A world where everything intelligently connects via mobile networks is no longer something in the distant future; it is already here, increasingly influencing almost every facet of industry and the way we manage our lives. As with any significant evolution of telecoms and technology, come the inevitable questions about the adequacy of the legislation and regulatory principles governing the IoT ecosystem. To thrive and reach its revolutionary potential does IoT require more law and regulation or less?
Given that the IoT industry is one that analysts predict is going to be in its trillions in the next 5 to 10 years, it may be surprising to learn that there is no dedicated legislation to the Internet of Things. In the absence of specific legislation IoT is governed horizontally, by legislation governing telecoms (the legal terminology refers to “electronic communications”), data privacy & security, intellectual property, safety and environmental and competition. This is not to say that it has escaped the attention of lawmakers and regulators; quite the contrary. The IoT legal landscape has been – and continues to be – an important area of focus for many influential industry regulatory bodies. The OECD, the European Commission, the Federal Trade Commission, the GSMA just to name just a few have all identified a number of bottlenecks and challenges that need to be addressed. There is little doubt that legislation and regulation to support and facilitate IoT will happen. It is just a question of the shape and form that this takes; whether it be by way of principles designed to enable the IoT ecosystem to continue to innovate and evolve (spectrum policy being an obvious example) or whether we will be seeing the equivalent of an “Internet of Things Act”.
I think the former more likely and I will share with you why: The legal issues that arise from IoT are by and large not new issues. They are issues we lawyers have dealt with for over a decade i.e. use of telecoms spectrum, data privacy, liability, security, standardisation, patent protection. There is pretty robust and much debated legislation already in place that addresses many of these and such legislation is under scrutiny and evolving all of the time. The real issue stems from the fact that by its very nature IoT blurs the distinction between what is private and what is public; hence the opportunity for data misuse is greater; the risk of security hacking higher, the liability position more complex given that an IoT value chain can involve five or more vendors. Hence enterprise users, customers, providers, mobile network operators and all the other potential parties in the IoT value chain have to pay far greater consideration to the legal environment; to leverage this to their advantage and build this into their business plans, their risk profiles & their consumer communications.
Alongside this is the fact that the majority of IoT and machine to machine communications are based on a finite and valuable resource: spectrum. Whilst fixed networks can sometimes be used the real strain comes on the mobile telecommunication networks. Even though IoT applications are not data consumption heavy the “always on” nature multiplied by the cumulative effect of the increasing number of devices that are predicted to be out there, means that better and more efficient use of spectrum is a necessity. White spaces, small cells, WiFi all become more important telecoms technologies, as is the deployment of the next generation of networks. Indeed in its 2014 Spectrum Strategy Statement the UK Government specifically acknowledged it had an important role to ensure that spectrum is available to stimulate innovation and growth, citing the social and economic benefits of IoT and M2M as a key driver behind this statement.
IoT is also a key influencer in the legislative proposals that are going through the European Parliamentary process at the moment for a single telecoms market. Given that the demands of many M2M users and customers are multi-regional or global in nature the European fragmentation of differing legal and regulatory environments governing telecom networks is one that can hinder deployment and adoption of IoT. The new framework, dubbed the Connected Continent package, is intended to address this fragmentation, its aim to create a true single market, making it easier to operate across Europe’s borders. The implementation of the new legislation could come as soon as the end of this year.
Where does this leave those in the IoT ecosystem: Just as IoT is as much about transforming existing products and services and unlocking additional revenue streams as it is about creating entirely new ones, regulators and lawmakers are thinking on the same lines: they are considering, using, adapting and transforming what is already there. But keep an eye out: It may not be new piece of law but many of these transformative changes are literally around the corner.
As originally published in 'Internet of things: changing how we live' published by Raconteur Media on 17 July 2014 in The Times.