Mar 292016
 
nest-iot-aquired-by-google-protect-black-pathlight

One of the truisms of modern business is we live in an API economy where open Application Programming Interfaces allow software companies to connect their platforms that builds an ecosystem of developers and extends the functionality of their products.

But what happens when an API shuts down or a company starts applying the web2.0 principles of draconian legal terms and conditions to its data feeds? Pinboard, “the social bookmarking application for introverts” is illustrating how serious legalese can be for developers.

Maciej Cegowski, Pinboard’s founder, decided the terms and conditions imposed by popular automation site If That Then This (IFTTT) were too demanding and pulled his service from the platform.

In a blog post he lays out exactly why, citing IFTTT’s demands for rights over his service along with the option of  the plaftorm being able to assign those rights to third parties.

For developers, IFTTT’s terms are almost impossible as the platform strips them of their intellectual property rights and restrains their trade. It’s a classic case of legal over-reach which is all too common in the control obsessed tech industry.

As we’re seeing software vendors releasing platforms to manage IoT devices through APIs and cloud services making their plethora of APIs a selling point, access to these becomes a serious matter for the software industry.

There is a worrying aspect for users in this as well, as those relying on Pinboard services driven through IFTTT are now effectively stranded and have to look for another site that provides similar functions.

While Pinboard is quite small, a larger service shutting down its APSs could have dramatic effects. This is even truer with Internet of Things devices that could use a service like IFTTT to run key functions.

Designing devices and services to cater for the possibility an API or web service may become unavailable needs to be priority for IoT vendors while for developers and users, the risk a service may stop is something that should never be far from their minds and factored into the business and purchasing decisions they make.

Feb 082016
 
Amazon-dash-one-button-shopping-iot

Who is responsible for the effect of renegade computer programs is going to become a serious legal topic as an increasing number of things become ‘intelligent” and connected to the internet.

Britain’s Financial Conduct Authority (FCA) is one of the first regulators to start looking at how companies’ algorithms. In their just released rules for wholesale traders, the FCA sets out the responsibilities for companies and their managers.

“We are determined to embed a culture of personal responsibility within the banking sector,” says the FCA’s Acting Chief Executive Tracey McDermott. “Clear individual accountability should focus minds, drive up standards, and make firms easier to run and to supervise. And if things go wrong, it will allow senior managers to be held to account for misconduct that falls within their area of responsibility.”

The definition of ‘misconduct’ when an algorithm goes awry will undoubtedly prove contentious, as will the idea of ‘personal responsibility’ in the banking sector.

While it’s too tempting to be dismissive of such move in the financial services industry, the FCA’s regulations are a pointer of what most industries are going to face over the next ten years as the more devices make decisions for themselves or communicate with other equipment over the Internet of Things.

In many areas the question of who is responsible for a rogue computer program will be left to the uncertainties of the legal system with no doubt many surprises, injustices, inconsistencies and unintended consequences so the earlier regulators develop a framework for dealing with mishaps the better.

Should the IoT start delivering on its promise of a connected world a poorly designed algorithm in even what should be relatively trivial devices or services may have the potential to cause massive disruption and damage. It’s hard not to imagine many other regulators in other industries are looking at how to attribute responsibilities, if not minimise risk, in a smart connected world.

Jan 192016
 
censorship on the internet and social media

The Libertarian dream of a free trade zone out of reach of authorities on the Dark Web has come to an end reports Wired.

Ironically it’s not the authorities that have discredited these sites but the untrustworthiness of the various contraband services’ operators that have doomed these illicit marketplaces.

While there’s still potential for these dark web markets to evolve into something more robust their current failure shows that radically changing existing institutions and systems is rarely happens quickly and without cost, as those with stolen Bitcoins are learning.

Jun 302015
 
sense-t-tasmania-iot

What happens when an internet connected device fails?

In The Australian today I have a piece discussing the legal risk of the IoT.

Lawyers warn that manufacturers, distributors and installers all face the possibility of damages should their devices malfunction or not perform as advertised.

This risk is compounded by the data analysis with Michael Stojanovic of international law firm Bird & Bird citing the example of a gas monitoring device accurately detecting and reporting a surge but a company being liable because they didn’t warn their customer something was amiss.

Equally there’s a risk with misreported or lost data. This in itself is presents a problem as many of the software vendors currently looking at supplying the IoT have a ‘best effort’ mentality where they don’t accept responsibility for service interruptions.

While that attitude may have stood up before courts over the last twenty years, it’s unlikely to get much sympathy from judges and juries when critical systems are affected.

Like everything else in life, the lawyers are coming for the IoT.

Apr 042015
 
The law applies online to social media and other web services

Automakers Say You Don’t Really Own Your Car states the Electronic Frontiers Foundation.

In their campaign to amend the US Digital Millenium Copyright Act to give vehicle owners the right to access and modify their automobiles’ software the EFF raises an important point.

Should the software licensing model be applied to these devices then purchasers don’t really own them but rather have a license to use them until the vendor deems overwise.

Cars, of course, are not the only devices where this problem arises. The core of the entire Internet of Things lies in the software running intelligent equipment, not the hardware. If that software is proprietary and closed then no purchaser of a smart device truly owns it.

Locking down the smarthome

This raises problems in smarthomes, offices and businesses where the devices people come to depend upon are ‘black boxes’ that they aren’t allowed to peer into. It’s not hard to see how in industrial or agricultural applications that arrangement will often be at best unworkable.

Four years ago tech industry leader Marc Andreessen pointed out how software is eating the world; that most of the value in an information rich economy lies in the computer programs that processes the data, not the hardware which collects and distributes it.

That shift was flagged decades ago when the initial fights over software patents occurred in the 1980s and 90s and today we’re facing the consequences of poorly thought out laws, court decisions and patent approvals that now challenge the concepts of ownership as we know it.

Is ownership outdated?

However it may well be that ‘ownership’ itself is an outdated concept. We could be entering a period where most of our possessions are leased rather than owned.

If we are in a period where ownership is an antiquated concept then does it matter that our cars, fitness bands, kettles, smoke alarms and phones are in effect owned by a corporation incorporated in Delaware that pays most of its tax in the Dutch Antilles?

Who owns the smartcar’s data?

The next question of course is if the software in our smart devices is secret and untouchable then who owns the data they generate?

Ownership of a smartcar’s data could well be the biggest issue of all in the internet of things and the collection of Big Data. That promises to be a substantial battle.

In the meantime, it may not be a good idea to tinker too much with your car’s software or the data it generates.

Mar 262015
 
Big data takes our online, shopping and social media use it is the business challenge for our time

This morning I’m speaking on ABC Radio’s Overnights about the risks of the Australian government’s law to force telecommunications companies to retain users’ metadata for two years.

While the act, currently before the Senate having passed the House of Representatives last week after the poorly named ‘opposition’ Labor Party supported it, mandates that telcos and ISPs will have to retain the details of users’ connection times, places and type of device for two years and that government agencies will be able to access this data without a warrant.

The program was broadcast on 26 March 2015 at 4.15am Eastern Time with Trevor Chappell and is can be listened to on the ABC radio website.

Some resources on the data retention bill follow;

Mar 252015
 
The law applies online to social media and other web services

Last March the Australian internet industry celebrated twenty years of commercial operations with the Rewind/Fast Forward conference that looked at the evolution of the online economy down under and its future.

Naturally the Internet of Things was an important part of the discussion looking at the internet’s future and one of the panels examined the effects of the IoT on industry and society.

During the session chairman of the Communications Alliance industry association, John Stanton, raised an important point about how the IoT creates problems for existing laws and the regulators as a wave of connected devices are released onto the market place.

The risks are varied, and Stanton’s list isn’t exhaustive with a few other aspects such as liability not explored while some of the issues he raises are a problem for other internet based services like cloud computing and social media.

Roaming rules

Having fought many regulatory battles over roaming charges and access between networks, it’s not surprising Stanton and the Communications Alliance would raise this as an issue.

Dealing with roaming devices will probably be a big challenge for mobile Machine to Machine (M2M) technologies, particularly in the logistics, airline and travel industries. We can expect some bitter billing battles between clients and their providers before regulators start to step in.

Number schemes

Again this is more an issue for mobile M2M consumers. Currently every SIM card has its own phone number once the service is activated.  It may be that regulators have to revise their numbering schemes or allow providers to use alternative addressing methods to contact devices.

Data sovereignty

Where data lives is going to continue to be a vexed issue for cloud computing consumers, particularly given the varied laws between nations.

Short of an international treaty, it’s difficult to see how this problem is going to be resolved beyond companies learning to manage the risks.

Identity management

Data integrity is essential for the IoT and accurately determining the identity of individuals and devices is going to be a challenge for those designing systems.

Over time we can expect to see some elegant and clever solutions to identity management in the IoT however masquerading as a legitimate device will always be a way malicious actors will try to hack systems.

Privacy

For domestic users, the privacy of what remains in data stores is going to be a major concern as domestic devices and wearables gather greater amounts of personal information. We can expect laws to be tightened on the duties and obligations of those collecting the data.

Access Security

Who can do what with a networked device is another problem, should a malicious player or a defective component get onto the system, the damage they can do needs to be minimised. What constitutes unlawful access to a computer network and the penalties needs to be carefully thought out.

Spectrum allocation and cost

Governments around the world have been reaping the rewards of selling licenses to network operators. As the need for reliable but low data usage IoT networks grows, the economics of many of the existing licenses changes which could present challenges for both the operators and governments.

Access to low cost and low data access networks

Following on from the economics of M2M networks, the question of mandating slicing of scarce spectrum for IoT applications or reserving some frequencies becomes a question. How such licenses are granted will cause much friction and many headaches between regulators and operators.

Commercial value of information

How much data is worth will always be a problem in an economy where information is power and money. This though may turn out to be more subtle as information is only valuable in the eyes of the beholder.

Where information becomes particularly valuable is in financial markets and highly competitive sectors so we can see the IoT becoming part of insider trading and unfair competition actions. These will, by definition, be complex.

Like any new set of technologies the internet of things raises a whole new range of legal issues as society adapts to new ways of doing business and communicating. What we’re going to see is a period of experimentation with laws as we try to figure out how the IoT fits into society.