European Commission publishes report on internet of things

by Uta Meier-Hahn

What does politics have to take into account when ever more objects are connect to the internet?

In the end of February the European Commission published its expert group’s report on the internet of things. In the report, the advisory group, established by the Commission in 2010, describes the scenarios that lawmakers need to take into account when facing a world where ever more physical objects are connected to the internet.

Preceding the report, public consultations had taken place with stakeholders from science, civil society and industry. The experts anticipate that the technologies of the internet of things will bring forward critical developments for the areas of ethics, data protection, technical architecture, standards, identification of networked objects and governance.

Liability: Borders blur

From an ethical point of view on the internet of things, the report releases high hopes. For instance, innovations in the areas of health and security are to be expected. However, the experts believe, the internet of things entails uncertainties: “People are not used to objects having an identity or acting on their own, especially if they act in unexpected ways”, indicates the subgroup on ethics. The boundaries between humans and connected objects blur. Who is responsible? Who is liable? When damages or unintentional effects will start occurring more frequently, these questions will become louder. They will have to be defined.

Data protection: Watch out for the EU regulation

Networked objects, sensors and actuators in private and public spheres will influence every person’s privacy “but only few will really notice”, the members of the data protection group predict. They demand that measures for data protection and security be considered at the draft stage and that they should be factored into the development of standards. Widely coined as privacy by design, this idea may already be included into the widely debated EU Data Protection Regulation. As long as this regulation has not been adopted, it remains unclear whether extra laws on data protection in the internet of things are needed.

According to one member of the data protection group, in any case there is a need for guidelines on how laws should be applied. For instance, if millions of objects generate personal data, it will become more and more difficult to acquire “informed consent” from the those concerned. This is especially true with the new EU regulation, where the processing of personal data by third parties may be tied people’s explicit consent.

No standards, no trust

The absence of standards practically hampers the extension of the internet of things – partially due to unclear responsibilities. The rapporteur of the standards subgroup recommended to have a look at the OneM2M, an initiative which is supposed to counteract the industry’s global fragmentation by introducing standards on protocols, authentication or interoperability starting in 2013.

Certain processes are developed without working towards a unified standard for things such as how objects should be identified technically, how services should discover them and how movements of objects can be represented. As a solution, at least two lines of action seem to be possible: to make a substantial effort to introduce a global ID system (e.g., based on IPv6) and/or to facilitate interoperability between different systems.

If stakeholders fail to establish reliable standards, a lack of trust will ensue, warns the subgroup on identification. Car drivers will not be happy “if semi-autonomous cars stop unexpectedly and have to be rebooted as often as some computer operating systems.”

No extra institutions for the governance of the internet of things

Likely the most surprising result was that of the subgroup on governance of the internet of things: The experts quarreled with their object of study for one and a half years, trying to find an answer to the question of whether the internet of things really is substantially new, or if it is just an extension of the internet as it existed before. Their conclusion: A secondary forum for political questions regarding the internet of things should not be instantiated. Issues should be dealt with within existing multi-stakeholder structures of Internet Governance such as the Internet Governance Forum (IGF).

The IGF has welcomed the discussion. An working group on the internet of things met already at the 2012 IGF in Baku. However, there was only one topic on the agenda: Should the group continue or to dissolve? It decided to keep going – preliminarily, until the EU commission publishes its recommendations on the internet of things policy, probably within the year. It will then be visible weather the European politics will embrace the internet of things as an independent field of action, or if the term just served as a symbolic hook to discuss difficulties around the informatisation of objects.

This post is part of a weekly series of articles by doctoral canditates of the Alexander von Humboldt Institute for Internet and Society. It does not necessarily represent the view of the Institute itself. For more information about the topics of these articles and asssociated research projects, please contact presse@hiig.de.