It would seem that the limits to the connected world are endless. As the Internet of Things (IoT) opens up opportunities for connected buildings, homes, cars, people, processes and devices, businesses are moving swiftly to deliver new products and services.
Yet as the IoT gathers pace, the legalities that accompany connected technology run the risk of going unnoticed. To avoid future complications, businesses must start to consider the legal issues now.
The IoT offers a significant opportunity to businesses in that it generates a vast amount of customer data that was previously inaccessible. Through embracing connectivity, companies are now able to gain insight into consumer behavioural patterns which provide valuable intelligence for delivering targeted marketing and advertising campaigns.
Yet while the collection of this data has the potential to transform customer engagement strategies, it puts companies that have never previously had to deal with customer data in an unfamiliar position.
It is essential that businesses recognise and address the legal issues surrounding the collection and use of customer data and the impact that this could have on their business.
Raw data generated by connected technology, and the inferences drawn from it, have a likely risk of containing personal information, and it is this that must be handled appropriately.
Data privacy is a highly sensitive issue for businesses. The general public is becoming increasingly mindful of the risks of cyber crime and personal data breaches, and failure to comply with data protection laws could have a devastating effect on a business legally and in terms of its reputation.
It is unsurprising that a dynamic and innovative industry like the tech sector is advancing at a faster pace than the regulatory confines of the law. As it currently stands, any personal data generated from connected devices remains subject to the Data Protection Act 1998.
However, the European Commission is working on a new data protection regulation which is expected to come into force in 2017 and which will impose more stringent requirements on companies handling personal data.
So companies moving towards offering 'connected' services should ensure that they put the correct processes in place now to avoid a future legal backlash. The key principles are data minimisation, data anonymisation and consent.
Companies should be considering these principles from the outset, focusing on designing their systems in ways that can guarantee anonymity of the data collected and introduce the right mechanisms for freely given, specific and informed consent.
They should carry out privacy impact assessments to better understand the extent to which their existing services could infringe on privacy, and establish a best practices framework to ensure that the business continues to operate within legal requirements.
The legal considerations that accompany the adoption of the IoT do not stop at data protection.
Taking cars as an example, the number of interfaces in a networked vehicle places it at risk of cyber attack. The vulnerability of a connected car may not simply lie with the vehicle itself, but with the network and systems that enable the in-car services to operate.
Should there be a security breach, the question of liability is raised. Is it the responsibility of the manufacturer or one of the providers further down the supply chain?
It remains an undefined issue, but supervisory authorities are wising up to vehicle IT, and it is becoming clear that they will pay closer attention to it in the near future.
For the IoT to really take hold in the market there's a growing need for standardisation to enable devices to interoperate and accelerate the mobile-to-mobile market.
There are already a number of industry groups focused on determining a single, common solution for global consistency, and competition law will need to be considered as part of these discussions.
If a 'protected standard' is pursued which could create implications for access among some providers, it could fall foul of competition rules, so it is vital that consistent standards are put in place.
During a series of seminars taking place across the UK, Pinsent Masons is providing businesses with the insight and advice they need to feel confident that they are taking the necessary legal considerations into account when developing their IoT offerings.
The regulators are paying close attention to the evolution of the IoT and, as legal requirements become more important, so should every business considering using IoT data.
Becca Aspinwall is a senior associate at law firm Pinsent Masons LLP
For more information on the Internet of Things, visit the Intel IT Center.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago