We live in a network-dependent world, and the biggest dependency is that on the internet. Not just people are constantly turning to the internet, but increasingly our devices do so, too. Thousands of reports qualify the Internet of Things (IoT) as the “new thing.” Unfortunately for the consumer, for the moment, that only means that individuals and consumers may be more exposed to various kinds of dangers unless product liability is taken much more seriously in this new interconnected age.  

What Is the Internet of Things?  

The Internet of Things has become the umbrella term for all devices connected to a network (especially the internet). These devices nowadays include wearables like smart watches (integrating GPS, internet access, health information etc.), connected homes (i.e. homes where the thermostat, lights, or irrigation are connected to the internet or a home network for more efficient deployment), cars connected to a network that integrates GPS, mileage, traffic information, automaker information etc. The IoT can also include connected cities and industrial sites.  

The number of IoT devices in use in the very near future has been widely disputed, some estimates (like Gartner’s) placing it in the neighborhood of 8 billion in 2017 and over 20 billion by 2020. Other analysts break the hype by claiming it will barely have broken the 1 billion barrier by then. The main concern that, despite its advantages, still makes IoT less than compelling for mass adoption is that, without better product liability practice and legislation, consumer security is still a grave issue. However many devices there will be out there, even one device that you own can make you vulnerable to massive hacking and expose your information to malicious use.

Why Is Product Liability Essential for an IoT World?  

Several car hacks, a massive denial-of-service attack in October 2016 that probably originated in the IoT, as well as thousands of vulnerabilities detected, if not yet exploited, in our IoT devices are now proof that swift action is required in this field.

As a consumer, your exposure to IoT devices should be covered under product liability legislation. Products you buy should be safe to use and not expose you to any harm, whether physical injury if your car is hacked or financial loss if your personal data are breached.

Indeed, the first class action involving the Internet of Things was launched in March 2015 after Senator Markey (D-MA) exposed some mishandled situations of potential vulnerability with automobile manufacturers Toyota, Ford and, General Motors. The case was dismissed because the plaintiffs were unable to prove actual injuries, while the risk of future harm was not imminent and based on speculation only. However, it is to be hoped a red flag was raised concerning security issues with the so-called Internet of Cars.

Several car hacks, a massive denial-of-service attack in October 2016 that probably originated in the IoT, as well as thousands of vulnerabilities detected, if not yet exploited, in our IoT devices are now proof that swift action is required in this field.

On the other hand, you should pay particular attention to how your connected devices may make you vulnerable, and you should not hesitate to take legal action when an actual breach has taken place. Think of the many paths of access to your information (and safety). Sensors that tell you your fridge is empty could be hacked to buy food on your account; weather sensors could be hacked to over-irrigate your lawn; car wi-fi could be hacked to steer your vehicle off the road; GPS-connected watches could be hacked to stalk you; your computer’s financial information could be sold to unreliable datamining third parties who then resell it to shady operations vulnerable to attacks. The list is almost infinite in an age of almost infinite internet-connectedness.

The point is that the consumer who has been a victim of such an attack should not accept it as a “given” of the internet age. It is natural that, if attacked in this manner, you should respond by rushing to recover your data and reinstate some sense of security; however, do not forget that you are not at fault for trusting a product you were told was safe. Manufacturers of connected devices, parts, and software need to be made responsible for product malfunctions, whether these malfunctions have immediate physical effects or result in more insidious losses.