1. What is IoT?
- As per the draft Internet of Things (‘IoT') Policy of India, 2015, IoT is a seamless connected network system of embedded objects / devices, with identifiers, in which communication without any human intervention is possible using standard and interoperable communication protocols.
- In simple terms, IoT refers to a huge network of interconnected devices (in the form of everyday objects) which collect / gather information through environment, location, user preferences, controls etc. with the use of sensors and store such data at a common platform. After the storage of data, the same can be received and used by other inter connected devices as per their needs and requirements. A single device can collect the data, store it and can further act on the basis of collected and stored data.
- IoT allows and facilitates everyday objects to collect, store, provide the data for future analysis including a capability to act on provided data.
- Example- A smart refrigerator that uses the touch screen interface to set expiration dates and receive notifications to use food while it is fresh.
2. Does deployment of IoT take away liabilities issue of deployer?
- No. The deployment of IoT does not take away liabilities issue of deployer.
- IoT uses a complex system of inter-connected networks, software, sensors and involves a complex system of many interconnected devices that act on the basis of information / data received from each other stored at a common platform. If there happens to be a malfunction in any one of the devices, the entire chain suffers and can ultimately lead to grave consequences. Thus, the liability of the software
developers, manufactures, sellers etc. increases because of the complexity and technology involved.
- Example- If the software embedded in a thermostat fails to function properly, the thermostat will collect wrong data and will set the temperature accordingly which can result in un-favorable circumstances for the user. The other devices connected to the thermostat might also function on the wrong data collected and stored.
- There can be certain associated liabilities with the deployment of IoT. The liability issues of the deployer can arise because of the following reasons:
a. Device malfunction
b. Cyber Attacks
c. Data Theft etc.
3. Who is liable in case of malfunctioning of the product?
- An IoT device functions and acts on the basis of information collected, stored and provided through the use of complex system of sensors, internet, software and other electronic equipment. Thus, it becomes difficult to assign the liability in case of a product malfunction. The reason could be attributed to the fact that in an IoT device, the software to collect data might have been provided by one party, the device might have been manufactured by second party and the data might have been used by a third party.
- Malfunctioning of an IoT enabled product can not only arise because of product defect but also from a network failure to provide data as needed and also from the non-functioning of the software.
- Most of the common law countries adopt a strict liability principle in case of a product malfunction. Thus, the liability of the manufacturer of the device is presumed in a product malfunction. As per the principle of strict liability, the manufacturer is held liable and accountable for any loss, damage occurring to the user because of the duty of the manufacturer to take reasonable care.
- Thus, it becomes very relevant for the IoT device manufacturers to have a risk allocation process in place to determine the extent of liabilities and in particular to ascertain which party bears the liability for damage caused to the user of an IoT device. This system can be put in place through pre-negotiated contracts with the parties involved.
4. Is there insurance cover for liabilities arising from deployment of IoT?
- For the reasons mentioned in response to query 3 above, it becomes important for all IoT stakeholders and especially the manufacturers to have appropriate insurance cover for the liabilities arising from the deployment of IoT.
- In all likelihood, the manufacturers, sellers and distributors will take the first fall in case of any liability arising out of deployment of IoT and therefore, should take the insurance factor into consideration while doing business.
- It is important that IoT stakeholders pre-empt the risks associated with the products and accordingly decide the insurance coverage. This is particularly relevant as traditional insurances may not work effectively to protect the interests of the stakeholders. The stakeholders should consider opting for a customized tailor-made insurance cover to meet their needs.