The potential for IoT to have a positive economic, societal, and environmental impact worldwide is substantial, but its development also raises new questions to be addressed by regulators and policy makers. The need to protect consumers, and to help them understand how their data is being used, must be balanced against the need to ensure that the potential of the IoT market is not stifled.
Governments are not neutral actors in IoT – they are active participants, as well as rule makers, with government policy driving some of the largest IoT projects worldwide. For example, the European Union is aiming for 80% of electricity meters to be smart meters by 2020, and in the USA, Recovery Act funding supported smart grid initiatives. Governments are also supporting the deployment of vehicle accident alert systems (such as the European Commission’s initiative, eCall), and providing funding for smart cities and more general IoT innovation.
Governments need to be wary of the potentially negative consequences of their involvement. For example, one operator suspended its plan to build a large-scale LPWA network after the national government suggested that it would instead fund a similar system to support smart city services. However, after 18 months with no development of the promised government network, the country in question still has no LPWA connectivity.
We have identified seven key areas of interest for regulators reviewing IoT:
|Issue||Regulatory and policy considerations|
|Device and service security|
|Data privacy and ownership|
|Network security and resilience|
|Data sovereignty and residence|
|Allocation of scarce resources (including spectrum and numbering).|
|Roaming and network switching|
We believe that four broad factors should be considered when reviewing regulation and policy for IoT:
- Although IoT development raises some new concerns, many issues will already be covered by existing regulation, making new rules unnecessary. For example, privacy concerns have been raised about drones that can take videos or photographs, with some attempts to ban drone photography.5 Most countries already have legislation on photography, which means that additional rules are not needed.
- Current and planned regulation may be too stringent for IoT, and could threaten innovation. The need to relax existing rules has been recognised in both Japan and Korea.
- IoT requires regulatory certainty due to the long-term nature of investments. A 15-year lifetime for an IoT device will not be uncommon. For such commitments, the firms involved will want to have confidence in the regulation. For example, the rules governing permanent roaming6 are unclear in many countries and this may dissuade IoT companies from using it.
- Finally, IoT is a global business, which limits the impact that any single national government can have over many aspects, including IoT standards. While it may not be desirable or possible for governments to decide upon standards, they do have influence.
Written by Tom Rebbeck, research director at Analysys Mason