It’s been about two years since lawmakers began formally investigating the digitally-enabled refrigerators, wirelessly controlled cars, and passive sensors that quietly amass large amounts of data making up the internet of things.
In February 2015, the Senate held its first-ever hearing on the topic, debating whether to rein in the tech sector’s enthusiasm for increasingly connected networks of consumer devices—potentially by establishing strict rules that might stifle new ideas but protect customer data—or to let those new ideas flourish. Shortly thereafter, the Senate passed a resolution to craft a national strategy for the internet of things, urging the government to incentivize new applications “to empower consumers, foster future economic growth, and improve our collective social well-being.”
Years later, lawmakers still haven’t defined Congress’ role in the internet of things, whether to constrict it or to watch it grow. But some appear to be more preoccupied with the potential downsides—and safeguarding against hacks that could expose the sensitive data of consumers—than the potential economic benefits.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
At a recent Bloomberg event in Washington, Sen. Brian Schatz, D-Hawaii, said the government will eventually need to roll out a statutory framework for the internet of things, though he and the sponsors of the Developing Innovation and Growing the Internet of Things Act have mostly pushed for a broad national strategy to advance the internet of things. The Senate passed the DIGIT Act in August.
But consumers should “understand what they’re getting into,” Schatz said earlier this week. “If you’re getting into a taxi cab or you’re turning on your microwave, you should know whether or not there’s data being collected about you.”
Consumers should also be able to consent to that data collection, but “we have some very conservative Republicans” who are “not ready to address those sorts of privacy-based, consumer-based concerns,” he said. However, they agree that the IoT provides lots of opportunities and potential for cyberattacks, he said.
Schatz isn’t the only senator concerned about possible attacks. Sens. Mark Warner, D-Va., Cory Gardner, R-Colo., Ron Wyden, D-Wash., and Steve Daines, R-Mont., co-sponsored The Internet of Things Cybersecurity Improvements Act, which would require that the federal government’s devices meet certain stringent standards and easily and regularly accept security patches.
Other lawmakers are more focused on maintaining a delicate balance between protecting consumer privacy by limiting the data tech companies can collect and store, and allowing those companies to come up with new ways to use that data.
At a recent event in Washington, Rep. Darrell Issa, R-Calif., who co-founded the Congressional Internet of Things Caucus, suggested a departure from the strict rules in Europe, which are designed to protect consumer data.
“The reality is that Europeans believe that data should be kept for a short period of time and thrown away," Issa said. "That is ridiculous when you consider the importance of a long continuum of information for our own benefit.”
Still, he said the federal government should work with the tech sector to build out products that protect consumer data from intruders.
“They’re not government solutions; they’re encryption solutions, they’re identity string solutions," Issa said.
A key question, he noted, is “how do we...allow us to protect our own information, our own privacy? Nobody should be able to unlock my door, just because I have a Wi-Fi interface.”