Considerations for ethical standards in IoT

I stumbled upon an article today from a lawyer about the amount of data that Smart TVs are collecting and the consequences it may have on privacy rights. The article (link at the bottom of the post) is from Michael Price who works on a program “which seeks to ensure that our government respects human rights and fundamental freedoms in conducting the fight against terrorism” according to their own word. It points out the staggering amount of data the TV tracks. This includes your conversations, even though you may not be watching TV, face recognition, browsing behaviors, etc, etc.. He raises good points. What is the right balance between needed data to provide better service and privacy? How should we behave in the new world “monitored” world of IoT? How ethical do we want to be?

Let’s start off by saying that I am a big supporter of relevant and targeted advertising. People complain sometimes that google tracks everything to serve you ads and all. But honestly, I don’t mind. The more relevant the better. If the ads presented drive me to better choices, better buys, or an overall better experience I’m all for it. That also means that too many ads is not good. Relevance is temporal and visual as well. I’m a believer that companies using your behavioral informations, searches, history, and any other information well,  will win versus those that go rogue.

That said, I also believe that as we collectively build IoT solutions, we need to act responsibly and with high ethical standards. Responsibly because we have to realize that by adding sensors everywhere and tracking everything we are opening the door to potential hacks, security intrusions and breach in our users privacy. The law cannot do it all for us, it is our own standards and ethic that will transform the world.

When we build products in the IoT space we should always keep in mind certain guidelines:

transparencyTransparency to the users: Having a 40 pages ToS all written in legal terms is not being transparent. It’s needed to have it, but do provide a quick summary or an overview of what you are tracking and why. Example: “We do analyze what movies you are watching in order to make better recommendation of other movies you may like,. This analysis is done by complex algorithms and models, not humans. We don’t spy on what you watch!”. Of course, not everything needs to be in those summaries, but the big ticket items.

log-dataAbility to turn off individual tracking: In the article, Michael describe how you can turn the tracking features but you loose all smart features of the TV. This is not being respectful of your users. You need to allow users to turn off tracking features as granularly as possible without falling into excess. The best way to do this is to let the user know the consequences of turning each one off. Example: “You can turn off the analysis of the movies you watch, but then the recommended movies list will be based on other people’s taste and will not be relevant to you.”

broken-linksGive the ability to delete past identifiable tracking data: When you go in your favorite browser, you have the ability to erase cookies and cache data from the browser. That doesn’t remove all the data google has on you on their server but the principle is the same. Users should have the ability (should I say the right?) to ask you to remove their data. The counter argument I have heard about that is that sometime logs are aggregated, anonymized, etc. and it may not be practical to allow this. I would says that what matters is the ability to delete the link between an individual user (or household) and the data that is important. Deleting the data could be deleting any data that allows this links to happen. This way, the user’s privacy is respected but the value to the company in terms of big data analytics and ability to improve their overall business is also preserved.

Secure DataDouble down on security: Yes, you can be the most ethical business on earth and be very proud of how you handle the privacy of your users, etc.. but you can be hacked, and your users’ data may be exposed. Take security seriously. Very seriously. Do it for your users, not only for yourself.

Ethics2-150x150Make it part of your company culture: Ethics in IoT should be part of the company culture. Nurture it, make it a value for your employee, talk about it. It will pay in the long run. Trust should be your #1 value.

I would like to propose a pledge that companies could make that will say that they follow those guidelines. I hope I am not the only one to make it, IoT should be for a better world, not Robocop..

As promised here is the article I stumbled upon:


Open Source will be critical to the Internet of Things (IoT)


I am personally a fan of Open Source. The second company I was running with some good friends back in France in 2006 ( was all about it. We were playing with email servers, firewalls, file servers and everything you could think of on Open Source. We even created an appliance that was doing ISP redundancy for less than $1000 that would compete with $15K load balancers that were on the market thanks to Open Source software. Heck, most of the Internet today is run on Open Source. Apache has roughly 50% of all web servers out there, Mysql is all over the place and has 65,000 downloads a day!! Even open standards like HTTP are core to what the Internet is.

Netcraft (link here) published a study showing that Apache and Nginx make for roughly 60% of web servers out there.

But now, with the Internet of Things, it is going to need it more than ever. And here is why:

– The volumes we are talking about are unprecedented and every company out there will have a need to connect some things to other things. With that amount of companies, comes the same amount of specific use cases and needs which can lead to a more optimized customization to fulfill them.

– The diversity of standards (if any) and protocols would require a single vendor to put way too many resources to maintain them all. This is a community’s work. Lots of people need to contribute in order to be able to evolve standards, improve them, adapt them for everyone’s benefit. Cisco is saying 50 Billions devices by 2020, some say more like 20 Billions, but anyway.. it’s huge!

– Respect for privacy, security, control, scale and customization are the major benefits of Open Source and are making this a primary choice for companies. with so many connected device, being 100% sure that things are done securely, and can be fixed quickly when an issue arise is essential.

– Perennity is important.. If you are an industrial company with equipments that have a turnover of 15 or 20 years, you cannot afford to depend on a specific vendor to be there for that long. I work with many startups and they exit after a few years and most often disappear. With Open Source in hand, companies can be certain that they are in control of their destiny and will have something they can count on for years to come.

Of course Open Source has its downside in terms of skill set required and some bundles HW/SW optimization that may not exists, and this is why I am also a big fan of companies like Cloudera who propose support, training, and supporting tools to reduce complexity of management and maintenance of the underlying Open Source stack. Even large companies like HP are leveraging Open Source under their Helion umbrella (HP Helio). I find those models particularly interesting in fact as they combine the best of both worlds.

Here are some resources to look into:

The Eclipse Paho project:

A bit on MQTT:

Some message brokers:  and

What is Internet of Things (IoT) really?

Obviously the most over hyped word of the moment: IoT. The Gartner Hype Cycle 2014 shows it pretty clearly



but the more I am dealing with IoT the more I realize that this word is really a garbage bag for about everything closely related to some object that can connect to something else, somehow.. It’s so vague that everything kind of falls into this category these days.. Old 15 or 20 year old companies are now IoT companies without having changed a bit what they were actually doing. I can understand it. If there is a wave, one should try to ride it.

But let’s look at it a little closer and try to give it an accurate definition. IoT: Internet of Things. That is standing as a reflection of an Internet of People I assume. So the internet today is mostly people connecting to servers or other people via a large network of interconnected networks that is accessible to all. It relies on a set of standards (the most famous being TCP/IP, HTTP, etc) to enable open communications between people and servers.

If we translate that to “Things”, we should define the Internet of Things as a large network of interconnected networks where Things communicate with other Things. There should really be no people involved. So why is Wearables in the Internet of Things? why is a connected Oil rigs in the Internet of Things? Why is your connected car in the Internet of Things? I am really starting to think that they are not. They are just a new wave of connected and potentially smart devices but still connect to a person at some point.

Your FitBit will connect to you phone, which will send data to a server so you can review, track, compete with other people. That’s not an internet of thing, that’s a thing connected to the internet.

In an internet of things, things are the actors. A device connects to another device of server which sends something back automatically, and the device may take action based on that response. If the interaction starts to become more complex, to the point where an entire life cycle can happen between devices, then we are in the internet of things.

What could that look like. Imagine your self-driving car..

Self-driving car

It detects some high level of vibration in one of the wheel. It connects to a server that can identify the cause and likelihood of failure thanks to all the other cars that had the same issue, and roughly in the same condition of use (some predictive models would apply). The verdict is clear: that wheel will have an issue in the next 2 to 4 weeks. The server let’s your car know. The car checks your schedule and maps it to potential repair slots in a garage near your work. It books an appointment during your work hours. That day, it takes you to work, then leave to go the appointment (on it’s own!! it’s a self-driving car!). It gets the repair, and comes back to pick you up at the end of your day. Potentially the repair was made by a robot in the garage. No humans involved, maybe except for the validation of payments 😉

There we are talking about an internet of things. The car could talk to the garage, thanks to standard protocols, it could analyze issue based on other data point from other things, it could read your agenda and self drive thanks to sensors and plenty of other information given by other Things it didn’t know about that were connected and intelligently inform the car’s decisions.

I think we will truly achieve the Internet of Things, when things can autonomously interact between each other to the benefit of people. In the meantime, it’s a lot hypes, but don’t get me wrong, it has tons of value and that’s why I’m so passionate about it.

The Internet of Things Protocol stack – from sensors to business value

There is no doubt that we are entering a new era.. An era that will change the world more than the Internet did 15/20 years ago. This era is the Internet of Things, or IoT. John Chambers, the CEO of Cisco is going on a crusade to tell the world about and is driving many conversation with his potential $19T in economical impact from efficiency gains to pure economical growth. I have personally never seen a number that big, and it’s starting today.

Granted connecting objects is not something new, we have had connected machine for more than 15 years. Axeda, one of the leading solution providers in connected machine, has been in business since 2001! What has changed is that now: 1- it’s becoming cheap to connect machines to the internet. Very cheap. Hardware is affordable and even open source: Raspberry Pi announced it’s 2M unit sales in November 2013! Knowing that they compete with Arduino, Mbed and others, I am astounded by the cheer volume of supposedly “hardware enthusiasts”. This not a hobbyist game anymore, it’s everywhere. I personally played around with an Mbed and a Spark Core using Cloud based backend from Xively. It’s so easy, it amazed me and got my imagination going on a few projects.

But where is the catch? I’ll be honest: Standardization. The IoT landscape is a mess! Too many protocols, too many wannabe standards, too many revolutions. It will calm down and consolidate but for now it’s creating more mess with every new device that comes out on the market.

I’ve decided to give a try at describing that mess through a protocol stack that I’m hoping to be useful for others. My goal was not to be exhaustive in anyway, I don’t even think it’s possible. But I hope that I captured the most common protocols that people encounter on in a day in the life of an guy in IoT.

IoT protocols stack


[Note: This diagram has been updated based on comments and feedback received since Jan 29]

What I found important in this stack was to add a Business value layer, because what’s the point of connecting devices if in the end there is no business value.

Some will find similarities with the ISO stack (Link layer, Transport, Session, etc..) and there are some, but I wasn’t particularly trying to map to it. It just happens that the ISO stack is foundational to the Internet and as a consequence in the DNA of everything Internet.

Protocols you will find in there:

Connectivity layer: What kind of physical connectors you can find. RJ45 (the physical connector, usually for Ethernet), PLC, RS-232, RS-485, ModBus, USB (as a connector type, not the communication protocol), SPI, ODB2 (in Cars), and Wireless (no connector!). You will sometimes find gateways that will convert any of those physical connectors into wireless.

Link Protocol: How do those device actually send the data. Ethernet 802.3, Wifi 802.11a/b/g/n, BlueTooth, BLE, Dash 7, ZigBee, RFid, GSM, 6LoWPAN, 802.14.5e. The last two are really focused on the IoT use case. I have put ZigBee here only but I am well aware that ZigBee covers a large portion of the entire stack. To avoid too many redundancy, I had to make a decision on where it would fit best.

Transport: IPv4 and IPv6. I also added 6LoWPAN and RPL despite the fact that they are both based on Ipv6. The IPv6 has been a long time coming and was supposed to be adopted by everyone 10 years ago, but now with the projection of having 50 Billions devices connected in 2020 (according to Gartner), we have to go to IPv6! What was interesting is that I haven’t found much of anything beside the IP protocol out there which proves the dominance it has acquired through the rise of the Internet.

Session / Communication: This section is an interesting bunch with a lot of new protocols that have been build for super high volumes and large networks of things. The most famous right now is MQTT, a subscribe and publish protocol that is used by Facebook for its mobile app. You will also find CoAP (kind of a REST Based protocol but much more efficient than its HTTP counterpart), DDS, XMPP and AMQP that are all well suited for IoT and will map different use cases. One will still find older protocols like FTP, Telnet and SSH, but even though they are working very well, they are resource intensive, power intensive, and do not fit well with the low power, unreliable bandwidth of the IoT realm.

Data Aggregation / Processing: This is where it gets really interesting. When device send data, lots of data, you need an end point to do something with it. Be it processing it in real time (with Storm), but at minimum getting the data and sending it somewhere else at very large scale, which Kafka is a great example of. Other solution exists like RapidMQ, Scribe, Plume, Luxun, Fluentd (although more on the translation to JSON side)

Data Storage / Retrieval: The realm of Big Data backend and NoSQL solutions. Hadoop, HBase, MongoDB and Cassandra dominate the field. There are others, like the google AppEngine,  but I may add them later on if they start appearing more in IoT use cases.

Business Model: This is a new addition fro, the initial post. This layer is trying to capture the fact that business value and business processes always rely on an underlying business model. Open or Closed, Integrated or platform, direct sales or indirect, cloud based or on-premise (or private cloud), on-demand pricing, etc.

Business Value: I’ve split it in three. One part if around Device Management, the provisioning, registration, firmware management, remote access, but also the product and asset structure as well as Security (tremendously important, especially as we just went through the first massive Connected Devices attack just a couple of weeks ago. The second section is to highlight the birth or transformation of Service for smart devices, Marketing for owners of smart devices and the impact on manufacturing those smart devices.  Finally, the analytics piece shows how much technology could be applied to the data gathered, With machine learning algorithms, data mining, and all the insights and visualization that can be derived from it.

With such a representation of the most common protocols, the need for consolidation really becomes obvious, the IoT cannot keep going with so many protocols if the dream of having any devices talk to other devices in a fully connected world wants to come true. In any case, it’s fascinating.

Gamification: The next revolution for the enterprise

In the last year or so as I was busy building our next generation of self-service support community product in my company, the question of users reputation came up many constantly from customers. I added the necessary activity tracking to app but was shy on exposing too much in the UI because I wanted to make sure I was doing things right. I did well to wait because as I started looking more deeply into reputation management around the web and what were the market trends in the field I stumbled on a world of opportunities under the name Gamification..

Gamification is the use of Game elements and Game mechanics in none game contexts.

You will find other definitions around the web but they all refer to the same core elements:

Game elements:

Points, badges, leaderboards, levels, etc..

Game mechanics:

Challenges, quests, transactions, win-state, etc..

Non game contexts:

Health & fitness, business processes, education, etc..

Think about it for a moment. Who doesn’t like playing Games? There are many research studies that have shown the positive effect of playing games on your self: Self-satisfaction, pleasure, sense of achievement, progression, sharing, socializing.

Games like World of Warcraft have cumulated over 6 millions years of playing hours by its players.. and it’s adding 3 Billions hours a week! That cannot be just because it’s fun.. The game mechanics of this type of games, WoW, Farmville, Halo, the Sims, etc.. are extremely powerful in engaging players, pushing them to overcome unnecessary challenges and spend hours and days on them for absolutely no other reward than pleasure or status..

Gamification is all about applying the same technics to other things than Games and hopefully generate the same level of engagement and fun for the users.

Applications of Gamification are almost limitless and despite the incredible hype around the term itself, it has proven to have enormous ROI. – If done right –

There are three major areas where I see Gamification could bring tremendous value:

Onboarding experience:

This would be to help a user start a new thing: A trial of a software for example. But also helping users learn more about an existing product creating little games to learn. Onboarding can also be for new hire in a company, instead of just throwing videos and intranets at them, why not taking them through a journey full of challenges and rewards which will make the on-boarding more fun.

Application specific behavior:

In a Community product I want people to post questions, reply, vote, thank others, select best answers, share files and interesting posts, provide ideas, etc.. What kind of game like tools can I use to drive the expected behaviors? Gamification has many answers to this question.

Real life games:

Want to help your employees stay in shape? want to help save the planet from global warming? want to have employee know each other more? There are many examples of real life challenges that could be tackled through Gamification.

This is the first post of many about Gamification that I am writing but I believe it is very relevant to entrepreneurship and especially to the potential success it could bring to entrepreneurs who embrasse gamification.

I will try to go through several example for each of those three buckets so you can have some insights and ideas for your own products.

Is Google too powerful?

The other day I heard an interview on NPR about an online furniture store who got completely thrashed by Google’s recent change of algo for its ranking. If you don’t know a few months back Google decided that it would focus on site quality more and changed it’s ranking algorithm in order to push up sites that were: “nicer” from a design stand point, but also had more unique content. The result is that tons a small online shops like that guy with his furniture store got completely downgraded and lost roughly 75% of their traffic overnight. As you can imagine this probably put some people out of business and there isn’t much recourse for those little guys. So is Google too powerful? who is Google to decide the fate of all those online stores? who is Google to declare that a site is “Nicer”, isn’t beauty very subjective? Isn’t craigslist the ugliest site you can imagine but still people use it and love it?Who is Google to decide that now businesses need to have unique description for their inventory? I mean, if I am a reseller and I am part of a distribution network, my differentiator might be on price and or services but the objects I’m selling are  the same as my competitor.. why should I be impacted for that? The furniture store guy decided to rewrite everything with a bunch of writers and now has unique descriptions for his inventory, but how accurate are they? Isn’t that now a bunch of marketing BS where the original description could have been more accurate?

I got a bit worried about the situation honestly.. There is no alternative today to Google as an online store.. yes, yes.. there are Bing and Yahoo.. whatever.. There are no alternative I said! those last two do the same.. Put yourself in the shoes of a small online shop, you have very limited resources to maintain your SEO at the top of the curve. Google is changing it’s black box algo all the time, your big competitors have dozens of guys signing-up deals with other site to have links to them (they can, they have the money for it), how can you win as a small business in this environment? Wasn’t the web suppose to give a chance to everyone and not only big corporations? Google is also playing with algo that now basically only show 3 or 4 organic results on the page.. Small businesses don’t stand a chance unless they are very different, which is not a bad thing in itself but that makes it really much harder to start a business.

The point here is not to say Google is evil, because I do not believe that is the case. Google is a business and they need to make sure their users uses them. So what is the logic behind the change is that there was a increasing number of site that just bring inventory from other sites and resell. Those sites have no added value what so ever, those sites hurt legitimate businesses, those site require little or not effort to set up and real plague for legitimate businesses. If you are a user searching on Google, and land on those sites, which typically are pretty poorly designed and full of ads/pop-up and other annoying stuff, you will, as a user have a bad experience, and Google wants to avoid that. So, Google took the decision of forcing good design, which require investment and work to build, as well as unique content, which also require time and investment in order to automatically filter out those link farms automatically and boost legitimate businesses in the ranking. Of course some site are impacted, like our furniture store guy, but I believe that the overall result is better and Google probably made the right choice. So, yes, I think Google is too powerful, but I think they played a business game that is fair (not evil) and tried to just be better at what they do: providing useful and relevant search results for users.

The conclusion I would draw from this little story are the following:

  • Try to diversify your sources of traffic: Google of course, but Facebook, forums, blogs, SEM, etc.. the more diverse, the less sensitive you will be from Google’s changes. I know it’s easy to say.
  • Invest in your business: if you are serious, have a differentiated position and show it in your content. Why should people shop at your site rather than another that sells the same stuff. the message has to be clear and repeated through your site to SEO crawlers can understand why you are different.
  • Don’t be a link farm.

I think Google is really trying hard to bring results, trust your judgment, focus on your business and don’t try to fool the engines, that is not the business you are in, I don’t think that is really worth it.

Startup Analysis – Part 2: Gliider, can a Browser Plugin have a successful Business Model?

It’s time to focus on the second part of that post about Browser Plugins. I first wanted to thank people who have sent me their comments regarding the post, there are some good insights in there.

I also wanted to say that I actually met Jordan Stolper, the CEO of Gliider and I was impressed by his energy and his flexibility to make things happen for his product. It is great to see such an entrepreneur, passionate and dedicated. Congratulation on what you have achieved so far Jordan! Here is a the link again to his site: Gliider do try to the product, it’s really worth it.

Of course, as many of you have noticed, I was not necessarily criticizing Gliider in particular, but I felt it was a good example of a Firefox plugin and wanted to take it as a business model for others who are considering building some and make money from them. So let’s recap the main finding from the first part of this analysis:

– The plugin basically would need so much install on Firefox that it makes it very hard to reach a potential income level to make the company really sustainable. CTR’s would certainly be too small, and revenue sharing not high enough either.

What can they do to make this work then? I see different path:

1 – More volume through more platform: Gliider doesn’t have to be a Firefox plugin only, and from what I understood talking to Jordan, they are planning other browser’s integration. This is a good way to have a lot more volume.

2 – More applications: Gliider is dedicated to Travel. Such “temporary bookmark” could be very useful as a repository for all kinds of searches. Think job search, healtcare search, real-estate, cars, toys, electronic, anything you can search.. Think about how you do you search when you want to buy something. You go around different sites, look a comparison, gather information in bookmarks, print stuff out, show that to your spouse or friends, ask you buddies on facebook and twitter, etc.. All this search could be gathered into a “Gliider” repository in a sleeker way than anything I have talked about here. I can really view Gliider as something a lot more than Travel and Jordan knows that too.

Some ways to make money would be at first to be a referrer to amazon or similar shopping site (that’s pretty easy with their APIs) and grab commissions on the sells. This is less seasonal than Travel in general.

Another way, would be to aggregate searches around specific subjects and bring those up on a Web site accessible by everyone. Wouldn’t you love to benefit from the searches of others on particular subjects? You are looking at buying a new Google Phone, well maybe (surely) some guy would have put together through their Gliider, a whole bunch of really good content from all over the web that would fasten your own search really well.

The incentive for sharing this on a user side could be some type of Rankings as you see on every forum or reviews. Opening up those searches for comments would allow to create unique content and drive SEO value for the site.

3 – Finding some application that would extend the product for the enterprise. Why the enterprise? Well, it’s a great way to come up with version pricing with a free version for individual/private use, and a paid version for the enterprise. The Paid version would be used for inside intranet/documents found around the internal network. That requires the company to be sufficiently large of course, but there are many of those. The gathering/then sharing feature of a gliider inside a company could also improve overall efficiency (reducing costs) and obviously be a good value proposition (quantifiable).

4 – Custom version. Although I’m not very found of this solution for startups because it requires a lot of specific (custom) work for a particular implementation (that you have to maintain afterward), it is still a good way to kick start the company. If the product is interesting enough so that a particular web site would be interested to use it as a channel to promote its internal content, then Gliider could develop/skin the product to a companies need and let them use it that way. It’s a hard sell, but could have some really good potential (especially for volume). The things to be careful about in those kind of deals are (among many others): Branding, revenue sharing, who hosts what, who has SLA or not, who maintains, who reports, etc, etc.. There are a lot of points to negotiate.

5 – Building many other plugins. In point 2, I was talking about extension of Gliider into other area, but as a Startup, you could imagine building many other plugins and create as much as a market place for your products. With every new plugin comes development time, marketing effort/spending, and maintenance, so it is costly! But isn’t that what every game developers do on iPhone with a portfolio of games – hoping one of them will really make it to pay for all the others.. ;-). This is not my favorite solution, but it is a possibility to consider. You should balance the effort/potential ratio of each of those plugins and take decision accordingly.

6 – One last solution I see is really to keep iterating on it as a side project which would basically make it a very low cost solution. This is not the best either as it implies that people involved would not be focused fully on the product and that slows down things significantly.

I hope that post can help Jordan (or at least give him some things to chew on..) and hopefully will make others think about all those issues before starting a new plugin. A quick number analysis can make or break a decision and people shouldn’t be afraid of giving project a No Go if they find out that it is simply impossible to work. Solution 6 has been employed by many entrepreneurs and it does work in early stages of a company, but try to think farther down the road and look at the big picture. What can our product be when it’s fully deployed and how much money will you need to sustain it?