As a technology lawyer, one of the niche fields in which my legal practice has increased is the Internet of Things or what is also known as IoT. Truth be told, I’m not sure there is an agreed upon definition of what clearly defines IoT. I’m not here to try and define something which I believe is too big to define. Rather, I’m going to dive into how the Internet of Things has dramatically effected both our lives and the workplace from a legal perspective.
Think about the fact that ten years ago there was no such thing as a Fitbit or drones or wearables. One of the resulting consequences that has occurred with the proliferation of devices and Fitbits and other IoT devices is the sheer amount of personal data and information being generated by individuals, consumers and employees, which such data in turn is being collected by SaaS providers, technology companies and even employers.
Best Internet Of Things Lawyer New York City. Best Internet Of Things Lawyer Chicago. Best Internet Of Things Lawyer Los Angeles. Best Internet Of Things Lawyer Sacramento. Best Internet Of Things Lawyer San Jose. Best Internet Of Things Lawyer San Diego. Best Internet Of Things Lawyer Boise. Best Internet Of Things Lawyer Montana. Best Internet Of Things Lawyer Idaho. Best Internet Of Things Lawyer Salt Lake City. Best Internet Of Things Lawyer Denver. Best Internet Of Things Lawyer California. Best Internet Of Things Lawyer Phoenix. Best Internet Of Things Lawyer Seattle. Best Internet Of Things Lawyer Minneapolis. Best Internet Of Things Lawyer Milwaukee. Best Internet Of Things Lawyer Indianapolis. Best Internet Of Things Lawyer Texas. Best Internet Of Things Lawyer Ohio. Best Internet Of Things Lawyer Florida. Best Internet Of Things Lawyer St. Louis. Best Internet Of Things Lawyer Kansas City. Best Internet Of Things Lawyer Oklahoma City. Best Internet Of Things Lawyer Austin. Best Internet Of Things Lawyer Dallas. Best Internet Of Things Lawyer Houston. Best Internet Of Things Lawyer San Antonio. Best Internet Of Things Lawyer New Orleans. Best Internet Of Things Lawyer Memphis. Best Internet Of Things Lawyer Nashville. Best Internet Of Things Lawyer Louisville. Best Internet Of Things Lawyer Atlanta. Best Internet Of Things Lawyer Miami. Best Internet Of Things Lawyer Orlando. Best Internet Of Things Lawyer Tampa. Best Internet Of Things Lawyer Jacksonville. Best Internet Of Things Lawyer Atlanta. Best Internet Of Things Lawyer Charlotte. Best Internet Of Things Lawyer Raleigh. Best Internet Of Things Lawyer North Carolina. Best Internet Of Things Lawyer Virginia. Best Internet Of Things Lawyer Washington DC. Best Internet Of Things Lawyer Philadelphia. Best Internet Of Things Lawyer Pittsburgh. Best Internet Of Things Lawyer Pennsylvania. Best Internet Of Things Lawyer Brooklyn. Best Internet Of Things Lawyer Connecticut. Best Internet Of Things Lawyer Hartford. Best Internet Of Things Lawyer Boston. Best Internet Of Things Lawyer Massachusetts. Best Internet Of Things Lawyer Providence. Best Internet Of Things Lawyer Albany. Best Internet Of Things Lawyer Buffalo. Best Internet Of Things Lawyer Cleveland. Best Internet Of Things Lawyer Columbus. Best Internet Of Things Lawyer Boulder. Best Internet Of Things Lawyer Riverside. Best Internet Of Things Lawyer Las Vegas. Best Internet Of Things Lawyer Portland, Oregon.
There is not a week that goes by where the news does not report a breach or security issue with some sort of technology. The same holds true for IoT. With all these new devices and connectivity there is bound to be security failures and new privacy concerns that will be raised about all of this data that is being collected. What about the fact that many hardware, software and other services form this chain that goes into developing an IoT device and inevitably questions will arise as to who owns the data being collected, what will these companies do with the this information and will this spawn a host of new litigation?
The other thing about these IoT devices is that there is a lot of different types of information and personal data being generated by many different devices. Specifically, while some employers are requesting that employees use wearables such as Fitbits to get or stay in shape to reduce sick days or insurance premiums which are all positives what is to stop an employer from taking this data for nefarious reasons such as building an algorithm from all the employee data it collects and making predictions that some employees will be less productive and thus should be terminated. I can tell you from my days as an employment litigator representing employees that if an employer collected data about my client’s health and turned around and it used it as a basis for termination that employer would be engaged in illegal activity.
I’m not waiting around for one of my clients who licenses SaaS software to a customer to be sued by a third party claiming that the data collected by my client’s customer was sold or used by the customer or a third party for an improper purpose. In furtherance of protecting user data and information, not a week goes by that I am not drafting documents for clients such as website terms and conditions, privacy policies, security policies, data retention policies and/or crafting language built into SaaS agreements which spells out unambiguously what my clients’ customers or third parties are permitted to do with the vast amount of data being collected by the use of my clients’ SaaS Software. I also work on disclosures about what my clients and their customers can do or not do with the information being collected from individuals or consumers. Specifically, I might draft language that states that the data collected will not be sold to any third parties without the consent of the user.
In short, I try to make sure that no party using my clients’ software can do anything other than use the data in the use of the software. For example, if the SaaS Software deals with HR issues and collects personal information about the employees of a company using the software the only manner the company can use the data is in the use of the Software. Some companies or someone in this company could get the bright idea to sell this valuable data to a third party which would probably lead to lawsuits.
This data being collected by devices and/or SaaS Cloud based software may include personally identifiable information (pii) such as addresses, credit card information, birthdays, addresses and information regarding buying habits. Why should you be concerned about all of this personal data and information your company may be gathering albeit in any unintended manner? The reason you should be concerned is because this is valuable information to marketers. Perhaps you have collected data about the buying habits of thousands of customers in a certain segment of the market. You don’t want to make the mistake of selling or re-selling this personal information and data to a third party who will use it to market to other consumers. There is a possibility that the users could take legal action against your company if their personally identifiable information is disclosed or sold to a third party. What if your cloud based services is hacked or subjected to a cybercrime and all this valuable data has been stolen?
One way for both the SaaS provider and customer to protect the PII is to spell out in the SaaS Agreement that the user owns all of the data and that the customer must require that users first sign a Terms of Use prior to accessing the Software which says that the customer is being given a license to use the data only in the use and performance of the software and once the agreement with the customer and SaaS provider has been terminated the customer cannot sell the data to a third party.
If you are a SaaS provider, in negotiating a SaaS Agreement you want to make sure that ownership of the data is clearly spelled out and what the customer can or cannot do with it.
Andrew S. Bosin, Esq. is a Internet of Things (IoT), Technology and SaaS Attorney located in New Jersey with a National law practice. Andrew can be reached at 201-446-9643 or andrewbosin@gmail.com