risk assessments

This is needed for a complete understanding of the risk of connected devices on society, the environment and the economy for the entire product lifecycle (pre-market, sales and after-market). For example, vendors can understand the impact of extending product life using repairability options and security updates on customer retention and e-waste. This can help differentiate product offerings, meet ESG goals and attract new customers.

3. Build governance into business strategies

For example, manufacturers can adapt the Trust by Design Guideline, which has been developed through consumer research in collaboration with IoT manufacturers, and with input from stakeholders from over 100 countries. This can help meet legal requirements and reduce future risks and costs.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum's Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. We are an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors. We bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority.

Our community has three key priorities:

Strengthening Global Cooperation - to increase global cooperation between public and private stakeholders to foster a collective response to cybercrime and address key security challenges posed by barriers to cooperation.

Understanding Future Networks and Technology - to identify cybersecurity challenges and opportunities posed by new technologies, and accelerate forward-looking solutions.

Building Cyber Resilience - to develop and amplify scalable solutions to accelerate the adoption of best practices and increase cyber resilience.

Initiatives include building a partnership to address the global cyber enforcement gap through improving the efficiency and effectiveness of public-private collaboration in cybercrime investigations; equipping business decision makers and cybersecurity leaders with the tools necessary to govern cyber risks, protect business assets and investments from the impact of cyber-attacks; and enhancing cyber resilience across key industry sectors such as electricity, aviation and oil & gas. We also promote mission aligned initiatives championed by our partner organizations.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security which encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense, and refrain from doing harm.

For more information, please contact us.

Businesses are only a part of the solution. The adaption and scalability of CIoT requires stakeholders across the value chain to act together and take greater responsibility to create a resilient, equitable, sustainable and inclusive future for all. It is through proper governance and collaboration that we can build consumer trust.