Let me start by saying that I think the Gateway’s stance of moving away from the cloud is really great, and I obviously think it’s one of the best open source solution for smart homes in development. If I had to choose between a cloud service and the internet connected option, I’ll take the latter any day. I think it’s noble of Mozilla to push in this direction.
I’m less convinced the CHIP standard is interested in the same shift though. Let’s be honest: this new standard wasn’t developed to improve privacy (otherwise Mozilla may have been involved earlier), it was developed to make data exchange easier. It’s goal is to get data onto the internet and into the cloud quicker. It’s goal is convenience.
That’s my main issue here: the CHIP initiative is trying to apply an IP layer that makes it easier for Zigbee/Z-wave/Bluetooth/etc devices to connect directly to the internet. It’s applying an IP layer to technologies that were so great precisely because they kept far from IP networks.
We’re learning how surveillance capitalism has run amok. Similarly to the WebThings standard, a push in the “let’s make it easier to connect things to the internet” direction just feels wrong. To me, saying Google’s new standard is “exciting” is understandable, but also a little painful.
I’d rather see initiatives that focus on making things work better as stand-alone devices, on making them “local first” and make connectedness something that upgrades their capabilities. Something that’s optional. Push for an “edge first” situation.
And yes, IP networks can be configured to be secure. But in reality, that rarely happens.
But… perhaps that’s precisely where Mozilla could help out?
For example, Mozilla could instead push for a standard that makes ‘border guards’ for WiFi devices easier to create. It could push harder to make the WebThings Gateway a wifi hotspot that insecure WiFi devices can connect to. It could then monitor and block their connections. It could limit the extent to which a hacked device could become a trojan horse that puts the home network at risk. Mozilla could develop standards that help firewall IP-based devices. It could limit calls to servers. It could make it so that these wifi devices can only connect to the internet at times when the user is actually outside the home, and requires this access. And so forth.
I know it would be inherently weird for a “web focussed” organization like Mozilla to create a solution that’s all about making the web optional, about minimising connection to the internet. And making it easier to avoid cloud services is already a great step in the right direction, so I’m already grateful for that. But to me there’s an inherent and unresolved tension between “we want to keep data local” and “we love standards that make it easier to connect devices to the internet”.
I believe Mozilla’s goal is to protect people. On the web, developing a standard can be a great way to do this. It helps avoid walled gardens and vendor lock-in. It creates transparency and consumer choice. Firefox is a great example of this.
But when it comes to smart homes, this assumption should be critically examined. Here, a standard can have the opposite effect, as smoothing the onramp for the digital highway could just result in more data leaving the home. What citizens need instead is a protective barrier. They need to have easy to use control over data flow. They need innovations that limit data flows, instead of exacerbating it.
I don’t want to come accross as dismissive to the standardisation efforts. The name “Gateway” is great because it has both meanings (barrier, onramp) in it. The tension doesn’t have to be resolved - it can be both. But I hope there will be equal enthousiasm when news about an edge-first AI for smart homes standard come along
Just my 2 cents.