SlideShare una empresa de Scribd logo

Internet of Things TCLG Oct 23 2014

Descargar como PPTX, PDF
L
Lisa Abe-Oldenburg, B.Comm., JD.

This document discusses the Internet of Things (IoT) and provides examples of connected devices. It notes that by 2020, 50 billion devices are estimated to be connected to the Internet. It discusses privacy issues regarding personal data collection and use by IoT devices. Security issues are also examined, such as vulnerabilities of connected devices to hacking. Intellectual property questions are raised about who owns works created by machines. The document concludes by stating that more regulation of IoT is expected.

1 de 24
The Internet of Things Hello? Is anyone there? Yes. This is your car speaking.. How can I help you? I need more Spam! OK. I'll go get some. Toronto Computer Lawyers' Group October 23, 2014 Lisa Abe-Oldenburg
What is the Internet of Things? • IoT or the Internet of Everything • Anything that contains a computer processor can act as a self-contained web server to handle communication and other sophisticated functions • Imagine a world where everything has sensors, is connected to a wired or wireless Internet network, and communicating with each other • Phones, computers, tablets • Homes and appliances • Cars and transportation • Wearables (computers worn on the body) • Machines (M2M) and manufacturing • Services, e.g. healthcare, energy, payments • Plants, livestock and pets?
Facts and Figures • According to CISCO, during 2008, the number of devices connected to the Internet exceeded the number of people on Earth for the first time • According to the Chartered Institute for IT, there are around 200 connectable devices per person on the planet today and it is estimated that by 2020, 50 billion devices will be connected to the Internet • New IPv6 system, which will replace IPv4, will allow billions of IP addresses to be assigned – one for every object or device in the world (approx. 3.4×1038 addresses) • Google's acquisition of the connected home technology company Nest for US $2.3 billion, was its second largest ever acquisition (after Motorola)
Examples • A Dutch company has pioneered wireless sensors in cattle so that when one is pregnant or ill, it sends a message to the farmer • Plants are now able to be connected to irrigation systems and decide when to water themselves • Cars can drive themselves • Wearable monitors can track health information and interact with hospital staff • Fridges can determine what food its owner needs and order it for them • Machines on assembly lines can talk to each other and order more parts or request maintenance as needed • And yes, pretty soon your carpet will call an ambulance for you when you fall and pass out on it…
FOR THE PURPOSES OF MAINTAINING YOUR WELLNESS, I, YOUR CARPET, WILL BE PROVIDING YOUR PERSONAL HEALTH INFORMATION TO A DOCTOR. DO YOU CONSENT? Privacy Issues I don't feel well… Hey carpet! This guy is about to kick the bucket! Call 911 and notify his doctor!
Privacy Issues • Which laws and jurisdictions apply? PA, PIPEDA, PIPAs, PHIPAs • IoT creates challenges across provincial and international borders. Can domestic legislation alone sufficiently protect personal information in the world of IoT? • Is the data "personal information"? • Definition of "personal information" is generally considered to be any information about an identifiable individual
Privacy Issues • SCC in Dagg v. Canada (Minister of Finance), [1997] 2 S.C.R. 403 said broadly: "its intent seems to be to capture any information about a specific person, subject only to specific exceptions" • Privacy Commissioner in its 2001-2002 Annual Report to Parliament also stated that: "the definition ['about an identifiable individual'] is deliberately broad…It does not matter who generated the information, or how, or who technically "owns" it…information [is] personal even if there is the smallest potential for it to be about an identifiable individual"
Privacy Issues • Information that alone does not identify an individual can be "personal information" if, in combination with other information, it could be used to identify an individual • Federal Court determined that such data, which could be combined with other data to identify someone, is "personal information". See Gordon v. Canada (Minister of Health), [2008] CarswellNat 522 paragraph/line 34 • IoT becomes complicated as it generates BIG DATA. Data, when coupled with other available data, could lead to identifying individuals
Privacy Issues • IoT makes compliance with Privacy Principles underlying all modern privacy regimes complicated: • Accountability: organizational responsibility for Personal Information (PI) under its control – Who is in control? Push (chatter) vs. pull data • Identifying Purposes: at or before the time of collection of PI – Practicality? Individuals may not be aware of any data processing taking place • Consent: knowledge and consent of individual required for collection, use or disclosure of personal information, except where inappropriate – Informed consent? Sufficiency? Form? Enforceability/binding? Can machines consent on your behalf? Can they bind you to contracts? Consumer protection laws and Internet contract requirements • Limiting Collection: PI collection limited to that which is necessary for the purposes identified by the organization – Who is collecting? How BIG is the DATA? Combined data can reveal more information about an individual and increase identity theft risk
Privacy Issues • Limiting Use, Disclosure and Retention: PI cannot be used or disclosed for other purposes. Also, PI can be retained only as long as necessary for the fulfillment of the purpose – how do you control the data and its use or disclosure? Data filters? Handling machine requests for repurposing data? Data on the Internet exists forever! • Accuracy: PI shall be as accurate, complete, and up-to-date as necessary for the purposes for which it is to be used – stored data vs. real time data? Will machines know what is correct? • Safeguards: PI shall be protected by security safeguards appropriate to the sensitivity of the information – Assessing sensitivity in what context? Security issues • Openness: Organization shall make readily available to individuals information about privacy policies and practices – To/from machines? Which organization? • Individual Access: Upon request, can access and amend info and be informed of its existence, use and disclosure – How does live person get access from machines? • Challenging Compliance: Individual can challenge compliance with principles to designated accountable individual at organization – Who is this?
Hey Fridge! What food does George have in there? Just pizza. How many pizzas does he eat in a week? On average…. ten. We'd better increase his life insurance premium! George's Insurance Company George's fridge
Security Issues • Software = hackable • Connection = exposed • Former VP of the US, Dick Cheney, deactivated the Wi-Fi function on his pacemaker, admitting he was afraid someone might hack it in an attempt to assassinate him • In PIPEDA Finding #2011-001, the OPC reported on Google's inadvertent collection of data from unsecured Wi-Fi networks as camera cars documented street images for Google's mapping services over the course of several years. Google had gathered PI in excess of the purpose for which it was collected, failed to provide adequate disclosure or solicit consent from the data subjects • Last year, two IT experts in the US showed how easy it is to hack a car, make it brake, prevent it from braking or even make the driver lose control of the steering wheel • Corporate espionage and employee issues
Security Issues • The BBC reported recently that a fridge was discovered to be sending spam emails after a web attack. It was one of more than 100,000 devices used in a spam campaign – Objects are vulnerable • A recent study by HP found 70% of IoT devices used unencrypted network services and 80% of devices (including their cloud and mobile app components) failed to require passwords of a sufficient complexity and length • Potential for monitoring and tracking homes or wearables equipped with IoT systems to perform BIG DATA analytics and covert surveillance • Symantec paper (July 30 2014) found: • All wearable activity-tracking devices can be tracked or located through wireless protocol transmissions by simply scanning airwaves for signals – can tell when you are not home • 20% of apps transmit user data in clear text, e.g. login passwords, d.o.b., address, etc. • 52% of apps don’t have privacy policies • Significant number of apps contacted 10 or more different domains • Shared service sites did not correctly handle user sessions, allowing browsing of personal data belonging to other users of the site, or uploading of commands to the server for execution
Security Issues • Security of objects as connection points, security of interaction between objects, and security of the ecosystem itself • New standards, security audits and authentication may be necessary • OPC Authentication Guidelines – if an organization does not need to identify for sure who the individual is then they should not be collecting authenticating information. "Risk creep" as more objects become interconnected • Medical device regulation for connected devices • Recent US Guidelines for cybersecurity in medical devices • No specific guidance yet in Canada • Health Canada case-by-case analysis of vulnerabilities of each device with regards to patient safety and safeguarding of medical information • European medical devices directives are already undergoing substantial revision, with the expectation being that two new regulations will come into effect some time in 2015 • Encryption and intrusion detection measures • Data breach notification responsibilities
Intellectual Property Issues • Things, objects and machines can not only talk to each other, they can make smart decisions and create literary, artistic, dramatic, musical works and inventions based on information they receive, whether from their own sensors, a person or another object or data source I need some wings so I can fly! I can create the flying software, upload it and design you attachable wings. Hey 3D printer, I need your help! Send me your code and I'll have it done in a minute!
Who owns machine-generated works? • Who owns the data? Database rights • As machines become even more intelligent, the machines will be operating not just as tools or sensors collecting data, but also as producers of works with little or no human intervention • Canadian Copyright Act does not protect literary or artistic works created by non-humans • Draft Compendium of the U.S. Copyright Office Practices, Third Edition, August 19, 2014 Chapter 300 states that "the Office will not register works produced by a machine or mere mechanical process that operates randomly or automatically without any creative input or intervention from a human author." • Assuming all machines will produce a random or predictable result
Who owns machine-generated works? • Artificial intelligence and vast amounts of complex data and information (real-time variables) being exchanged, do not create random or predictable results. May be quite novel or original, like the solution to a complex problem that cannot be solved by the limitations of the human brain. Should the output be protectable as a copyright work or patentable as an invention? • Dilemmas as to Who is the owner or inventor? • Ownership claims may come from the producers of the underlying programming, the owners of the machines, the investors in the technology, the network or machine operators, or the end-user subjects about whom the data is being collected, or others
Who owns machine-generated works? • UK and New Zealand allow copyright protection for computer- generated works • In those countries, the author of a literary, dramatic, musical or artistic work that is computer-generated is deemed to be the person who makes the "arrangements necessary " for the creation of the work • Copyright reform needed in Canada to remain a competitive marketplace for IoT and M2M technology • To protect your machine-generated works in Canada under Canadian copyright law, you should ensure some creativity is contributed from a human author and that the other tests for originality and fixation are met
Patent infringement risk • For IoT to work, it requires standardized technology • If patents exist in the architecture, third party users may be infringing • Standard-Essential Patents (SEPs) are patents that are essential to implement an industry standard • Bodies who set standards impose conditions that patent licenses should be available to third parties on fair, reasonable and non- discriminatory (FRAND) terms
Patent infringement risk • Court of Justice of the EU is considering Huawei v. ZTE (C-170/13) • Huawei, China’s largest phone maker, sued ZTE at the Regional Court of Düsseldorf, seeking an injunction for the alleged infringement of an SEP relating to the implementation of the LTE standard • ZTE, a telecom company also based in China, claimed the demands for an injunction were an abuse of Huawei’s dominant market position, citing it is prohibited under European directive (Article 102, TFEU) • ZTE claimed that, because it was willing to negotiate a license agreement to use the patent, no injunction could be issued against it • In addition to submissions by Huawei and ZTE, the Netherlands, Finland and the European Commission submitted their views and concerns as to how the interests of patent owners and standard users should be balanced • Final opinion of the AG is expected November 20th, and final judgment expected in early 2015 • Will affect future SEPs and licensing
Liability Issues • Who is liable when the machine gets it wrong? • Is there a valid and enforceable contract, between machines? • Automated contracts • Provincial consumer protection laws for Internet (text based) or remote contracts may apply, e.g. requirements for disclosure of terms, writing and delivery, content of agreement, express opportunity to accept or decline, cancellation rights, amendment, renewal and extension. • Was there negligence? Product liability issues? • Limitations on liability – certain types of liability cannot be contracted out of • What if machine orders/binds you to something that you cannot afford? • What if machine gets hacked, or has a data breach? It wasn’t me! It was my car! You hit me!
More regulation to come • The Canadian OPC is currently conducting various research projects related to the IoT, including a study on intelligent vehicle technology that will look at the impact on privacy of the use of telematics by automobile manufacturers and insurers • US Federal Trade Commission held a workshop in November 2013 dealing with the IoT and is still trying to figure out the best way of regulating it • The European Commission has undertaken a number of research projects related to the IoT • CASL technology provisions dealing with the installation of computer programs, come into force January 15, 2015
Lisa K. Abe- Oldenburg, B.Comm., J.D. Abe-oldenburgL@bennettjones.com Tel.: 416-777-7475 www.bennettjones.com • This presentation contains statements of general principles and not legal opinions and should not be acted upon without first consulting a lawyer who will provide analysis and advice on a specific matter.

Recomendados

The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 
IoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureIoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureFacundo Mauricio
 
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...Cengage Learning
 
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...gallowayandcollens
 
8 trends of IoT in 2018
8 trends of IoT in 20188 trends of IoT in 2018
8 trends of IoT in 2018Ahmed Banafa
 
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...Feroot
 

Recomendados

The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 
IoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureIoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureFacundo Mauricio
 
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...Cengage Learning
 
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...gallowayandcollens
 
8 trends of IoT in 2018
8 trends of IoT in 20188 trends of IoT in 2018
8 trends of IoT in 2018Ahmed Banafa
 
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...
Feroot Smart Technology Privacy Summit: The Connected Car — Understanding the...Feroot
 
Cyber Banking Conference
Cyber Banking Conference Cyber Banking Conference
Cyber Banking Conference Endcode_org
 
Iowa Weighs in on Ethics of Cloud Computing for Lawyers
Iowa Weighs in on Ethics of Cloud Computing for LawyersIowa Weighs in on Ethics of Cloud Computing for Lawyers
Iowa Weighs in on Ethics of Cloud Computing for LawyersNicole Black
 
IoT Standardization and Implementation Challenges
IoT Standardization and Implementation ChallengesIoT Standardization and Implementation Challenges
IoT Standardization and Implementation ChallengesAhmed Banafa
 
Closer All The Time: Moving Toward Fiduciary Access to Digital Assets
Closer All The Time: Moving Toward Fiduciary Access to Digital AssetsCloser All The Time: Moving Toward Fiduciary Access to Digital Assets
Closer All The Time: Moving Toward Fiduciary Access to Digital Assetsgallowayandcollens
 
Data Protection & Risk Management
Data Protection & Risk Management Data Protection & Risk Management
Data Protection & Risk Management Endcode_org
 
Kasita's presentation
Kasita's presentationKasita's presentation
Kasita's presentationChande Kasita
 
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...gallowayandcollens
 
IoT and Blockchain Convergence
IoT and Blockchain ConvergenceIoT and Blockchain Convergence
IoT and Blockchain ConvergenceAhmed Banafa
 
Social Media & Legal Risk
Social Media & Legal Risk Social Media & Legal Risk
Social Media & Legal Risk Endcode_org
 
Cyber laws - Ritu Gautam
Cyber laws - Ritu GautamCyber laws - Ritu Gautam
Cyber laws - Ritu GautamRitu Gautam
 
Cyber law by pravin ghosekar
Cyber law by pravin ghosekarCyber law by pravin ghosekar
Cyber law by pravin ghosekarPravinGhosekar
 
9 IoT predictions for 2019
9 IoT predictions for 20199 IoT predictions for 2019
9 IoT predictions for 2019Ahmed Banafa
 
IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends Endcode_org
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
Four essential truths of the IoT
Four essential truths of the IoTFour essential truths of the IoT
Four essential truths of the IoTW. David Stephenson
 
New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) Ahmed Banafa
 
The Cyber Law Regime in India
The Cyber Law Regime in IndiaThe Cyber Law Regime in India
The Cyber Law Regime in IndiaDr. Prashant Vats
 
Five moral dimensions of information systems pdf
Five moral dimensions of information systems pdfFive moral dimensions of information systems pdf
Five moral dimensions of information systems pdfAce Institute of Management (Nepal), Institute of Management Studies (Nepal)
 
the Death of Privacy in Three Acts
the Death of Privacy in Three Actsthe Death of Privacy in Three Acts
the Death of Privacy in Three ActsLilian Edwards
 
The Death of Privacy in Three Acts
The Death of Privacy in Three ActsThe Death of Privacy in Three Acts
The Death of Privacy in Three ActsLilian Edwards
 
MFDA - Reference Letter
MFDA - Reference LetterMFDA - Reference Letter
MFDA - Reference LetterIwan Beynon
 
13530912_2.PPT
13530912_2.PPT13530912_2.PPT
13530912_2.PPTLisa Abe-Oldenburg, B.Comm., JD.
 

Más contenido relacionado

La actualidad más candente

Cyber Banking Conference
Cyber Banking Conference Cyber Banking Conference
Cyber Banking Conference Endcode_org
 
Iowa Weighs in on Ethics of Cloud Computing for Lawyers
Iowa Weighs in on Ethics of Cloud Computing for LawyersIowa Weighs in on Ethics of Cloud Computing for Lawyers
Iowa Weighs in on Ethics of Cloud Computing for LawyersNicole Black
 
IoT Standardization and Implementation Challenges
IoT Standardization and Implementation ChallengesIoT Standardization and Implementation Challenges
IoT Standardization and Implementation ChallengesAhmed Banafa
 
Closer All The Time: Moving Toward Fiduciary Access to Digital Assets
Closer All The Time: Moving Toward Fiduciary Access to Digital AssetsCloser All The Time: Moving Toward Fiduciary Access to Digital Assets
Closer All The Time: Moving Toward Fiduciary Access to Digital Assetsgallowayandcollens
 
Data Protection & Risk Management
Data Protection & Risk Management Data Protection & Risk Management
Data Protection & Risk Management Endcode_org
 
Kasita's presentation
Kasita's presentationKasita's presentation
Kasita's presentationChande Kasita
 
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...gallowayandcollens
 
IoT and Blockchain Convergence
IoT and Blockchain ConvergenceIoT and Blockchain Convergence
IoT and Blockchain ConvergenceAhmed Banafa
 
Social Media & Legal Risk
Social Media & Legal Risk Social Media & Legal Risk
Social Media & Legal Risk Endcode_org
 
Cyber laws - Ritu Gautam
Cyber laws - Ritu GautamCyber laws - Ritu Gautam
Cyber laws - Ritu GautamRitu Gautam
 
Cyber law by pravin ghosekar
Cyber law by pravin ghosekarCyber law by pravin ghosekar
Cyber law by pravin ghosekarPravinGhosekar
 
9 IoT predictions for 2019
9 IoT predictions for 20199 IoT predictions for 2019
9 IoT predictions for 2019Ahmed Banafa
 
IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends Endcode_org
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
Four essential truths of the IoT
Four essential truths of the IoTFour essential truths of the IoT
Four essential truths of the IoTW. David Stephenson
 
New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) Ahmed Banafa
 
The Cyber Law Regime in India
The Cyber Law Regime in IndiaThe Cyber Law Regime in India
The Cyber Law Regime in IndiaDr. Prashant Vats
 
the Death of Privacy in Three Acts
the Death of Privacy in Three Actsthe Death of Privacy in Three Acts
the Death of Privacy in Three ActsLilian Edwards
 
The Death of Privacy in Three Acts
The Death of Privacy in Three ActsThe Death of Privacy in Three Acts
The Death of Privacy in Three ActsLilian Edwards
 

La actualidad más candente (20)

Cyber Banking Conference
Cyber Banking Conference Cyber Banking Conference
Cyber Banking Conference
 
Iowa Weighs in on Ethics of Cloud Computing for Lawyers
Iowa Weighs in on Ethics of Cloud Computing for LawyersIowa Weighs in on Ethics of Cloud Computing for Lawyers
Iowa Weighs in on Ethics of Cloud Computing for Lawyers
 
IoT Standardization and Implementation Challenges
IoT Standardization and Implementation ChallengesIoT Standardization and Implementation Challenges
IoT Standardization and Implementation Challenges
 
Closer All The Time: Moving Toward Fiduciary Access to Digital Assets
Closer All The Time: Moving Toward Fiduciary Access to Digital AssetsCloser All The Time: Moving Toward Fiduciary Access to Digital Assets
Closer All The Time: Moving Toward Fiduciary Access to Digital Assets
 
Data Protection & Risk Management
Data Protection & Risk Management Data Protection & Risk Management
Data Protection & Risk Management
 
Kasita's presentation
Kasita's presentationKasita's presentation
Kasita's presentation
 
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...
How to Make Sure the Kids Will Still Be Listening to The Beatles on Google Pl...
 
IoT and Blockchain Convergence
IoT and Blockchain ConvergenceIoT and Blockchain Convergence
IoT and Blockchain Convergence
 
Social Media & Legal Risk
Social Media & Legal Risk Social Media & Legal Risk
Social Media & Legal Risk
 
Cyber laws - Ritu Gautam
Cyber laws - Ritu GautamCyber laws - Ritu Gautam
Cyber laws - Ritu Gautam
 
Cyber law by pravin ghosekar
Cyber law by pravin ghosekarCyber law by pravin ghosekar
Cyber law by pravin ghosekar
 
9 IoT predictions for 2019
9 IoT predictions for 20199 IoT predictions for 2019
9 IoT predictions for 2019
 
IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
Four essential truths of the IoT
Four essential truths of the IoTFour essential truths of the IoT
Four essential truths of the IoT
 
New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference ) New trends of IoT in 2018 and beyond (SJSU Conference )
New trends of IoT in 2018 and beyond (SJSU Conference )
 
The Cyber Law Regime in India
The Cyber Law Regime in IndiaThe Cyber Law Regime in India
The Cyber Law Regime in India
 
Five moral dimensions of information systems pdf
Five moral dimensions of information systems pdfFive moral dimensions of information systems pdf
Five moral dimensions of information systems pdf
 
the Death of Privacy in Three Acts
the Death of Privacy in Three Actsthe Death of Privacy in Three Acts
the Death of Privacy in Three Acts
 
The Death of Privacy in Three Acts
The Death of Privacy in Three ActsThe Death of Privacy in Three Acts
The Death of Privacy in Three Acts
 

Destacado

MFDA - Reference Letter
MFDA - Reference LetterMFDA - Reference Letter
MFDA - Reference LetterIwan Beynon
 
Ni 31 103 Advisory
Ni 31 103 AdvisoryNi 31 103 Advisory
Ni 31 103 AdvisoryYarko Petriw
 
Medicine list controlled
Medicine list controlledMedicine list controlled
Medicine list controlledDRKVBHASKAR
 
Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...
Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...
Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...Lisa Abe-Oldenburg, B.Comm., JD.
 
How to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media PlanHow to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media PlanPost Planner
 

Destacado (11)

MFDA - Reference Letter
MFDA - Reference LetterMFDA - Reference Letter
MFDA - Reference Letter
 
13530912_2.PPT
13530912_2.PPT13530912_2.PPT
13530912_2.PPT
 
FPSC_Brand_Guidelines
FPSC_Brand_GuidelinesFPSC_Brand_Guidelines
FPSC_Brand_Guidelines
 
FPSC_2011_Ads
FPSC_2011_AdsFPSC_2011_Ads
FPSC_2011_Ads
 
Ni 31 103 Advisory
Ni 31 103 AdvisoryNi 31 103 Advisory
Ni 31 103 Advisory
 
13756360_1.PPT
13756360_1.PPT13756360_1.PPT
13756360_1.PPT
 
Medicine list controlled
Medicine list controlledMedicine list controlled
Medicine list controlled
 
13594800_2.PPT
13594800_2.PPT13594800_2.PPT
13594800_2.PPT
 
Mfda 16feb12
Mfda 16feb12Mfda 16feb12
Mfda 16feb12
 
Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...
Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...
Privacy Security Data Breach - Regulatory Compliance for Financial Institutio...
 
How to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media PlanHow to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media Plan
 

Similar a Internet of Things TCLG Oct 23 2014

The internet of things..perspectives for the Nigerian legal system
The internet of things..perspectives for the Nigerian legal systemThe internet of things..perspectives for the Nigerian legal system
The internet of things..perspectives for the Nigerian legal systemSimon Aderinlola
 
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)Adam Thierer
 
The death of data protection
The death of data protection The death of data protection
The death of data protection Lilian Edwards
 
Internet of Things
Internet of ThingsInternet of Things
Internet of ThingsMphasis
 
The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115Devaraj Sl
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationcaniceconsulting
 
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greeneA smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greenebmcmenemy
 
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015bmcmenemy
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
Internet of everything ppt
Internet of everything pptInternet of everything ppt
Internet of everything pptLavanya Sharma
 
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainSensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainHeather Vescent
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentJustin Grammens
 
Internet of things enabling tech - challenges - opportunities (2016)
Internet of things enabling tech - challenges - opportunities (2016)Internet of things enabling tech - challenges - opportunities (2016)
Internet of things enabling tech - challenges - opportunities (2016)Davor Dokonal
 
GCCS-privacy-PP-final presentation-3-1.pptx
GCCS-privacy-PP-final presentation-3-1.pptxGCCS-privacy-PP-final presentation-3-1.pptx
GCCS-privacy-PP-final presentation-3-1.pptxMuhammadAbdullah311866
 
How Can Policymakers and Regulators Better Engage the Internet of Things?
How Can Policymakers and Regulators Better Engage the Internet of Things? How Can Policymakers and Regulators Better Engage the Internet of Things?
How Can Policymakers and Regulators Better Engage the Internet of Things? Mercatus Center
 

Similar a Internet of Things TCLG Oct 23 2014 (20)

IoT -Internet of Things
IoT -Internet of ThingsIoT -Internet of Things
IoT -Internet of Things
 
The internet of things..perspectives for the Nigerian legal system
The internet of things..perspectives for the Nigerian legal systemThe internet of things..perspectives for the Nigerian legal system
The internet of things..perspectives for the Nigerian legal system
 
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of ThingsChristopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
 
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
 
The death of data protection
The death of data protection The death of data protection
The death of data protection
 
Internet of Things
Internet of ThingsInternet of Things
Internet of Things
 
The internet of things
The internet of thingsThe internet of things
The internet of things
 
The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greeneA smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
 
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
 
Internet of everything ppt
Internet of everything pptInternet of everything ppt
Internet of everything ppt
 
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainSensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
 
Understanding big data using IoT
Understanding big data using IoTUnderstanding big data using IoT
Understanding big data using IoT
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
 
Internet of things enabling tech - challenges - opportunities (2016)
Internet of things enabling tech - challenges - opportunities (2016)Internet of things enabling tech - challenges - opportunities (2016)
Internet of things enabling tech - challenges - opportunities (2016)
 
Marcus Comiter, "Data Policy for Internet of Things Healthcare Devices: Align...
Marcus Comiter, "Data Policy for Internet of Things Healthcare Devices: Align...Marcus Comiter, "Data Policy for Internet of Things Healthcare Devices: Align...
Marcus Comiter, "Data Policy for Internet of Things Healthcare Devices: Align...
 
GCCS-privacy-PP-final presentation-3-1.pptx
GCCS-privacy-PP-final presentation-3-1.pptxGCCS-privacy-PP-final presentation-3-1.pptx
GCCS-privacy-PP-final presentation-3-1.pptx
 
How Can Policymakers and Regulators Better Engage the Internet of Things?
How Can Policymakers and Regulators Better Engage the Internet of Things? How Can Policymakers and Regulators Better Engage the Internet of Things?
How Can Policymakers and Regulators Better Engage the Internet of Things?
 

Más de Lisa Abe-Oldenburg, B.Comm., JD.

LEXPERT Payments Oct 29 2014 - CASL Implications for Payment Systems
LEXPERT Payments Oct 29 2014 - CASL Implications for Payment SystemsLEXPERT Payments Oct 29 2014 - CASL Implications for Payment Systems
LEXPERT Payments Oct 29 2014 - CASL Implications for Payment SystemsLisa Abe-Oldenburg, B.Comm., JD.
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
Cardware Conference presentation on BIG DATA June 17-18 2014
Cardware Conference presentation on BIG DATA June 17-18 2014Cardware Conference presentation on BIG DATA June 17-18 2014
Cardware Conference presentation on BIG DATA June 17-18 2014Lisa Abe-Oldenburg, B.Comm., JD.
 

Más de Lisa Abe-Oldenburg, B.Comm., JD. (7)

Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
 
LEXPERT Payments Oct 29 2014 - Mobile Payments Regulation
LEXPERT Payments Oct 29 2014 - Mobile Payments RegulationLEXPERT Payments Oct 29 2014 - Mobile Payments Regulation
LEXPERT Payments Oct 29 2014 - Mobile Payments Regulation
 
LEXPERT Payments Oct 29 2014 - CASL Implications for Payment Systems
LEXPERT Payments Oct 29 2014 - CASL Implications for Payment SystemsLEXPERT Payments Oct 29 2014 - CASL Implications for Payment Systems
LEXPERT Payments Oct 29 2014 - CASL Implications for Payment Systems
 
Copyright Monetization (IPIC McGill Aug 8 2014)
Copyright Monetization (IPIC McGill Aug 8 2014) Copyright Monetization (IPIC McGill Aug 8 2014)
Copyright Monetization (IPIC McGill Aug 8 2014)
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
 
CIPS ON CASL presentation Mar 20 2014
CIPS ON CASL presentation Mar 20 2014CIPS ON CASL presentation Mar 20 2014
CIPS ON CASL presentation Mar 20 2014
 
Cardware Conference presentation on BIG DATA June 17-18 2014
Cardware Conference presentation on BIG DATA June 17-18 2014Cardware Conference presentation on BIG DATA June 17-18 2014
Cardware Conference presentation on BIG DATA June 17-18 2014
 

Internet of Things TCLG Oct 23 2014

  • 1. The Internet of Things Hello? Is anyone there? Yes. This is your car speaking.. How can I help you? I need more Spam! OK. I'll go get some. Toronto Computer Lawyers' Group October 23, 2014 Lisa Abe-Oldenburg
  • 2. What is the Internet of Things? • IoT or the Internet of Everything • Anything that contains a computer processor can act as a self-contained web server to handle communication and other sophisticated functions • Imagine a world where everything has sensors, is connected to a wired or wireless Internet network, and communicating with each other • Phones, computers, tablets • Homes and appliances • Cars and transportation • Wearables (computers worn on the body) • Machines (M2M) and manufacturing • Services, e.g. healthcare, energy, payments • Plants, livestock and pets?
  • 3.
  • 4. Facts and Figures • According to CISCO, during 2008, the number of devices connected to the Internet exceeded the number of people on Earth for the first time • According to the Chartered Institute for IT, there are around 200 connectable devices per person on the planet today and it is estimated that by 2020, 50 billion devices will be connected to the Internet • New IPv6 system, which will replace IPv4, will allow billions of IP addresses to be assigned – one for every object or device in the world (approx. 3.4×1038 addresses) • Google's acquisition of the connected home technology company Nest for US $2.3 billion, was its second largest ever acquisition (after Motorola)
  • 5. Examples • A Dutch company has pioneered wireless sensors in cattle so that when one is pregnant or ill, it sends a message to the farmer • Plants are now able to be connected to irrigation systems and decide when to water themselves • Cars can drive themselves • Wearable monitors can track health information and interact with hospital staff • Fridges can determine what food its owner needs and order it for them • Machines on assembly lines can talk to each other and order more parts or request maintenance as needed • And yes, pretty soon your carpet will call an ambulance for you when you fall and pass out on it…
  • 6. FOR THE PURPOSES OF MAINTAINING YOUR WELLNESS, I, YOUR CARPET, WILL BE PROVIDING YOUR PERSONAL HEALTH INFORMATION TO A DOCTOR. DO YOU CONSENT? Privacy Issues I don't feel well… Hey carpet! This guy is about to kick the bucket! Call 911 and notify his doctor!
  • 7. Privacy Issues • Which laws and jurisdictions apply? PA, PIPEDA, PIPAs, PHIPAs • IoT creates challenges across provincial and international borders. Can domestic legislation alone sufficiently protect personal information in the world of IoT? • Is the data "personal information"? • Definition of "personal information" is generally considered to be any information about an identifiable individual
  • 8. Privacy Issues • SCC in Dagg v. Canada (Minister of Finance), [1997] 2 S.C.R. 403 said broadly: "its intent seems to be to capture any information about a specific person, subject only to specific exceptions" • Privacy Commissioner in its 2001-2002 Annual Report to Parliament also stated that: "the definition ['about an identifiable individual'] is deliberately broad…It does not matter who generated the information, or how, or who technically "owns" it…information [is] personal even if there is the smallest potential for it to be about an identifiable individual"
  • 9. Privacy Issues • Information that alone does not identify an individual can be "personal information" if, in combination with other information, it could be used to identify an individual • Federal Court determined that such data, which could be combined with other data to identify someone, is "personal information". See Gordon v. Canada (Minister of Health), [2008] CarswellNat 522 paragraph/line 34 • IoT becomes complicated as it generates BIG DATA. Data, when coupled with other available data, could lead to identifying individuals
  • 10. Privacy Issues • IoT makes compliance with Privacy Principles underlying all modern privacy regimes complicated: • Accountability: organizational responsibility for Personal Information (PI) under its control – Who is in control? Push (chatter) vs. pull data • Identifying Purposes: at or before the time of collection of PI – Practicality? Individuals may not be aware of any data processing taking place • Consent: knowledge and consent of individual required for collection, use or disclosure of personal information, except where inappropriate – Informed consent? Sufficiency? Form? Enforceability/binding? Can machines consent on your behalf? Can they bind you to contracts? Consumer protection laws and Internet contract requirements • Limiting Collection: PI collection limited to that which is necessary for the purposes identified by the organization – Who is collecting? How BIG is the DATA? Combined data can reveal more information about an individual and increase identity theft risk
  • 11. Privacy Issues • Limiting Use, Disclosure and Retention: PI cannot be used or disclosed for other purposes. Also, PI can be retained only as long as necessary for the fulfillment of the purpose – how do you control the data and its use or disclosure? Data filters? Handling machine requests for repurposing data? Data on the Internet exists forever! • Accuracy: PI shall be as accurate, complete, and up-to-date as necessary for the purposes for which it is to be used – stored data vs. real time data? Will machines know what is correct? • Safeguards: PI shall be protected by security safeguards appropriate to the sensitivity of the information – Assessing sensitivity in what context? Security issues • Openness: Organization shall make readily available to individuals information about privacy policies and practices – To/from machines? Which organization? • Individual Access: Upon request, can access and amend info and be informed of its existence, use and disclosure – How does live person get access from machines? • Challenging Compliance: Individual can challenge compliance with principles to designated accountable individual at organization – Who is this?
  • 12. Hey Fridge! What food does George have in there? Just pizza. How many pizzas does he eat in a week? On average…. ten. We'd better increase his life insurance premium! George's Insurance Company George's fridge
  • 13. Security Issues • Software = hackable • Connection = exposed • Former VP of the US, Dick Cheney, deactivated the Wi-Fi function on his pacemaker, admitting he was afraid someone might hack it in an attempt to assassinate him • In PIPEDA Finding #2011-001, the OPC reported on Google's inadvertent collection of data from unsecured Wi-Fi networks as camera cars documented street images for Google's mapping services over the course of several years. Google had gathered PI in excess of the purpose for which it was collected, failed to provide adequate disclosure or solicit consent from the data subjects • Last year, two IT experts in the US showed how easy it is to hack a car, make it brake, prevent it from braking or even make the driver lose control of the steering wheel • Corporate espionage and employee issues
  • 14. Security Issues • The BBC reported recently that a fridge was discovered to be sending spam emails after a web attack. It was one of more than 100,000 devices used in a spam campaign – Objects are vulnerable • A recent study by HP found 70% of IoT devices used unencrypted network services and 80% of devices (including their cloud and mobile app components) failed to require passwords of a sufficient complexity and length • Potential for monitoring and tracking homes or wearables equipped with IoT systems to perform BIG DATA analytics and covert surveillance • Symantec paper (July 30 2014) found: • All wearable activity-tracking devices can be tracked or located through wireless protocol transmissions by simply scanning airwaves for signals – can tell when you are not home • 20% of apps transmit user data in clear text, e.g. login passwords, d.o.b., address, etc. • 52% of apps don’t have privacy policies • Significant number of apps contacted 10 or more different domains • Shared service sites did not correctly handle user sessions, allowing browsing of personal data belonging to other users of the site, or uploading of commands to the server for execution
  • 15. Security Issues • Security of objects as connection points, security of interaction between objects, and security of the ecosystem itself • New standards, security audits and authentication may be necessary • OPC Authentication Guidelines – if an organization does not need to identify for sure who the individual is then they should not be collecting authenticating information. "Risk creep" as more objects become interconnected • Medical device regulation for connected devices • Recent US Guidelines for cybersecurity in medical devices • No specific guidance yet in Canada • Health Canada case-by-case analysis of vulnerabilities of each device with regards to patient safety and safeguarding of medical information • European medical devices directives are already undergoing substantial revision, with the expectation being that two new regulations will come into effect some time in 2015 • Encryption and intrusion detection measures • Data breach notification responsibilities
  • 16. Intellectual Property Issues • Things, objects and machines can not only talk to each other, they can make smart decisions and create literary, artistic, dramatic, musical works and inventions based on information they receive, whether from their own sensors, a person or another object or data source I need some wings so I can fly! I can create the flying software, upload it and design you attachable wings. Hey 3D printer, I need your help! Send me your code and I'll have it done in a minute!
  • 17. Who owns machine-generated works? • Who owns the data? Database rights • As machines become even more intelligent, the machines will be operating not just as tools or sensors collecting data, but also as producers of works with little or no human intervention • Canadian Copyright Act does not protect literary or artistic works created by non-humans • Draft Compendium of the U.S. Copyright Office Practices, Third Edition, August 19, 2014 Chapter 300 states that "the Office will not register works produced by a machine or mere mechanical process that operates randomly or automatically without any creative input or intervention from a human author." • Assuming all machines will produce a random or predictable result
  • 18. Who owns machine-generated works? • Artificial intelligence and vast amounts of complex data and information (real-time variables) being exchanged, do not create random or predictable results. May be quite novel or original, like the solution to a complex problem that cannot be solved by the limitations of the human brain. Should the output be protectable as a copyright work or patentable as an invention? • Dilemmas as to Who is the owner or inventor? • Ownership claims may come from the producers of the underlying programming, the owners of the machines, the investors in the technology, the network or machine operators, or the end-user subjects about whom the data is being collected, or others
  • 19. Who owns machine-generated works? • UK and New Zealand allow copyright protection for computer- generated works • In those countries, the author of a literary, dramatic, musical or artistic work that is computer-generated is deemed to be the person who makes the "arrangements necessary " for the creation of the work • Copyright reform needed in Canada to remain a competitive marketplace for IoT and M2M technology • To protect your machine-generated works in Canada under Canadian copyright law, you should ensure some creativity is contributed from a human author and that the other tests for originality and fixation are met
  • 20. Patent infringement risk • For IoT to work, it requires standardized technology • If patents exist in the architecture, third party users may be infringing • Standard-Essential Patents (SEPs) are patents that are essential to implement an industry standard • Bodies who set standards impose conditions that patent licenses should be available to third parties on fair, reasonable and non- discriminatory (FRAND) terms
  • 21. Patent infringement risk • Court of Justice of the EU is considering Huawei v. ZTE (C-170/13) • Huawei, China’s largest phone maker, sued ZTE at the Regional Court of Düsseldorf, seeking an injunction for the alleged infringement of an SEP relating to the implementation of the LTE standard • ZTE, a telecom company also based in China, claimed the demands for an injunction were an abuse of Huawei’s dominant market position, citing it is prohibited under European directive (Article 102, TFEU) • ZTE claimed that, because it was willing to negotiate a license agreement to use the patent, no injunction could be issued against it • In addition to submissions by Huawei and ZTE, the Netherlands, Finland and the European Commission submitted their views and concerns as to how the interests of patent owners and standard users should be balanced • Final opinion of the AG is expected November 20th, and final judgment expected in early 2015 • Will affect future SEPs and licensing
  • 22. Liability Issues • Who is liable when the machine gets it wrong? • Is there a valid and enforceable contract, between machines? • Automated contracts • Provincial consumer protection laws for Internet (text based) or remote contracts may apply, e.g. requirements for disclosure of terms, writing and delivery, content of agreement, express opportunity to accept or decline, cancellation rights, amendment, renewal and extension. • Was there negligence? Product liability issues? • Limitations on liability – certain types of liability cannot be contracted out of • What if machine orders/binds you to something that you cannot afford? • What if machine gets hacked, or has a data breach? It wasn’t me! It was my car! You hit me!
  • 23. More regulation to come • The Canadian OPC is currently conducting various research projects related to the IoT, including a study on intelligent vehicle technology that will look at the impact on privacy of the use of telematics by automobile manufacturers and insurers • US Federal Trade Commission held a workshop in November 2013 dealing with the IoT and is still trying to figure out the best way of regulating it • The European Commission has undertaken a number of research projects related to the IoT • CASL technology provisions dealing with the installation of computer programs, come into force January 15, 2015
  • 24. Lisa K. Abe- Oldenburg, B.Comm., J.D. Abe-oldenburgL@bennettjones.com Tel.: 416-777-7475 www.bennettjones.com • This presentation contains statements of general principles and not legal opinions and should not be acted upon without first consulting a lawyer who will provide analysis and advice on a specific matter.