As the recent Jeep hacking incident vividly demonstrates, the risks inherent in connecting things to the internet continue to grow and the impacts of those breaches are growing more serious. If we assume that everything can and will eventually be hacked, what are the ethics of building connected devices?
Can users, incapable of understanding the complexities of the technology they use, be responsible for their own actions that increase risk of a breach?
Is it ethical to build and deploy connected devices in high stakes industries such as health care and public infrastructure?
What is our responsibility for making our customers aware that the products they purchase will eventually be breached and the information they collect stolen?
Is a homebuilder including connected devices in the homes she builds responsible for informing a home buyer of the risks?
Is a paramedic at an accident scene required to obtain my consent before attempting to treat or transport me if he is using connected devices?
Is a marketer deploying beacons in a retail location required to tell customers that their data will be stolen?
If our assumption is that everything will be hacked, should our security strategy shift from trying to protect everything to minimizing the impact of the breach that will inevitably occur?