This document discusses the Internet of Things (IoT) and provides examples of connected devices. It notes that by 2020, 50 billion devices are estimated to be connected to the Internet. It discusses privacy issues regarding personal data collection and use by IoT devices. Security issues are also examined, such as vulnerabilities of connected devices to hacking. Intellectual property questions are raised about who owns works created by machines. The document concludes by stating that more regulation of IoT is expected.
IoT & Big Data - A privacy-oriented view of the futureFacundo Mauricio
Understanding the future based on the current technology, with a focus on Big Data and Internet of Things (IoT). A discussion of privacy and personal information and how it affects us.
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
Attorney Howard H. Collens presents the most recent updates on the new Fiduciary Access to Digital Assets Act. Learn the many states that have recently enacted the new Act and updates on what the future holds for estate planning and digital assets.
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...Cengage Learning
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course Technology Computing Conference
Presenter: Amelia Phillips, Highline Community College
E-discovery is defined as “gathering electronically stored information (ESI) for use in litigation”. At first glance, this appears to be a straightforward statement, but upon further examination one finds that it encompasses a broad range of items. Over 90% of documents produced by companies now are electronic. Older paper files have been converted to microfiche or PDF files. Add to this email, text messages, social media (yes, even the IRS has a Facebook page) and you have an idea of the amount of information that becomes this new term called “Big Data”. Terabytes of data will soon become petabytes of data. Are we ready? Are our students prepared for this new era? E-Discovery is a field that affects not only the lawyers, but the IT support staff, and how companies do business. In this talk you will be introduced to some of the new technology in the field such as predictive coding, forensic linguistics, and social media archiving. You will also be shown some of the new tools on the market that you can use in your classrooms to prepare your students and yourself for this fast evolving arena. What does a company need to do when a litigation hold is in place? What response needs to come from the legal staff, the IT support staff, the managers, and the average employee? How does this affect the BYOD (Bring Your Own Device) policies? Which comes first - employee privacy, freedom of information or corporate security? You will walk away from this talk with a methodology to incorporate this new topic into your curriculum. You will also be given ideas of how to make this affordable for your labs, what foundations your students need, and how to deliver this in a way that appeals to the business, IT or legal oriented student. This topic affects them all. Come and find out why this is something they need to be successful in tomorrow's market.
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...gallowayandcollens
Attorney Howard Collens presented the most recent updates on Michigan’s new Fiduciary Access to Digital Assets Act. Now is the perfect time to update your will, trust and power of attorney to incorporate the latest options for dealing with your digital assets.
The Internet of things (IoT) is growing rapidly and 2018 will be a fascinating year for the IoT industry. IoT technology continues to evolve at an incredibly rapid pace,
Consumers and businesses alike are anticipating the next big innovation. They are all set to embrace the ground-breaking impact of the Internet of Things on our lives like ATMs that report crimes around them, forks that tell you if you are eating fast, or IP address for each organ of your body for doctors to connect and check,.
In 2018, IoT will see tremendous growth in all directions; the following 8 trends are the main developments we predict for next year:
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
In an era where technology plays such an important part of everyday life, the attorney needs to understand how to properly plan for a client’s digital assets. This presentation will discuss Michigan’s new Fiduciary Access to Digital Assets Act and how to incorporate it into your existing practice.
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...Feroot
At the Smart Technology Privacy Summit 2018, hosted by Feroot Privacy and the Privacy & Access Council of Canada, John Beardwood provided the current Canadian legal framework for GDPR and personal information in the context of IoT, Smart Technology & Smart Cars.
This presentation provides key legal information for any CEO or company leader seeking to fulfill GDPR Access Requests, also known as GDPR DSAR, GDPR DSR, and GDPR SAR.
About Feroot:
Feroot GDPR DSAR Framework helps any organizations understand, prepare for handling access requests, and manage fulfillment of access requests using the self-serve approach from within their mobile, web apps, and portals.
IoT & Big Data - A privacy-oriented view of the futureFacundo Mauricio
Understanding the future based on the current technology, with a focus on Big Data and Internet of Things (IoT). A discussion of privacy and personal information and how it affects us.
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
Attorney Howard H. Collens presents the most recent updates on the new Fiduciary Access to Digital Assets Act. Learn the many states that have recently enacted the new Act and updates on what the future holds for estate planning and digital assets.
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...Cengage Learning
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course Technology Computing Conference
Presenter: Amelia Phillips, Highline Community College
E-discovery is defined as “gathering electronically stored information (ESI) for use in litigation”. At first glance, this appears to be a straightforward statement, but upon further examination one finds that it encompasses a broad range of items. Over 90% of documents produced by companies now are electronic. Older paper files have been converted to microfiche or PDF files. Add to this email, text messages, social media (yes, even the IRS has a Facebook page) and you have an idea of the amount of information that becomes this new term called “Big Data”. Terabytes of data will soon become petabytes of data. Are we ready? Are our students prepared for this new era? E-Discovery is a field that affects not only the lawyers, but the IT support staff, and how companies do business. In this talk you will be introduced to some of the new technology in the field such as predictive coding, forensic linguistics, and social media archiving. You will also be shown some of the new tools on the market that you can use in your classrooms to prepare your students and yourself for this fast evolving arena. What does a company need to do when a litigation hold is in place? What response needs to come from the legal staff, the IT support staff, the managers, and the average employee? How does this affect the BYOD (Bring Your Own Device) policies? Which comes first - employee privacy, freedom of information or corporate security? You will walk away from this talk with a methodology to incorporate this new topic into your curriculum. You will also be given ideas of how to make this affordable for your labs, what foundations your students need, and how to deliver this in a way that appeals to the business, IT or legal oriented student. This topic affects them all. Come and find out why this is something they need to be successful in tomorrow's market.
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...gallowayandcollens
Attorney Howard Collens presented the most recent updates on Michigan’s new Fiduciary Access to Digital Assets Act. Now is the perfect time to update your will, trust and power of attorney to incorporate the latest options for dealing with your digital assets.
The Internet of things (IoT) is growing rapidly and 2018 will be a fascinating year for the IoT industry. IoT technology continues to evolve at an incredibly rapid pace,
Consumers and businesses alike are anticipating the next big innovation. They are all set to embrace the ground-breaking impact of the Internet of Things on our lives like ATMs that report crimes around them, forks that tell you if you are eating fast, or IP address for each organ of your body for doctors to connect and check,.
In 2018, IoT will see tremendous growth in all directions; the following 8 trends are the main developments we predict for next year:
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
In an era where technology plays such an important part of everyday life, the attorney needs to understand how to properly plan for a client’s digital assets. This presentation will discuss Michigan’s new Fiduciary Access to Digital Assets Act and how to incorporate it into your existing practice.
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...Feroot
At the Smart Technology Privacy Summit 2018, hosted by Feroot Privacy and the Privacy & Access Council of Canada, John Beardwood provided the current Canadian legal framework for GDPR and personal information in the context of IoT, Smart Technology & Smart Cars.
This presentation provides key legal information for any CEO or company leader seeking to fulfill GDPR Access Requests, also known as GDPR DSAR, GDPR DSR, and GDPR SAR.
About Feroot:
Feroot GDPR DSAR Framework helps any organizations understand, prepare for handling access requests, and manage fulfillment of access requests using the self-serve approach from within their mobile, web apps, and portals.
Presented by EndCoder Denise Fouche, this presentation describes South Africa's legal response to cyber security threats, particularly in the banking industry.
IoT Standardization and Implementation ChallengesAhmed Banafa
The rapid evolution of the IoT market has caused an explosion in the number and variety of IoT solutions.
Additionally, large amounts of funding are being deployed at IoT startups.
Consequently, the focus of the industry has been on manufacturing and producing the right types of hardware to enable those solutions.
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...gallowayandcollens
Many of today's artists are streaming on popular music sites like Google Play. Attorney Howard Collens shares his knowledge of Fiduciary Access to Digital Assets and how it pertains different music streaming sites and social media.
Understanding the different building blocks of IoT, identifying the areas of vulnerability in each block and exploring technologies needed to counter each of the weaknesses are essential in dealing with the security issue of IoT.
The following list of predictions (Figure 1) explores the state of IoT in 2019 and covering IoT impact on many aspects business and technology including Digital Transformation, Blockchain, AI, and 5G.
Welcome to the world of Internet of Things wherein a glut of devices are connected to the internet which emanates massive amounts of data. But we have many hoops to jump before we can claim that crown starting with a huge number of devices lacking unified platform with serious issues of security standards threating the very progress of IoT.
Speech to first year graduate students at Babson College on the attitudinal shifts that will allow the IoT to transform business away from hierarchy to innovative circular organizations
New trends of IoT in 2018 and beyond (SJSU Conference ) Ahmed Banafa
The Internet of things (IoT) is growing rapidly and 2018 will be a fascinating year for the IoT industry. IoT technology continues to evolve at an incredibly rapid pace. Consumers and businesses alike are anticipating the next big innovation. They are all set to embrace the ground-breaking impact of the Internet of Things on our lives like ATMs that report crimes around them, forks that tell you if you are eating fast, or IP address for each organ of your body for doctors to connect and check
Can privacy survive the onslaught of online standard form "consent"; big data; and the Internet of Things? This paper wonders, and considers in particular the challenges of privacy and smart cities, which combine all three issues.
A brief account of the current state of EU data protection laws accompanied by the suggestion they face almost insuperable challenge from the combination of the illusory nature of consent in most online contracts; the rise of big data as a "treasure hunt"; and the rise oambient environments for data colelction (the "Internet of Things") where design imperatives push towards an absence of opportunities for informed specific consent.
Presented by EndCoder Denise Fouche, this presentation describes South Africa's legal response to cyber security threats, particularly in the banking industry.
IoT Standardization and Implementation ChallengesAhmed Banafa
The rapid evolution of the IoT market has caused an explosion in the number and variety of IoT solutions.
Additionally, large amounts of funding are being deployed at IoT startups.
Consequently, the focus of the industry has been on manufacturing and producing the right types of hardware to enable those solutions.
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...gallowayandcollens
Many of today's artists are streaming on popular music sites like Google Play. Attorney Howard Collens shares his knowledge of Fiduciary Access to Digital Assets and how it pertains different music streaming sites and social media.
Understanding the different building blocks of IoT, identifying the areas of vulnerability in each block and exploring technologies needed to counter each of the weaknesses are essential in dealing with the security issue of IoT.
The following list of predictions (Figure 1) explores the state of IoT in 2019 and covering IoT impact on many aspects business and technology including Digital Transformation, Blockchain, AI, and 5G.
Welcome to the world of Internet of Things wherein a glut of devices are connected to the internet which emanates massive amounts of data. But we have many hoops to jump before we can claim that crown starting with a huge number of devices lacking unified platform with serious issues of security standards threating the very progress of IoT.
Speech to first year graduate students at Babson College on the attitudinal shifts that will allow the IoT to transform business away from hierarchy to innovative circular organizations
New trends of IoT in 2018 and beyond (SJSU Conference ) Ahmed Banafa
The Internet of things (IoT) is growing rapidly and 2018 will be a fascinating year for the IoT industry. IoT technology continues to evolve at an incredibly rapid pace. Consumers and businesses alike are anticipating the next big innovation. They are all set to embrace the ground-breaking impact of the Internet of Things on our lives like ATMs that report crimes around them, forks that tell you if you are eating fast, or IP address for each organ of your body for doctors to connect and check
Can privacy survive the onslaught of online standard form "consent"; big data; and the Internet of Things? This paper wonders, and considers in particular the challenges of privacy and smart cities, which combine all three issues.
A brief account of the current state of EU data protection laws accompanied by the suggestion they face almost insuperable challenge from the combination of the illusory nature of consent in most online contracts; the rise of big data as a "treasure hunt"; and the rise oambient environments for data colelction (the "Internet of Things") where design imperatives push towards an absence of opportunities for informed specific consent.
How to Build a Dynamic Social Media PlanPost Planner
Stop guessing and wasting your time on networks and strategies that don’t work!
Join Rebekah Radice and Katie Lance to learn how to optimize your social networks, the best kept secrets for hot content, top time management tools, and much more!
Watch the replay here: bit.ly/socialmedia-plan
The internet of things..perspectives for the Nigerian legal systemSimon Aderinlola
The ability for everyday devices to connect with each other and with people is a hot topic.
The Nigerian Communications Commission identified a need for the Nigerian legal system to be aware of present and future possibilities, grey areas and learnings from other countries that have taken proactive steps to prepare for this inevitable future.
Learnings from the EU, USA, China etc are considered. It is comforting to know that no country claims to have its legislation ahead of the tech innovations curve, but the catchup game needs to be at a pace that dragnets the present effectively and constantly repositions for the unknown future.
Regulation should also be smart. Rather than get bogged down regulating aluminium weight for car use, fuel grades for combustion, rather regulate speed (protect lives) and drive regulation by principles that outlive wherever tech wants to go next.
The session was eye-opening for a good number of the aged and candid judges, but it was gladdening to see the mindset: mobile tech is not "that thing", it has to be used, understood and admitted as evidence.
The nerds and more tech savvy should help these 'learned ones' to better embrace tech and help them do their work better for joint good!
Attendee/delegate feedback was candid and NCC hopes to build on this in the coming years.
V Międzynarodowa Konferencja Naukowa Nauka o informacji (informacja naukowa) w okresie zmian Innowacyjne usługi informacyjne. Wydział Dziennikarstwa, Informacji i Bibliologii Katedra Informatologii, Uniwersytet Warszawski, Warszawa, 15 – 16 maja 2017
Data protection and other systems of personal data protection around the globe are fundamentally based on principles of "notice and choice". These basic principles are now however assailed from three directions: the chimera of online consent; the lack of opportunity for consent in the world of ambient intelligence or ubiq; and the destruction of purpose specification by the rise of Big Data. This paper connects the dots between all three and considers if anything is left of DP after.
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015bmcmenemy
A smarter, more secure Internet of Things?
We stand on the very brink of the most fundamental change in the way human beings use technology since the introduction of agriculture, over 6 thousand years ago. The Internet of Things will not just change our work or home, it will change every aspect of our lives, including redefining the very concepts of privacy, industry and government.
When something is so important, how can we build in the security and intelligence necessary? What are the key challenges we face? And what will an always on, hyperconnected world mean to the concept of identity itself?
In this presentation,we discuss the opportunities and challenges of the Internet of Things, as well as some of the early indicators of what the IoT world will look like. We also address thinking on security and privacy, and the critical role that the concept of identity will play in the future.
Presented at the Gartner Identity & Access Management Summit, London, Travis Greene discussed the opportunities and challenges of the Internet of Things (IoT), as well as the early indicators of what the IoT world will look like. He also addressed IoT security and privacy, and the critical role that identity will play in the future.
This ppt mainly focuses on detailed description of the Internet of Everythinmg (IoE), Evolution of Internet of things (IoE)
Features of IoE,Pillars of IoE, Internet of Things (IoT) and the Internet of Everything (IoE),Similarities between IoT & IoE
Framework: Securing IoE, Application of IoE and i
Future scope of IoE
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainHeather Vescent
Supply chain is a complex ecosystem with many participants, that may include governments, transnational companies, brokers and other middlemen, and local farms, factories, and other suppliers. Another reason supply chain is complex is because it cuts across borders, and must adhere to laws and regulations in multiple jurisdictions: global, national, and local.
This report researched the supply chain through the lens of digital identity for tracking and auditing.
Download the reports:
Gaps: bit.ly/NPEreport
Supply Chain: bit.ly/GSCreport
Internet of Things, Various Names, One Concept, History of IoT, Applications of IoT, Challenges and Barriers in IoT, Internet Revolution, Future of IoT, Impact of the Internet, Internet Usage and Population Statistics
This Time, It’s Personal: Why Security and the IoT Is DifferentJustin Grammens
Unfortunately, in recent years we’ve seen a host of incidences where IoT devices were compromised. Sometimes these have been minor with little coverage, while others like Mirai affected millions around the globe a produced serious economic impact. When attacks like this occur, they not only erode the trust of the users of these devices, but cause those who are looking to adopt this new technology to pause. With any new technology, security must be thought of as a first class citizen and when we are talking about IoT, the data is personal. As the IoT matures, I’ll share some mistakes that have happened in the past, where we are today and how I believe we are now finally seeing a maturity of devices that are remotely updated, fault tolerant and secure. When it comes to building an IoT device, security is personal.
Part of the "2016 Annual Conference: Big Data, Health Law, and Bioethics" held at Harvard Law School on May 6, 2016.
This conference aimed to: (1) identify the various ways in which law and ethics intersect with the use of big data in health care and health research, particularly in the United States; (2) understand the way U.S. law (and potentially other legal systems) currently promotes or stands as an obstacle to these potential uses; (3) determine what might be learned from the legal and ethical treatment of uses of big data in other sectors and countries; and (4) examine potential solutions (industry best practices, common law, legislative, executive, domestic and international) for better use of big data in health care and health research in the U.S.
The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School 2016 annual conference was organized in collaboration with the Berkman Center for Internet & Society at Harvard University and the Health Ethics and Policy Lab, University of Zurich.
Learn more at http://petrieflom.law.harvard.edu/events/details/2016-annual-conference.
How Can Policymakers and Regulators Better Engage the Internet of Things? Mercatus Center
The world today is seemingly always plugged into the Internet and technologies are constantly sharing data about our personal and professional lives. Device connectivity is on an upward trend with Cisco estimating that 50 billion devices will be connected to the Internet by 2020. Collection and data sharing by these devices introduces a host of new vulnerabilities, raising concerns about safety, security, and privacy for policymakers and regulators.
Similar to Internet of Things TCLG Oct 23 2014 (20)
Cardware Conference presentation on BIG DATA June 17-18 2014
Internet of Things TCLG Oct 23 2014
1. The Internet of Things
Hello?
Is anyone
there?
Yes. This is your car
speaking..
How can I help you?
I need more
Spam!
OK. I'll go
get some.
Toronto Computer Lawyers' Group
October 23, 2014
Lisa Abe-Oldenburg
2. What is the Internet of Things?
• IoT or the Internet of Everything
• Anything that contains a computer processor can act as a self-contained web
server to handle communication and other sophisticated functions
• Imagine a world where everything has sensors, is connected to a wired or
wireless Internet network, and communicating with each other
• Phones, computers, tablets
• Homes and appliances
• Cars and transportation
• Wearables (computers worn on the body)
• Machines (M2M) and manufacturing
• Services, e.g. healthcare, energy, payments
• Plants, livestock and pets?
3.
4. Facts and Figures
• According to CISCO, during 2008, the number of devices connected to
the Internet exceeded the number of people on Earth for the first time
• According to the Chartered Institute for IT, there are around 200
connectable devices per person on the planet today and it is estimated
that by 2020, 50 billion devices will be connected to the Internet
• New IPv6 system, which will replace IPv4, will allow billions of IP
addresses to be assigned – one for every object or device in the world
(approx. 3.4×1038 addresses)
• Google's acquisition of the connected home technology company Nest
for US $2.3 billion, was its second largest ever acquisition (after
Motorola)
5. Examples
• A Dutch company has pioneered wireless sensors in cattle so that
when one is pregnant or ill, it sends a message to the farmer
• Plants are now able to be connected to irrigation systems and decide
when to water themselves
• Cars can drive themselves
• Wearable monitors can track health information and interact with
hospital staff
• Fridges can determine what food its owner needs and order it for them
• Machines on assembly lines can talk to each other and order more
parts or request maintenance as needed
• And yes, pretty soon your carpet will call an ambulance for you when
you fall and pass out on it…
6. FOR THE PURPOSES OF
MAINTAINING YOUR WELLNESS, I,
YOUR CARPET, WILL BE PROVIDING
YOUR PERSONAL HEALTH
INFORMATION TO A DOCTOR. DO
YOU CONSENT?
Privacy Issues
I don't feel
well…
Hey carpet! This guy is
about to kick the
bucket! Call 911 and
notify his doctor!
7. Privacy Issues
• Which laws and jurisdictions apply? PA, PIPEDA, PIPAs, PHIPAs
• IoT creates challenges across provincial and international
borders. Can domestic legislation alone sufficiently
protect personal information in the world of IoT?
• Is the data "personal information"?
• Definition of "personal information" is generally considered to be
any information about an identifiable individual
8. Privacy Issues
• SCC in Dagg v. Canada (Minister of Finance), [1997] 2 S.C.R. 403
said broadly:
"its intent seems to be to capture any information about a specific person,
subject only to specific exceptions"
• Privacy Commissioner in its 2001-2002 Annual Report to
Parliament also stated that:
"the definition ['about an identifiable individual'] is deliberately broad…It
does not matter who generated the information, or how, or who
technically "owns" it…information [is] personal even if there is the
smallest potential for it to be about an identifiable individual"
9. Privacy Issues
• Information that alone does not identify an individual can be
"personal information" if, in combination with other information,
it could be used to identify an individual
• Federal Court determined that such data, which could be combined
with other data to identify someone, is "personal information". See
Gordon v. Canada (Minister of Health), [2008] CarswellNat 522
paragraph/line 34
• IoT becomes complicated as it generates BIG DATA. Data, when
coupled with other available data, could lead to identifying individuals
10. Privacy Issues
• IoT makes compliance with Privacy Principles underlying all modern
privacy regimes complicated:
• Accountability: organizational responsibility for Personal Information (PI)
under its control – Who is in control? Push (chatter) vs. pull data
• Identifying Purposes: at or before the time of collection of PI – Practicality?
Individuals may not be aware of any data processing taking place
• Consent: knowledge and consent of individual required for collection, use or
disclosure of personal information, except where inappropriate – Informed
consent? Sufficiency? Form? Enforceability/binding? Can machines consent
on your behalf? Can they bind you to contracts? Consumer protection laws
and Internet contract requirements
• Limiting Collection: PI collection limited to that which is necessary for the
purposes identified by the organization – Who is collecting? How BIG is the
DATA? Combined data can reveal more information about an individual and
increase identity theft risk
11. Privacy Issues
• Limiting Use, Disclosure and Retention: PI cannot be used or disclosed for other
purposes. Also, PI can be retained only as long as necessary for the fulfillment of the
purpose – how do you control the data and its use or disclosure? Data filters? Handling
machine requests for repurposing data? Data on the Internet exists forever!
• Accuracy: PI shall be as accurate, complete, and up-to-date as necessary for the
purposes for which it is to be used – stored data vs. real time data? Will machines know
what is correct?
• Safeguards: PI shall be protected by security safeguards appropriate to the sensitivity
of the information – Assessing sensitivity in what context? Security issues
• Openness: Organization shall make readily available to individuals information about
privacy policies and practices – To/from machines? Which organization?
• Individual Access: Upon request, can access and amend info and be informed of its
existence, use and disclosure – How does live person get access from machines?
• Challenging Compliance: Individual can challenge compliance with principles to
designated accountable individual at organization – Who is this?
12. Hey Fridge! What
food does George
have in there?
Just pizza.
How many
pizzas does he
eat in a week?
On average….
ten.
We'd better increase
his life insurance
premium!
George's Insurance Company George's fridge
13. Security Issues
• Software = hackable
• Connection = exposed
• Former VP of the US, Dick Cheney, deactivated the Wi-Fi function on his
pacemaker, admitting he was afraid someone might hack it in an attempt to
assassinate him
• In PIPEDA Finding #2011-001, the OPC reported on Google's inadvertent
collection of data from unsecured Wi-Fi networks as camera cars documented
street images for Google's mapping services over the course of several years.
Google had gathered PI in excess of the purpose for which it was collected,
failed to provide adequate disclosure or solicit consent from the data subjects
• Last year, two IT experts in the US showed how easy it is to hack a car, make it
brake, prevent it from braking or even make the driver lose control of the
steering wheel
• Corporate espionage and employee issues
14. Security Issues
• The BBC reported recently that a fridge was discovered to be sending spam
emails after a web attack. It was one of more than 100,000 devices used in a
spam campaign – Objects are vulnerable
• A recent study by HP found 70% of IoT devices used unencrypted network
services and 80% of devices (including their cloud and mobile app
components) failed to require passwords of a sufficient complexity and
length
• Potential for monitoring and tracking homes or wearables equipped with IoT
systems to perform BIG DATA analytics and covert surveillance
• Symantec paper (July 30 2014) found:
• All wearable activity-tracking devices can be tracked or located through wireless protocol
transmissions by simply scanning airwaves for signals – can tell when you are not home
• 20% of apps transmit user data in clear text, e.g. login passwords, d.o.b., address, etc.
• 52% of apps don’t have privacy policies
• Significant number of apps contacted 10 or more different domains
• Shared service sites did not correctly handle user sessions, allowing browsing of personal data
belonging to other users of the site, or uploading of commands to the server for execution
15. Security Issues
• Security of objects as connection points, security of interaction between
objects, and security of the ecosystem itself
• New standards, security audits and authentication may be necessary
• OPC Authentication Guidelines – if an organization does not need to identify
for sure who the individual is then they should not be collecting authenticating
information. "Risk creep" as more objects become interconnected
• Medical device regulation for connected devices
• Recent US Guidelines for cybersecurity in medical devices
• No specific guidance yet in Canada
• Health Canada case-by-case analysis of vulnerabilities of each device with regards to
patient safety and safeguarding of medical information
• European medical devices directives are already undergoing substantial revision, with the
expectation being that two new regulations will come into effect some time in 2015
• Encryption and intrusion detection measures
• Data breach notification responsibilities
16. Intellectual Property Issues
• Things, objects and machines can not only talk to each other, they
can make smart decisions and create literary, artistic, dramatic,
musical works and inventions based on information they receive,
whether from their own sensors, a person or another object or data
source
I need some
wings so I can
fly!
I can create the flying
software, upload it and
design you attachable
wings.
Hey 3D printer,
I need your
help!
Send me your code
and I'll have it done in
a minute!
17. Who owns machine-generated works?
• Who owns the data? Database rights
• As machines become even more intelligent, the machines will be
operating not just as tools or sensors collecting data, but also as
producers of works with little or no human intervention
• Canadian Copyright Act does not protect literary or artistic works
created by non-humans
• Draft Compendium of the U.S. Copyright Office Practices, Third
Edition, August 19, 2014 Chapter 300 states that "the Office will not
register works produced by a machine or mere mechanical process
that operates randomly or automatically without any creative input or
intervention from a human author."
• Assuming all machines will produce a random or predictable result
18. Who owns machine-generated works?
• Artificial intelligence and vast amounts of complex data and
information (real-time variables) being exchanged, do not create
random or predictable results. May be quite novel or original, like
the solution to a complex problem that cannot be solved by the
limitations of the human brain. Should the output be protectable
as a copyright work or patentable as an invention?
• Dilemmas as to Who is the owner or inventor?
• Ownership claims may come from the producers of the underlying
programming, the owners of the machines, the investors in the
technology, the network or machine operators, or the end-user
subjects about whom the data is being collected, or others
19. Who owns machine-generated works?
• UK and New Zealand allow copyright protection for computer-
generated works
• In those countries, the author of a literary, dramatic, musical or
artistic work that is computer-generated is deemed to be the
person who makes the "arrangements necessary " for the creation
of the work
• Copyright reform needed in Canada to remain a competitive
marketplace for IoT and M2M technology
• To protect your machine-generated works in Canada under
Canadian copyright law, you should ensure some creativity is
contributed from a human author and that the other tests for
originality and fixation are met
20. Patent infringement risk
• For IoT to work, it requires standardized technology
• If patents exist in the architecture, third party users may be
infringing
• Standard-Essential Patents (SEPs) are patents that are essential to
implement an industry standard
• Bodies who set standards impose conditions that patent licenses
should be available to third parties on fair, reasonable and non-
discriminatory (FRAND) terms
21. Patent infringement risk
• Court of Justice of the EU is considering Huawei v. ZTE (C-170/13)
• Huawei, China’s largest phone maker, sued ZTE at the Regional Court of
Düsseldorf, seeking an injunction for the alleged infringement of an SEP
relating to the implementation of the LTE standard
• ZTE, a telecom company also based in China, claimed the demands for an
injunction were an abuse of Huawei’s dominant market position, citing it
is prohibited under European directive (Article 102, TFEU)
• ZTE claimed that, because it was willing to negotiate a license agreement
to use the patent, no injunction could be issued against it
• In addition to submissions by Huawei and ZTE, the Netherlands, Finland
and the European Commission submitted their views and concerns as to
how the interests of patent owners and standard users should be balanced
• Final opinion of the AG is expected November 20th, and final judgment
expected in early 2015
• Will affect future SEPs and licensing
22. Liability Issues
• Who is liable when the machine gets it wrong?
• Is there a valid and enforceable contract, between machines?
• Automated contracts
• Provincial consumer protection laws for Internet (text based) or remote
contracts may apply, e.g. requirements for disclosure of terms, writing and
delivery, content of agreement, express opportunity to accept or decline,
cancellation rights, amendment, renewal and extension.
• Was there negligence? Product liability issues?
• Limitations on liability – certain types of liability cannot be
contracted out of
• What if machine orders/binds you to something that you cannot
afford?
• What if machine gets hacked, or has a data breach?
It wasn’t
me! It was
my car!
You hit
me!
23. More regulation to come
• The Canadian OPC is currently conducting various research
projects related to the IoT, including a study on intelligent vehicle
technology that will look at the impact on privacy of the use of
telematics by automobile manufacturers and insurers
• US Federal Trade Commission held a workshop in November 2013
dealing with the IoT and is still trying to figure out the best way of
regulating it
• The European Commission has undertaken a number of research
projects related to the IoT
• CASL technology provisions dealing with the installation of
computer programs, come into force January 15, 2015
24. Lisa K. Abe- Oldenburg, B.Comm., J.D.
Abe-oldenburgL@bennettjones.com
Tel.: 416-777-7475
www.bennettjones.com
• This presentation
contains statements of
general
principles and not legal
opinions and should not
be acted upon without
first consulting a lawyer
who will provide
analysis and advice on a
specific
matter.