Refrigerators that tell you you’re out of milk, cars that warn of an imminent collision, implants that know if you’ve taken your medicine—by tying almost anything into a wireless network, the “Internet of Things” promises to transform several industries. Yet in the eyes of regulators and lawmakers, the IoT presents new risks ranging from privacy and security breaches to catastrophic system failures.
Regulators in the U.S. and EU are particularly concerned that IoT devices could collect and disseminate personal information without users’ consent—an issue they’re already worried about when it comes to mobile phone apps, says Alistair Maughan, a London partner and co-chair of the Technology Transactions Group at Morrison & Foerster. Both the IoT itself and any potential regulatory frameworks are in their infancy. But tech companies may want to get ahead of the issue by monitoring public statements by regulators on the IoT, including speeches by FTC commissioners and the EU’s Commission’s 2013 report on the IoT. “To future-proof your design, you’ll want to consider legal and regulatory ramifications very early in the process,” Maughan says. “And you may want to focus on approaches that will work in the maximum number of jurisdictions possible.”