The Open Internet of Things Certification Mark is a global community-led effort to develop a consumer-facing certification mark for connected products, ie physical products (consumer or industrial) that take advantage of any communications technologies to function.
This may mean taking advantage of a recent wave of standards & compliance instruments to put them under the same umbrella to work towards the good of consumers and not just industry.
Definitions & assumptions
- Connected products have a physical product, whether it is aimed at consumers or industry.
- Connected products have digital information or ‘data’ as a driving mechanism or a by-product.
- Connected products are created by an identifiable company or group of people who are responsible for its creation, manufacturing, distribution.
- There are both customers who have paid for a product and consumers of connected products who derive benefit from a product someone else has purchased.
Why does it exist?
We would like to challenge the current and upcoming (GDPR) interpretations of consumer rights in the unregulated space of connected products (or internet of things). We consider the current technical standards that address this space too narrow in their focus and not aiming at the protection of consumers.
Currently, many connected products are badly designed or their creation, manufacturing and distribution badly managed. This is has consequences for consumers on different levels:
- Customers are at risk because of security flaws at a hardware or software level.
- Customers are at risk because of aggressive, often surreptitious, data-driven business models that have the ability to supercede and block access to a physical functionality.
- Customers are given limited choices in buying connected products as most will currently suffer from:
- short-lived production runs or limited duration service provision
- high fail-rate of products
- little customer service provided
- limited repairability and as a consequence lead to an increase in e-waste.
We believe these problems are not insurmountable by making different and more ethical design choices we would like to encourage in industry.
As a general set of principles we would like to support more ethical design and manufacturing practices that take into account both the customer’s experience of the product and the data they contribute to.
The principles outlined in the certification mark will address issues that relate to:
- Data security
- Customer and consumer privacy
- Data governance
- Hardware & software security
- Accountability in the supply chain
There are no natural market or regulatory dynamics (outside of the upcoming GDPR, which addresses a limited set of these issues) currently addressing a larger set of these issues.
We do not think we will be able to interest every type of connected product company in applying for use of the mark, but we believe it is the right approach for future connected products in general.
- To offer industry an instrument to support and encourage more ethical data, product, service & manufacturing practices.
- To provide a mechanism for industry to champion their commitment to consumer and data protection rights in connected products.
- To enable consumers and customers to make metter purchasing decisions & help improve consumer literacy in understanding the constraints, opportunities and consequences of their use of IoT products.
- Using best practices in software, hardware & product design (cradle to cradle, design for disassembly, open source, etc.), to have a more lateral approach than current industry technology standards.
This is a non-profit project based in the UK and every little helps!