WASHINGTON — Are we ready for the “Internet of Things”? Probably not. The phrase — coined in 1999 by researcher Kevin Ashton while working for Procter & Gamble — refers to things (cars, homes, factories, hospitals) whose performance is monitored and guided by digital networks. We already have one wildly successful example: GPS navigation that directs us to unfamiliar destinations. But countless other possibilities have excited futurists and tech companies.
Be skeptical. It’s not that technological opportunities aren’t genuine. The trouble is that they come with huge risks — risks that tend to be minimized or presumed solvable. The more activities we put on the Internet and other networks, the more vulnerable we become to hacking, cyberwarfare, software glitches and the like.
To date, these problems have been costly, inconvenient and (often) embarrassing. But they have not crippled everyday life. Greater disruptions are conceivable. Suppose the electrical grid were successfully hacked. Or urban water systems. Cybersecurity experts do not dismiss these possibilities. Cybercriminals are not the chief threat; they just steal. The chief threats are cyberterrorists and other nations; they seek to weaken our defenses and sow confusion and disorder.
All this ought to temper enthusiasm for the Internet of Things. With many innovations, you can judge their costs and benefits. Most costs are embedded in the price. If consumers and companies find the benefits not worth the price, they don’t buy. The Internet is different. The ultimate costs of the worst-case scenario are unknown and probably unknowable. They are not included in the price and would be borne by society as a whole.
Relieved of these costs, Internet companies can more easily expand. Relying on data from Cisco, The Economist magazine recently reported that the number of connected devices could grow from 15 billion now to 50 billion in 2020. A new study from the McKinsey Global Institute — the research arm of the McKinsey consulting company — estimates that worldwide benefits from the Internet of Things could total $11 trillion by 2025. (That compares with a projected global economy of $100 trillion in 2025.)
McKinsey is optimistic. Self-driving vehicles are assumed to have faster braking times than people-driven vehicles. This reduces the 5.6 million annual U.S. car accidents, resulting in lower insurance premiums. By allowing less space between vehicles, self-driving vehicles also cut congestion and travel times. Similarly, self-guided lawn mowers and vacuum cleaners are projected to decrease housework by 17 percent.
Businesses would also reap sizable savings. Factories are already adopting sensors to monitor machinery; this would increase, allowing more “predictive maintenance” based on real-time information about performance. Still, McKinsey’s overall forecasts are admittedly squishy. The study presents a range, with the higher figure in 2025 (the $11 trillion) about three times a lower-bound estimate ($3.9 trillion).
The crucial question is whether pursuing even these benefits makes sense if it exposes us to more cyberattacks. Although McKinsey barely discusses security, it concedes the larger danger. It says:
“Extending information technology (IT) systems to new devices creates many more opportunities for potential breaches, which must be managed. Furthermore, when [the Internet] is used to control physical assets, whether water treatment plants or automobiles, the consequences … could potentially cause physical harm.” Just so. If self-driving vehicles are connected to networks, what happens if the network is hijacked or goes down?
Worse, McKinsey reckons that 60 percent of the benefits of the Internet of Things depends on “interoperability” among different data systems; they must be able to communicate with each other. By penetrating one system, hackers may get access to others.
Everyone is gung-ho for “innovation,” but what if some innovations make us worse off in the long run, despite short-term benefits? Can we reconcile the demand for “progress” with the need to protect social stability? The Economist has suggested measures to improve cybersecurity: regulations requiring tech firms to patch security problems that are discovered after products are sold; laws making software companies liable for preventable breaches; more information sharing so that problems, once discovered, are widely fixed.
Perhaps proposals like these will disarm the dilemma.
Or perhaps not.
Maybe they would just clog the innovation pipeline. Or maybe we have simply made a bad bargain with the technological devil. The charms and conveniences of the Internet have seduced us. It has become so intertwined with daily life that we are, inevitably, playing an economic and technological version of Russian roulette. We keep firing the pistol and hoping there’s nothing in the chamber. It’s Internet roulette.
Robert Samuelson is a columnist for The Washington Post.