The document introduces the Trustable Technology Mark, a trustmark for connected devices and IoT products. It aims to provide consumers with information to make informed decisions about connected products and enable companies to prove their products are trustworthy. The trustmark evaluates products on dimensions like privacy, transparency, security, stability and openness. Companies can apply by completing a self-assessment, which is then reviewed by experts. The goal is to establish best practices and raise standards in the IoT industry. Applications are now open to the public on the trustabletech.org website.
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
A Trustmark for IoT: Empowering Consumers and Enabling Trust
1. Trustable Technology Mark
A Trustmark for the Internet of Things
6 December 2018
ThingsCon Rotterdam
Soft Launch Day
Peter Bihr (@peterbihr)
This work is created as part of a
Mozilla Fellowship. Unless otherwise
noted, Creative Commons BY-SA 4.0.
trustabletech.org is an
initiative by ThingsCon e.V.
with support from Mozilla.
2. ThingsCon explores and promotes the
development of fair, responsible, and human-
centric technologies for IoT and beyond.
We create events, resources, and tools for a
diverse community of practitioners to
promote ethical, responsible and human-
centric practices.
A Trustmark for
IoT: A ThingsCon
Initiative
With support from Mozilla through
a Mozilla Fellowship for project
lead Peter Bihr
3. The Internet of Things increasingly touches
all aspects of our lives, but mostly it consists
of black boxes. We need to make sure that
we can trust them.
Consumers have little insight into how any
one connected product works, what it even
might be capable of, or if the company
employs good, responsible data practices.
This is not an oversight on the consumers'
side: We lack the tools to find out.
Why do we need
a trustmark?
Image: Pixabay CC0
4. 4 questions that we should be able to answer
for every connected device.
But for connected products, these are very
hard questions to answer.
A simple
litmus test
Source: The Waving Cat (CC BY)
Does it do anything I
wouldn’t expect?
Is the organization
trustworthy?
Is it made using
trustworthy processes?
Does it do what I expect
it to do?
5. The Trustable Technology Mark
empowers consumers to make
informed decisions &
enables companies to prove their
connected products are trustworthy.
8. Peter Bihr
ThingsCon
Mozilla Fellow
Project lead
thingscon.com
thewavingcat.com
@peterbihr
Jason Schultz
NYU Law
Mozilla Fellow
Legal
theendofownership.com
its.law.nyu.edu
@lawgeek
Peter Thomas
University of Dundee
Logo & Brand
tompigeon.com
dundee.ac.uk/djcad
ThingsCon Community
ThingsCon is a global initiative to
explore and promote the
development of fair, responsible,
and human-centric technologies for
IoT and beyond.
thingscon.org
@thingscon
9. The trustmark is aspirational and aims to
raise the bar at the top of the pyramid.
This work is driven by values. This needs to
exist in order to get to a better IoT, and a
better society.
We believe that good ethics are good for
business.
Our Goal
A trustmark to aim higher. -
find out more on medium.com
Trustable Tech Mark
Baseline certification
Great
Good
Bad
10. Those companies who already build
trustworthy products have already done the
“hard” work. For them, documenting their
work is easy and quick.
However, if a company just isn’t there yet,
they need to go back and put in more effort.
Characteristics
Peter Bihr (CC-BY-SA) Hard to earn
Valuable/Meaningful
Easy to apply
The trustmark
should be
11. How does it
work?
Self-
assessment
Company fills in the self-
assessment tool, an online
application form that
consists of yes/no questions
plus explanations.
Should the company find it
hard to answer questions,
they have identified a
weakness.
Application
review
Trustmark
issued
If the application passes, the
results are fully published
online.
If contested questions
cannot be resolved, the
trustmark is not issued and
the results will not be
published.
1 2 3
There’s always a human in
the loop.
Our experts review the
application. If necessary,
they follow up for
clarification.
The carrot is public proof
that a product is best-in-
class: a market incentive.
The stick is in the public
accountability once the
company decides to use
the trustmark and the
self-assessment results
are published in full.
12. The trustmark evaluates products for 5
dimensions that we identified as most crucial
for consumers
Dimensions
*See A Trustmark for IoT (2017), p. 56
Privacy & Data Practices
How respectful of privacy? Is it designed using state of the art data
practices?
Transparency
Is it obvious to users what the device does and how data might be used?
Security
Is it designed and built using state of the art security practices and
safeguards?
Stability
How robust? How long a lifecycle to expect?
Openness
How open are device and manufacturer? Is open data used or generated?
13. Security, Transparency, Privacy & Data
Practices, Stability are required conditions of
trustworthiness. We treat Openness as a
strong indicator of trustworthiness.
Building blocks of
trust
See Trustable Tech Mark “Theory of
Trust” https://www.thingscon.com/
blog/2018/9/4/trustable-tech-mark-
our-theory-of-trust
14. Self-assessment
tool
Trustmark
readiness
Trustmark
• Doubles to assess
readiness and to verify
compliance
• Our experts review
applications and follow
up for clarification if
necessary
• 3rd party advisory
services like security
consultancy
• Non-public / between
companies and their
advisors
• Once passed, the
trustmark can be used
and the evaluation is
published
• Underlying
assessment (results of
self-evaluation tool) is
available online
3rd party
services
• Open licensing of the
self-assessments
enable 3rd party
services (analysis,
rankings, etc.)
Out of scope
(3rd parties)
In scope
(project core)
Out of scope
(3rd parties)
Elements of a
trustmark system
15. The trustmark documentation is provided in a
standardized form to allow for third parties to
offer services on top of this foundation, like
editorials, ratings or reviews.
We also work with our academic partners to
inspire further research into trust, technology,
and policy.
The foundation of
an ecosystem
16. We’re proud that a wide range of academic,
policy and design practice partners support
the Trustable Technology Mark and use it as
part of their research and practice.
Launch partners
Find out more
trustabletech.org/partners
17. Find out more
opendott.org
OpenDoTT: In collaboration with University of Dundee,
Mozilla, and a host of other partners we are part of an EU-
funded PhD program - including a PhD specifically around the
Trustmark.
18. Why should a
company sign up?
Fairphone
Image by Fairphone, CC (BY-SA 2.0)
This trustmark communicates a
company’s commitment to a higher
standard, and allows them to prove their
connected products are trustworthy.
The trustmark increases consumer trust
by demonstrating commitment to
exemplary levels of transparency,
openness and responsibility.
The trustmark will attract talent: We
believe that only the best companies
attract the best talent, and strong vision
& values are a key aspect.
In short: It provides a USP to demonstrate
that your product is best-in-class.
19. Until today, we invited these companies as
a proof of concept for the Trustmark as
they represent particularly interesting and
challenging categories of products.
As of 6 Dec 2018, applications are open to
the public at trustabletech.org/apply
Who uses the
Trustmark today?
Find out more
trustabletech.org/products
Snips AI is a 100% on-device
and private-by-design Voice
AI platform which can be
embedded in any device.
Animated VaiKai dolls are
inspired by the natural way
children use their toys.
21. This is a project in an early stage. We’re
looking for partners in a number of areas.
Particularly we’re looking for…
Pathways to
partnerships &
participation
Academic partners to accompany the
development of this Trustmark
Commercial partners to apply with
their products to earn the Trustmark
Design studio partners to use the
Trustmark to guide their work
Non-profit and media partners who
can help us understand what they
need in order to build third-party
offerings on top of a trustmark