Author(s)
Source
North Carolina Journal of Law & Technology, Vol. 17, Issue 4, pp. 581-598, May 2016
Summary
Everything from stuffed animal to toilets is now being connected to the Internet of Things (IoT). Connecting everyday objects to the Internet could be harmful. The objects or data collected by the objects could be hacked, and the software is subject to glitches.
Policy Relevance
Lawmakers should require the software for items linked to the IoT be reasonably secure. More specific regulatory standards might be needed.
Main Points
- Dolls, clothing, appliances, and many other items are now connected to the IoT; we should think carefully about whether any object we purchase really needs to be connected to the Internet.
- Most software has a lifetime of only about 2 years, during which time its creator will patch and service it, but objects like toys and coffeepots could last much longer, leaving the consumer with defective objects open to hackers.
- Security flaws have been discovered in IoT doorbells, Barbies, vehicles, refrigerators, and child trackers, making them susceptible to hackers.
- Government hopes to take advantage of opportunities created by the IoT to increase surveillance, monitoring, and tracking.
- Digital Rights Management (DRM) technology can cause security problems, and policymakers should adopt rules that minimize the risk of security researchers who identify DRM bugs.
- The law could require items linked to the IoT use reasonable data security practices; this is not a perfect solution, but it is flexible.
- Firms should be liable for poor data security practices.
- Regulators could adopt more specific regulations such as lifecycle timetables.
- Firms that develop items for the IoT should include an “off” switch so that consumers can disconnect the item from the networks if problems arise.