When one thinks of traditional Software as a Service SaaS you envision accessing or subscribing to cloud based software or services through the internet. This traditional method of SaaS typically involves no hardware.
Fast forward a few years and now we see an entirely new SaaS model which still relies upon data or information being sent to and from the cloud however Hardware Enabled Software as a Service (HESaaS) utilizes some form of hardware that enables the transmission of machine data to the cloud for more effective inventory management and product merchandising analytics. Picture a vending machine sending back data to the supplier letting it know that it is running low on potato chip bags in 2,000 of its locations. Normally, the vending machine gets depleted and the delivery person loads it up like clock work every week or 2x a month. But how efficient or cost-effective is that? If a supplier knew that some food product was hot perhaps it would have the machine re-loaded every two days or maybe it would put an additional vending machine in that location.
What fascinates me as a SaaS Lawyer is that what is really happening here is the confluence of SaaS and the Internet of Things (IoT) connected devices. We see it regularly now with fitness bands and home heating internet connected devices transmitting data and information to the cloud.
The big legal dilemma or problem that I see developing now and in the future is security of all of this personalized data, who has access to it and what can be done to stop unauthorized third parties from taking control and disseminating this valuable information.
Let’s take a hypothetical situation. Let’s say a manufacturer of a fitness band can determine what time of day users of the band go for their daily run. What if the data showed that runners run less at night or early in the morning because there are more commuters and driver visibility is poor with strong early morning sun or after work darkness. This data is worth a fortune to the right company who could develop technology enabling runners to run safely both in the early morning and after work.
But, who does this data belong to and can the developer of the fitness band take information about users without their consent and sell it to third parties for a profit?
These are questions which in all likelihood are going to be answered in lawsuits pertaining to personalized user data and information being collected by IoT internet connected devices.
Andrew S. Bosin, Esq, is a SaaS Lawyer with a nationwide SaaS law firm located in New Jersey.
Please call Andrew for a free initial legal consultation at 201-446-9643.
www.njbusiness-attorney.com | andrewbosin@gmail.com