As previously mentioned, I attended this week the Web Summit in Dublin focusing in particular to the section dedicated to the Internet of Things (IoT) from which I was able to gain very interesting insights on legal issues affecting the Internet of Things.
And here is my top 5 chart of the most relevant legal topics of the Internet of Things covered during the summit:
1. Interoperability and interaction of Internet of Things devices
The main issue at the moment seems to be that a number of manufacturers are producing “vertical” Internet of Things products that do not communicate/interface with devices of other manufactures as opposed to “horizontal” open source products which are able to work together with devices from different suppliers. At the moment suppliers prefer to push users to stay with their brand or with products affiliated to their brand in order to increase their market position, but the issue is what will happen in the future and whether such strategy might affect the growth of the Internet of Things.
I have already covered in this post the legal issues that might arise in relation to the potential interoperability of IoT devices and the question is whether it will be either up to regulator or courts to force interoperability or it will arise as an evolution of the market conditions.
2. Is there a right of privacy?
In the light of the recent cybercrimes affecting very large cloud databases, an interesting question discussed was whether users should hold a right of privacy in a “digital context” where the amount of information collected about individuals and their interaction with the environment around them will exponentially increase.
The impression is that while privacy in Europe is seen as a fundamental right to be fully informed and made aware of how someone’s information is collected and processed, the same right is interpreted in the US as a right to ensure the safety of someone’s data against cybercrimes. And indeed a frequent quote was that
technology companies operate in a business of trust
with the consequence that they will lose their customers if the latter don’t feel safe with them due to a data loss. Also privacy is seen as a “tradeoff issue” i.e. if someone wants to receive relevant services shall “sacrifice” his privacy.
3. Drones as data gathers
There was a very interesting presentation on how drones might be commercially used for the delivery of for instance drugs in areas that cannot be otherwise reached, to monitor the status of agricultural fields and, in the long term, for the home delivery of items.
They represent an amazing opportunity, but might also raise some legal issues in relation to
- the potential breach of individuals’ privacy through pictures taken by drones and an interesting precedent is given by the € 1 million fine issued by the Italian data protection authority against Google for images taken by their Street View cars and
- the safety and security of drones in case of accidents due to their malfunctioning and the potential approvals and licenses necessary before they can be actually used with the peculiarity that dislike other vehicles drones cannot be merely stopped since they fly in the air.
4. Smart city and smart home devices might make us more efficient
In a period of financial downturn, our cities might find a massive ally in smart city technologies able through sensors to for instance reduce the level of traffic notifying users whether there are parking spaces, optimize the collection of garbage detecting whether the bins are full or cut the cost of public lighting systems detecting cars and learning on data previously collected on how to efficiently use public lights. But the same works for our homes where smart home sensors might collect occupancy data in a building and reduce the energy costs of the heating system.
All the above means that a number of data around us will be collected without individuals even be aware of them. And the issue is whether and when such data is “personal data” for the purposes of data protection regulations and when on the contrary they merely are anonymous data.
5. People need to know what happens to their data
As mentioned above Internet of Things technologies will collect a very large amount of personal data about their users which might raise concerns as to the misuse of such data. For instance if my insurance company collects personal data about me through the black box in my car in order to adjust the price of my car insurance policy, the issue is whether the same insurance company without informing me will use that data to set the parameters of my life insurance as well.
Transparency will represent a major hurdle for Internet of Things technologies since people might feel to be even more spied through such devices and be reluctant to use them. However, regulators should identify ways in which privacy information notices and informed consents are given in a transparent but also business oriented manner. And therefore it is recommendable that some privacy regulators will review the position taken by the European privacy advisory body.