Congressional hearings aren't always contentious; but an hour-long hearing on the Internet of Things held by the House Subcommittee on Courts, Intellectual Property, and the Internet on Tuesday was decidedly warm and fuzzy. It may have had something to do with the lopsided roster of witnesses, which, rather than including even one privacy advocate, consisted entirely of representatives from industry groups: The App Association, the Information Technology Industry Council, the Alliance of Automobile Manufacturers, and the Consumer Electronics Association.
Gary Shapiro, president and CEO of CEA, participated in the meeting, as did Subcommittee Chairman Rep. Darrell Issa (R-CA), who once served as chair of CEA, which owns and produces the monstrous annual tech event CES. Mr. Shapiro made a point of noting that 900, or 25%, of the 3,600 exhibitors at the most recent CES event showcased IoT related products.
So, it comes as no surprise that the general consensus among witnesses was that innovators should be free to innovate without the threat of overreaching privacy legislation getting in the way. Connected windshield wipers anyone?
Privacy and data security concerns took a back seat, as Mr. Issa tossed what he directly referred to as "softballs" at witnesses. Still, there were some questions regarding privacy implications of the massive IoT consumer data grab from Rep. Jerrold Nadler (D-NY), who asked Mr. Shapiro about the need for stronger mandates when it comes to notice of data collection and use.
Mr. Shapiro's response: "If you put too much of a line around privacy you're trading off opportunities for new services that consumers will desire. I think what companies have an obligation to provide is transparency ... and the consumers can make a reasonable decision about what they're willing to give up in return for sharing some of their privacy."
He went on to stress that a government mandate for clear and conspicuous notice of data collection is unnecessary. The Federal Trade Commission is already doing a good job of handling that on a case-by-case basis, he said, reminding the crowd that plenty of lawyers will be happy to sue if proper notice is not given.
The fact is that, quite often, industry's conception of clear notice is far different from what's expected by consumers; Mr. Shapiro's suggestion that lawsuits are appropriate protection is indicative of this prevailing industry approach. When you buy an IoT-enabled designer handbag or bottle of booze, or the next time you walk into a mall with a shopping app-laden phone, don't expect a giant sign telling you the data might be used for ad targeting or shared with countless third parties. Industry is forming a maze of data sharing partnerships based on IoT products, and congress should make an effort to truly understand the impact from a privacy and security perspective.