Home Full of IoT Devices Makes for 'Incredible Richness' of Data Collection, SmartThings Says
Older, sector-specific laws such as those regulating health and financial information are good for protecting consumer data that stays in those respective silos, but the modern era of ubiquitous data collection means that no longer happens, said FTC Commissioner Julie Brill on a panel at the Techonomy Policy Conference Tuesday.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Talk of the intersection of regulation, data collection and privacy made its way into many of the conference's panels, with tech industry officials and regulators from tech companies debating what these issues mean for the IoT, international data policy and security. “We need to figure out how to extend these rules to the way that data is actually flowing,” said Brill. The government and private companies need to be more transparent about how consumer data is being used and stored, said Andrew Rasiej, founder of Personal Democracy Media and senior technology adviser to the Sunlight Foundation: “Privacy policies should be called data usage policies.”
A home full of connected devices allows for the collection of “an incredible richness” of data about the people living there, said Alex Hawkinson, founder of IoT company SmartThings, now owned by Samsung. Connected devices and the data they collect can be used to help lower energy costs, improve security, or allow the elderly or disabled to lead more independent lives, he said. Hawkinson has nearly 200 connected devices in his own home, he said. However, he conceded there's a “creepy factor” associated with that data collection. Motion sensors in rooms can give a great deal of information about a person's habits, and friends who visit a connected home have likely not consented to having such data collected about them, he said. Companies' collection of data and the way they use it shouldn't be “opaque” to users, said Nuala O'Connor, CEO of the Center for Democracy & Technology: “I don't necessarily want the federal government knowing what I'm eating and who's in my house.”
Increasing the number of connected devices fuels the huge appetite for spectrum, said FCC Commissioners Jessica Rosenworcel and Mike O'Rielly. The FCC needs to find better ways to make spectrum that is reserved for government use available for commercial use, both said. Both indicated support for measures that would put a value on the spectrum used by government agencies -- Rosenworcel called the idea “spectrumbucks.” The commission needs a carrot and stick approach to reclaiming spectrum from the government, O'Rielly said, pointing to the spectrumbucks idea as a way to create “budgetary consequences” for federal agencies' spectrum use.
Policies to allocate more unlicensed spectrum are especially important, the commissioners said. The FCC is looking into ways for uses on the upper 5 GHz band to share with unlicensed users, O'Rielly said. A system that uses software to allow companies to rent spectrum that's not being currently used for discrete uses would also allow more efficient spectrum use, Rosenworcel said.
Privacy policy can hurt innovation, said Dan Haley, assistant general counsel for athenahealth. Privacy policies governing medical records have frustrated the introduction of advanced communications technology to the healthcare industry, he said. That lack of innovation leads to people dying who don't have to, “in service to outdated legal paradigms,” said Haley. There is a “moral imperative” to keep policy from interfering with improving healthcare with communications technology, he said. Lawmakers don't adequately understand the dangers of a multitude of connected devices, said Raseij. “Politicians don't know the difference between a server and a waiter,” he said.
Data is a liability as well as an asset, said Brad Burnham of Union Square Ventures. Companies can use data to profit but are also responsible for protecting it, he said. AT&T Senior Vice President-Federal Regulatory Robert Quinn agreed, pointing to Communications Act Title II regulation of the Internet as creating more concern in that area. Under Title II, legacy companies may face stricter data rules than their newer competitors. The FCC is behind on regulating privacy, Quinn said.
Several speakers expressed concern that differing policies on data collection and privacy among foreign governments could be a difficult challenge for innovation and business growth. There should be “more investment in international treaties and norms,” said Microsoft Deputy General Counsel Erich Andersen. “How are banks going to have confidence in international cloud systems if countries want to apply local laws and subpoenas?” Microsoft's Horacio Gutierrez, also a deputy general counsel, complained that the U.S. sometimes acts extraterritorial in its pursuit of data about individuals. Extraterritoriality isn't necessarily bad, said Brill, arguing that the U.S. has sometimes ignored other countries' laws to protect data.