search

WebThingsIO / api

Web Thing API Specification
http://iot.mozilla.org/wot/
Other
164 stars 24 forks source link

Allow properties to indicate if they may be logged #147

Closed flatsiedatsie closed 3 years ago

flatsiedatsie commented 4 years ago

This is very speculative, and I'm not sure if this is the correct place for this, but:

I was discussing the privacy issues around IoT yesterday, and we talked about the increasing reports of smart homes unnecessarily harm relationships because members of the home started using the smart home to spy on each others behaviour. E.g. when a parents can say "you were home later than you promised" to a child, a transgression that should in my opinion be a normal part of growing up.

Basically, one person's feature may be another person's bug, and thus it would be valuable if there was greater room for devices/add-ons to manage the extent to which data may be recorded, manipulated, deleted, viewed, backuped, shared, etc. Most importantly, how these devices are set up should be something a family can discuss and settle on together. In many cases they may want/need the ability to not know everything that goes on in the home. Having the data available could be too tempting.

I would like to sell a smart lock that promises the consumer that (at least out-of-the-box) its data will be not be logged by the controller. Users can lock and unlock the door as normal (if they have the rights to do so), but if any user wants to create a log of the moments when this happens, the lock will communicate to the controller that this is not allowed. The controller would need to respect this, and so the lock would not show up in the list of devices/properties that the user can log.

Perhaps for each property it would be possible to indicate defaults for this, as well as hard limits. A lock-property could indicate:

benfrancis commented 3 years ago

A lock-property could indicate: what things users can change (set permissions for), and what things they can't.

This doesn't belong at the API level, it's an implementation detail of a particular web thing or gateway which can provide different permissions to different users based on their username/auth token. See https://github.com/WebThingsIO/gateway/issues/787

I would like to sell a smart lock that promises the consumer that (at least out-of-the-box) its data will be not be logged by the controller.

That's not possible. If the state of a device can be queried by a client then it can be logged by the client.