The weakness of the Internet of Things (IoT) technologies, including its legal issues, could be considerably supported employing the blockchain at the time when the model of business of companies is changing.
The rapid decline of some tech giants
The fall of the mobile business of Nokia is well known. The Nokia 1100 mobile phone is still among the most sold phones in history. It did not provide any significant unique feature, it had no connection to the Internet, and the most attractive feature was “snake” a green worm moving on a terrible looking screen.
In 2007 almost one out of two mobile phones worldwide were Nokia. But a few years later in 2013 when Microsoft acquired Nokia mobile business, it had a market share of just 3%.
The comment from the former CEO of Nokia that day was
We did not do anything wrong, but somehow we lost!
During those six years, the growth of smartphones was incredibly fast even for a giant like Nokia. They had not been sufficiently fast to adjust their business to the growth of smartphones, and eventually, the delay jeopardized their mobile business!
How the Internet of Things is changing the model of business
There is the title of a famous article from Marc Adressen published in 2011 on the Wall Street Journal which is
Why software is eating the world
This title stresses how the Internet of Things technology is driving a change in the model of business of companies that are no longer selling products, but services.
You can read my article on the topic “Ready for the new Internet of Things business models?” but an interesting example is the project EFFIFUEL from Michelin where they not only put sensors on their tires, collecting data on their customers’ usage of their products, but such technology enabled them to change their model of business.
They no longer have a one-off instantaneous relationship with their customers that will appear again when they need to change them. They now have a long term services agreement whereby they collect data on the usage of their products from their customers, provide services to them based on such data, and can predict when a tire is likely to get flat. Such a scenario enables them to replace flat tires as part of the service arrangement so that, through predictive maintenance tools given by the IoT sensors, they prevent potential delays and avoid to bid with competitors when a new major purchase of their products is necessary.
How the Internet of Things is changing the contractual structure
The change outlined above is leading to also a shift in the way contracts are structured. There is a shift from solutions where everything provided is at the customers’ premises, to an infrastructure as a service model of business, to a platform as a service approach and eventually to a software as a service solution.
Customers no longer have at their premises almost any technical component of what they purchased. This shift might have significant advantages in term of better performance, but also creates a considerable dependency and reliance on suppliers by their customers.
The solution adopted by some companies was to have different IoT components from different suppliers. But this solution might negatively affect in some cases the level of the services that are received. Therefore, contracts need to have in place sufficient safeguards, mitigation measures and detailed migration plans to avoid to end up locked with a supplier.
The main legal issues of Internet of Things technologies
The above is just an example of the legal aspects of the IoT technologies which also include concerns as to
1. Who owns the data generated by IoT technologies?
Apart from privacy-related issues, when it comes to machine data, the problem is not only the type of intellectual property right that is held, but also who holds it. Suppliers might try to have in place contractual arrangements so that they own the data so that the customer will lose a significant asset if it migrates to a different supplier. Customers should be aware of the rights they can claim and how to put in place the necessary measures to keep control over them.
2. Who is liable for malfunctionings, accidents, and failures of the Internet of Things system?
At a time when cybersecurity risks are exponentially becoming a significant issue for businesses, the complexity deriving from the IoT technologies derives from the fact that there is not a single supplier.
Internet of Things systems are very often the combination of technologies and services from different suppliers and allocating the liability in case of failures can be quite challenging. The solution might be to extend the strict product liability regime to IoT technologies, but this could end up in a disincentive from investing in the market.
Medium and small size companies will not be able to bear liabilities towards their customers for events that they do not control. Likewise, they might not be in the position to negotiate back-to-back liability clauses with their suppliers.
3. Rules of which jurisdiction shall apply to the IoT?
Internet of Things projects often have an international scope, and apart from the law governing the contract between the parties, the issue might be for instance which tax law applies to the transfer of data between different countries. Indeed data itself is an asset and data transfers could be taxable in some jurisdictions.
Contracts can attempt to regulate any aspect through a master agreement with the headquarter and ancillary agreements with each subsidiary. But the matter will also require a country by country assessment of the implications due to local laws.
Is the blockchain the solution for the Internet of Things technologies?
The blockchain can contribute to enabling better control over the Internet of Things systems. Indeed, it can drive three significant benefits:
1. Increased transparency and security
The level of transparency given by the public ledger used by blockchain technologies makes sure that the recording and tracking and visibility of Internet of Things data are accessible to who needs to do it.
At the same time, the security ensured by the blockchain through its level of encryption considerably reduces the risk of a hacked IoT technology which is a significant improvement since cybersecurity is frequently considered the Achilles’ heel of the Internet of Things.
2. Reduction of costs
Blockchain gets rid of intermediaries which leads to a massive cost reduction. The impact is relevant not only in consumer-facing projects but also in the Industrial Internet of Things market since data are aggregated without the action or support of third parties, enabling the company to have a clear picture in real time of the status quo.
3. Acceleration of transactions
The settlement time of operations becomes almost instantaneous since they happen in real time based on the rules written in the smart contract recorded on the blockchain.
There is a benefit not only in terms of the time of the performance but also because of the considerable reduction of risks of potential disputes linked to actions on the involved parties.
The dilemma between permissioned and permissionless blockchain in the IoT
I previously published the article “Is the blockchain privacy compliant after the GDPR?” which outlines the position of the French data protection authority (the CNIL) about the privacy-related issues of the blockchain. The principle that emerges is that it is necessary to have a “sort of control” over the blockchain to make it compliant.
In this sense, my perception is that the whole market is shifting towards a permissioned blockchain, especially in the Internet of Things projects whose lack of service or control might have a massive negative impact on businesses.
I discussed in this article “What is the liability deriving from the blockchain? And how to handle it?” about how to handle liability risks arising from blockchain technologies such as the lack of control on the functioning of a smart contract, the impossibility to remove information on a blockchain and the inability to adjust the blockchain to regulatory requirements.
On the contrary, a permissioned blockchain is
- faster since it is a smaller ledger;
- controllable as the rules of access, visibility and functioning, also enabling to disable the access when no longer required for instance when the retention period has expired, or the exercise of the right to be forgotten occurs; and
- amended to ensure compliance with regulatory requirements.
The blockchain is an opportunity for the Internet of Things, but the proper interception of both technologies requires detailed legal and technical assessments. Such matter was the topic of a presentation that I recently gave at the DLA Piper Tech Summit in Warsaw whose slide deck is below.