IoT security; regulation

It was reported by Law360 today that the "Democratic co-chair for the Congressional Cybersecurity Caucus said that while public-private partnerships should facilitate, rather than mandate, safeguards for connected devices, the federal government will step in when those devices are compromised or malfunction."

The co-chair was trying to strike a balance between ensuring necessary safeguards and allowing industry the flexibility and speed to meet demands faster than laws and regulations.

Representative Jim Langevin said that internet-connected technology is fast becoming part of every aspect of modern life, from refrigerators to clothing. Langevin believes some sectors likely require a firmer regulatory hand referring specifically to medical technology, even as he noted that some industries want no regulation.

Langevin believes public private partnerships are “always more preferable” than regulation and while government doesn’t want bad things to happen, if they do, policymakers are sure to step in and “overregulate.”

Many of the discussions during the Internet of Things Global Summit held in Washington this week have centered on the "tension between mandatory safeguards and industry freedom" with some industry representatives pushing for industry-led standards, said to more "nimble than government regulations."

While it is clear that there is a need to invest in Internet of Things technology, it is equally important to balance the necessary regulation with the need for innovation. of balancing necessary regulation and fostering innovation.

Security, says Suzan DelBene, the representative for Washington and a former Microsoft executive: "Security is going to be critically important” in technology that touches every facet of modern life, and the goal should be a public informed about how that technology works.

Andrea Glorioso, a EU counsellor with the digital economy and cyber delegation to the US, said that safeguards were important in Europe as well but offered a different perspective.

Speaking during the event, Glorioso said the EU imposes data protection requirements, not to impede business, but instead out of a good faith belief that there’s no better solution.

In the face of increasing data breaches, Glorioso believes there’s a need to be proactive against future threats.

Law 360 reports that "Glorioso further noted that with real-world devices, customers can sue when something goes wrong, citing the example of a toaster exploding in someone’s face. “Why would that be any different because the toaster is connected to the internet?” Glorioso said, arguing there needs to be a conversation about device liability."

However, other industry representatives argued that the ability to operate in a nimble fashion and utilise data on how products are used allows business to improve products in real time in a way tailored to consumer needs. They argued that regulation interfered with data collection, a premise further supported by the proposed Federal Communications Commission's broadband information sharing regulation that would have required web-browsing activity to be considered sensitive data and be subject to 'onerous' protections.

Vice president of the National Retail Federation, Paul Martino said it was “natural for your public representatives” to want to deal with internet of things issues such as the threat of hacking. He warned however, that he was concerned there was be tendency to over-regulate and thereby kill innovation. He called for legislation with "balanced solutions."

Consumers can also play a key role in security, including by going with products with well-tested safeguards, according to Martino, who pointed to the importance of educating the populace.

“That’s a huge component to ensuring that we get it right,” he said.