Congress Races to Embrace the Internet of Things

As industry charges ahead with the broad swath of technologies known as the Internet of Things (IoT), it appears that few industy players are paying attention to Congress and how public policy could impact big payoffs. The breakneck speed of IoT innovation is outpacing Congressional capacity to intake the breadth of change, let alone legislate such sweeping disruption. Yet this nascent, free-for-all moment in IoT history is exactly the right time for legislators to weigh in on what could be the most important paradigm shift in society since the Industrial Revolution.  The opportunities are massive; the responsibilities are great.  Congress is paying attention to IoT and, I would argue,  has a crucial role to play.

IoT offers unprecedented benefits. Cisco Systems estimates it represents a $19T global economic opportunity. Certainly US companies would like a healthy share of that. By connecting a plethora of previously non-connected devices, IoT also provides unparalleled potential for broad-scale research across many domains – medical, agricultural, energy, transportation, and environmental—the possibilities are vast. IoT is integral to the growth of connected Smart Cities, where we hold visions of things like intelligent traffic light management and parking meters to relieve mounting congestion. With consumer-based applications, the possibilities are virtually endless, connecting everything from your car to your refrigerator, your thermostat, your television, your bed, your keys, and your fitness devices.

In 2010 I founded a think tank, the Center for Public Policy Innovation (CPPI), dedicated to building collaboration between the public and private sectors on emerging technologies.  For several years, CPPI has been working to educate Congress on the opportunities and challenges surrounding IoT, and Members and their staff are listening.

In April, CPPI hosted a briefing and panel discussion on Capitol Hill for congressional staff entitled Internet of Everything: Trucks, Tractors, Training and Jobs.  Congressman Darrell Issa (CA-49), Co-Chair of the newly formed Congressional Internet of Things Caucus, addressed the standing room only crowd eager to learn more about IoT technology and what role, if any, public policy will play.  Chairman Issa stressed the need for more education among lawmakers to better understand the policy implications of these innovations and to provide Congress with the tools and knowledge they need to best promote economic prosperity and protect public safety. 

“[As congressional staff] you have to get smarter than your Members on new technologies, like the Internet of Things,” said Issa.  “A few of us get credit for being ‘used-to-be’s’ when it comes to new technologies, but the rapid rate of technological change is  outpacing our knowledge and it’s a struggle to keep up.  We need industry’s help to ensure that we know the issues and we don’t screw things up.”

Panelist Thomas Lehner, VP of Public Policy at the Motor and Equipment Manufacturers Association, revealed that the ability to “cede control” to new vehicles will be operational by 2020. From a public policy perspective, will we be ready for self-driving cars in 5 years?

Don Hoffman, Chief Innovation Officer of Montgomery County, MD commented that “there is not one local public sector function which will not be disrupted by IoT.”   By example, he showcased the County’s Senior Living Facility which remotely examines air and water quality at senior living centers as part of a living lab. 

While such examples are promising, we are currently in the hype phase of the IoT adoption curve. For one thing, there are significant technology gaps to be overcome, and a lack of standards to do so. Manufacturers of the many sensor technologies that permit a device’s Internet Protocol (IP) connection are focused on their own proprietary technologies. At present, there is no industry body advancing a standards movement. Progressively, the National Institute of Standards and Technology (NIST) has launched formal discussion of a Framework for Cyber-Physical Systems (that’s a fancy term for IoT) standards, in hopes of shaping early on an IoT ecosystem that is interoperable and secure. NIST anticipates publishing those standards some time in 2016, but adoption will be optional.

The gathering and analysis of voluminous data through “connected everything” is where the true payoff lies. At CPPI’s April forum, Cisco projected growth of connected devices from a current 15 billion to 50 billion by 2020. Big Data analysis from those 50 billion devices will be of interest to myriad private and public sector entities. Automated analytics capabilities have now significantly advanced to crunching not only traditional structured data (think rows and columns) but also voluminous and growing unstructured data coming through images, video, social media posts, and the like. The cross-referencing of that information is the font from where new revelations will come. Some will be generalized; others may be personally identifiable.

At the moment, the standards gap and a shortage of skilled talent somewhat limit the breadth of Big Data analysis, but there are very real applications already in place. For instance, the National Institutes of Health are offering a new portal enabling researchers to collaborate on highly specialized data related to patients with Alzheimer’s disease. Schools are skilling-up the workforce of tomorrow as quickly as possible, but it does take some time to gain both education and experience. Expect Big Data analytics to evolve and grow rapidly as a capable workforce develops.

Spectrum accessibility also comes into play. All of the data from connected devices must travel over the internet to its points of curation; much of it will travel via wireless transmission. Careful management of spectrum allocation is critical to keep all those connections flowing.

The two biggest areas of IoT concern involve data privacy and cyber security. A plethora of connected devices continually tracking user data in real time equals a dragnet of information being collected. The issue of personal privacy fills current headlines and is a huge concern. But consider also the implications of generating data that precisely reveals the location of dismounted soldiers in combat, the specific timing and location of municipal buses en route, safe campus video monitoring, or public health threat information, if any of that falls into the wrong hands.

NIST has gone so far as to call IoT indefensible. When everything is connected, there is no network perimeter and every point of connection is a point vulnerable to attack. For example, the massive November 2013 breach of Target Stores’ customer data resulted from back-door entry via their HVAC control system. Manufacturers of traditionally unconnected devices must now turn their attention to IP security – an issue most manufacturers probably have never contemplated. What they collect, about whom, where they store the collected data, and what they do with it, is a new frontier of opportunity and responsibility.

The foundations of federal involvement are beginning to emerge. In February of this year, U.S. Representatives Issa and Suzan Del Bene (WA-1) formed a Congressional Caucus on IoT to promote Member education.  In late July a House Judiciary Committee hearing on IoT organized by the Subcommittee on Courts, Intellectual Property, witnesses and Members discussed the benefits and risks of IoT. Congressman Issa said he looks forward to a series of IoT hearings, an increasingly important dialogue as more and more IoT devices come to market.

In March, the U.S. Senate unanimously passed a bipartisan resolution introduced by Senator Deb Fischer (NE) to promote IoT for economic growth and consumer benefit. The resolution was strongly backed by three other Senators who had sponsored the first hearing on IoT in response to a detailed IoT report published by the Federal Trade Commission in January. This initial leadership must be applauded, but the conversation and learning need to advance quickly.

In June, Members of the bipartisan Congressional IoT Caucus including U.S. Sen. Fischer, and fellow U.S. Senators Cory Booker (NJ), Brian Schatz (HI) and Kelly Ayotte (NH), requested that the Government Accountability Office (GAO) determine the impact IoT technology has on the U.S. economy and end users. In a letter to GAO Comptroller General Gene Dorado, the Senators said they want to know if federal agencies already use the technology, and to coordinate IoT oversight as it is deployed within the government.

The senators also asked GAO to examine ways the platform can affect the privacy and security of consumer information and whether usage will lead to spectrum capacity opportunities and limitations. In addition, the Senators asked the agency to determine changes in federal law to better manage IoT.

The time is right for true public-private partnership to advance the IoT opportunity in a responsible way that balances the tremendous economic and social opportunity coming from IoT innovation with prudent restraint. CPPI encourages proactive engagement between our Congressional leaders and the tech community to ensure thoughtful policy that strengthens the hand of American industry while respecting our citizens’ rights and security.