The Internet of Things (IoT) is a phenomenon that is not going away anytime soon. By 2020, it’s estimated that there will be a total of 50 billion connected devices worldwide says William D King. At this point, IoT devices can range from traditional items such as refrigerators and cars to wearable fitness trackers, smart watches, cameras and home assistants like Alexa or Google Home. With an ever-expanding list of industry verticals adopting the IoT model in some capacity, more and more everyday items are being connected to the internet. It’s important for us to understand how these interconnections between new technologies will play out on a legal level while forming our best strategy for managing data privacy risks while preserving the benefits of this technology.
International Legal System in Cyberspace:
- When we think of privacy in the IoT context, it’s important to understand that IoT devices collect and store data about our daily lives. This information is valuable for organizations like retailers, marketing agencies and healthcare providers who can use it to influence their customers’ behaviors and deliver highly personalized advertising and services. It has been reporting that there are over 8 billion data-collecting beacons scatter throughout retail locations. In the United States alone and 60% of Americans have agreed or would agree to share their personal information in exchange for discounts. With so much value being generated from the aggregation and analysis of individuals’ most intimate details, questions arise regarding what rights we have as consumers to keep these items secure from hackers, marketers and nosey neighbors alike.
- Despite the incredible promise of IoT, there are also significant risks. The rapid expansion of this technology has led to an increase in the number of security breaches compromising both business data and personal information. The exposed financial loss after just one cyber attack on a major company can be enormous, but it pales in comparison to the long-term damage that can be if criminals are able to their hands on enough sensitive information about you or your loving ones. For example, imagine what would happen if hackers were able to gain access to your family’s entire medical records store on a fitness wearable? If they were able to compromise credit card details stored on another device, how much damage could they cause?
- One challenge facing legislators is attempting to establish a set of standards and best practices for IoT devices. That account for both the risks and benefits. In an ideal world, a common framework would creating on a global scale. To standardize security protocols across all manufacturers while keeping costs as low as possible explains William D King. Unfortunately, developing an international agreement that is fair. To every country’s unique political climate seems almost impossible at this point in time. In the absence of a universal legal framework, countries are taking it upon themselves. To enact legislation relevant to their own jurisdictions.
- Some examples of national-level laws being pass around the world include. The UK Data Protection Act which requires fair processing of data subjects’ personal information and restricts the export of such data outside EU member states; Brazil’s new Internet bill which bans companies from using IoT data for marketing purposes without the consumer’s express consent; and France’s two new laws which intend to increase transparency by requiring companies. To disclose what types of data they collect and allowing users to opt out of certain privacy practices.
- While these policies are all steps in the right direction. It should be note that national-level legislation is often vague, inconsistent and difficult to enforce. This means that while some countries may have stricter rules regarding privacy than others. Enforcement will vary depending on where you live. For example, it can be incredibly difficult to prove that any information was use. In a way that goes directly against the initial agreement with the manufacturer. Because there is no governing body ensuring compliance. Because each country seems determined to create their own IoT framework for the future. It will be impossible to achieve consistent global standards if there is resistance from local governments.
The IoT presents a tremendous opportunity for consumers. Manufacturers and marketers alike to benefit from the exchange of information says William D King. However, many businesses are unaware that they are require by law. To be transparent about how they use information collected from their users. There should also be establish, standardized security protocols. That every manufacturer is require to follow in order to protect the privacy of consumers. Unfortunately, this would require an international effort which seems unlikely at this point in time.