JD Supra: Internet of Things – What does it mean for business?

Internet of Things – What does it mean for business?

by Simon McDonald | K&L Gates LLP

What is the Internet of Things?

The 'Internet of Things' (IoT) is a catchphrase describing the increasing interconnectedness between smart devices and sensors facilitated through their connection to the internet. It's not a new concept, but the potential of IoT is now being realised through developments in smartphones, Wi-Fi, broadband, data storage, sensor development and the capacity to analyse huge volumes of data.

The consequence of this dramatic technological change will transform business and industries in a way that has not occurred since the introduction of the internet. Industries as diverse as agriculture, logistics, transport, mining, financial services, telecommunications, health and consumer products will all be affected.

Gartner forecasts that by 2020 there will be 30 billion connected devices.

The IoT will allow fridges to tell us when they are off, when our car requires a part, when crops need watering or machinery requires servicing. Our cars will tell our house when we are home so that the heating and lighting can be switched on. Already energy companies are using smart meters to collect data on household energy usage. Wearable health devices are monitoring our daily exercise routines, heartrates and calorie intake.

What does it mean for Business?

So what does this revolution mean for business? In fundamental terms businesses need to be increasingly technology literate. Companies which traditionally have not regarded themselves as "technology" companies will have to change their perception fast or risk becoming irrelevant. Disruptive players will enter markets powered by technology to change paradigms. Production efficiencies will increasingly be driven through IoT technology, market information will be provided through IoT technology and an organisation's primary interaction with their customers will be through IoT technology.

In this context what are some of the key issues businesses need to consider in relation to IoT?

Data – Who owns or has the right to use the data generated through the IoT device? Is it the individual or organisation to whom it relates, the sensor manufacturer, the service provider or the another party. What rights will organisations have to use this data to collate consumer behaviour or create customer profiles? Companies have already become so adept at analysing data and predicting behaviour that a US retailer was able to predict a girl was pregnant and send her brochures for maternity products before her father knew.

Privacy – The collection of data will potentially need to comply with a variety of legislative frameworks like the Privacy Act 1988 (Cth). If it is subject to an act like the Privacy Act, have appropriate consents been provided by the individuals to whom the personal information relates? Can an organisation use the information collected in the manner it anticipates and what protections does it need to obtain from third party service providers? Already a smart TV has been found to collect more information than necessary in recording general and often private conversations potentially in breach of privacy laws.

Security – First, where will all the huge volume of data described above be stored and how will it be secured from unscrupulous eyes? Secondly, with the increased connectivity associated with the IoT there are more opportunities for hackers to exploit. For example, could criminals use your fridge to gain access to your mobile and credit card details? Already, security researchers have demonstrated that they could hack into home networks using smart light bulbs as the access point.

Liability – As organisations become more reliant on IoT applications to monitor and manage equipment, infrastructure and even the health of people who will be responsible if that application fails? If a sensor designed to monitor drug usage fails and results in a patient dying or suffering complications should the sensor manufacturer be liable? If a piece of valuable mining equipment is damaged and off line for an extended period because a sensor or its associated application fails to report a damaged part, should the sensor or application provider be liable?

As businesses race to enter markets for IoT or to introduce IoT into their processes to achieve efficiencies, potentially not enough consideration is being given to these issues, particularly where those businesses do not have previous experience in connected products and software.

This is particularly apparent as more evidence is being published in relation to the vulnerabilities of various IoT devices to hacking with potentially serious ramifications. As more and more organisations use these devices, they need to have a better understanding of the ramifications associated with the use and deployment of the devices and how risks associated with their deployment can be mitigated. In subsequent articles we intend to delve more deeply in to the issues identified by discussing the ramifications, potential impacts and solutions.