The “Internet of Things” is the universe of smart devices that talk to the internet or to one another. The devices have unique identifiers and the ability to automatically transfer data over a network on their own, without human interaction.
Some examples in the home include WiFi-connected home security systems, thermostats, cameras, refrigerators, and wearable technology. Some industrial examples include smart grid utilities, patient monitoring, connected commercial vehicles, and smart buildings and factories. Cisco estimates that there are about 200 connectable things per person in the world today. By 2020, it’s estimated that 50 billion things will be connected to the internet.
Here are some interesting legal issues and challenges posed by the Internet of Things.
Device Malfunctions. Product liability law would apply when something goes wrong with a device that causes injury or damage. You can imagine scenarios where, for example, a remotely operated device might malfunction and cause water or fire damage. Or a home security device that malfunctions and leaves doors or window open, allowing intrusions or burglaries. In this kind of instance, likely any company in the product chain (manufacturer, seller, app developer, installer, monitor) could potentially have some share of liability. User error could also play a role in incidents or malfunctions.
Data Protection. Businesses and industries using data collected by the Internet of Things devices will need to manage and safeguard that data. They will need to have robust systems to protect against data breaches or misuse of data. They will need to ensure that data is only used for the original purpose consent to by the data subject (here, the end user). It may be especially challenging for companies to address consent by end users when they are using a product without a screen, for example. With applications running autonomously, end users may not even be aware of data processing that is happening.
Evolving Regulations. Governments and regulators are paying attention to the Internet of Things. The United States Federal Trade Commission is taking a serious look at what kind of regulations are needed for personal and home devices that collect and transmit user data. In 2013, the FTC took well-publicized action against a company whose webcameras were routinely hacked due to faulty software. The European Union published a report in 2013 on the results of its public consultation on the topic. It’s likely that there will end up being different regulations in different countries over the Internet of Things.