The rapid advance of technology over the last few years has left legislators somewhat breathless. It’s not surprising considering that technological advances outpace the slow process of creating new legislation.
Take, for example, the Internet of Things (IoT). This is a concept that has been around for many years; we’ve already seen devices like smart speakers, cameras, and so on that can be controlled remotely. All that you need is to sync these up to an app on your phone and you can control them.
Now, what makes this interesting is that there is little legislation that deals directly with these devices and privacy concerns. So far, only Californian legislators have specifically addressed the issue of privacy and IoT devices.
What Makes the Californian Law So Special?
The law received praise and criticism alike. There are those who believe it’s too vague to be helpful. For the purposes of this post, however, we find it extremely interesting. It points to the direction that regulators will start taking when it comes to IoT devices and other forms of new tech.
The law may be vague, but it is clear about placing the onus on manufacturers to ensure that the privacy of the person using the device is protected. Manufacturers need to provide adequate protection against hacks and unauthorized on these devices.
The State of Things to Come
Considering how bad cybercrime has become, it’s hardly surprising that regulators are cracking down on it. With $445 billion lost to cybercriminals in 2018 alone, it’s high time that regulators take a stricter stance.
So far, the regulatory change with the most far-reaching effect is the GDPR. Future IoT regulations will no doubt encompass the spirit of these regulations, as well.
What Does This Mean for My Clients?
As an attorney for a tech-based firm, you’ll need to advise your clients to take proactive steps. The legislation may not be in place yet, but it’s not far off. If your clients are properly prepared now, they’ll have the edge in the future.
What Proactive Steps Can They Take?
Let’s use a basic example to illustrate what might go wrong. Say, for example, that you’ve got a nanny cam linked up to your home hub. This cam makes it possible to see what’s going on in different rooms of the home.
There’s no harm, right? Actually, that’s tricky. Here are some of the ways that hackers might take advantage:
- The cam is connected to the home hub; it could be used as a point of entry for hackers to gain control of the hub. Manufacturers must take steps to secure this device and make it difficult to hack.
- Someone could establish your daily routine using the cam. A hacker for a kidnapping syndicate, for example, could use this to monitor family activities. This could help them find the best time to stage a kidnapping.
- A hacker could create a live-stream video of your nanny and child for creeps online.
- A marketing company could use the feed to get more information on what baby products you use and how you use them.
- A hacker might piggyback the feed in the hopes of catching you or your spouse doing something embarrassing. For example, getting undressed. They might then opt to blackmail you. If you don’t pay, they’ll send the pictures to your colleagues.
Now, granted, these examples sound a little outlandish. The sad part, though, is that they’re all possible.
Companies producing IoT devices without any care about safeguarding those devices are opening themselves up for real liability issues. So, it pays to get ahead of the pack on this one.
The Bottom Line
Online privacy laws are becoming a lot stricter. The standard we did the best we could excuse won’t hold water anymore. Severe fines are given to companies who are found negligent in this area. Factor in the reputational risk of being caught with your defenses down, and it can be downright disastrous.
At the end of the day, as lawyers, we have a duty to protect our clients. We can help them secure their future by warning them about the potential implications of these new technological advances.