TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS

Recent attempted cyberattacks that used Internet of Things (IoT) devices to effect the attempted attacks have led to growing concern within the federal government over the security of such devices and the potential such devices have to launch future attacks.

On October 25, Senator Mark Warner (D-VA), a member of the Senate Select Committee on Intelligence, wrote a letter to Federal Communications Commission (FCC) Chairman Tom Wheeler asking Chairman Wheeler to respond to a series of questions regarding the tools needed to prevent cyberattacks using IoT devices. Senator Warner sent similar inquiries to the Federal Trade Commission (FTC) and the Department of Homeland Security’s National Cybersecurity & Communications Integration Center.

On October 6, Federal Communications Commission (FCC) Chairman Tom Wheeler released a factsheet outlining proposed rules aimed at protecting broadband consumers’ privacy. The proposed rules would apply to internet service providers (ISPs) and cover data collection, usage, security, and breach notification.

If adopted, ISPs would need to notify their consumers about the types of data being collected, when and how collected consumer data can be shared, and the types of entities with which ISPs can share the information. ISPs would also be required to adopt reasonable measures to protect consumer data from data breaches and other vulnerabilities.

On October 13, partner Andrew Lipman will present a webinar, “The 2016 Election: Telecom, Media, and Tech Impacts.” The webinar will cover the pre- and post-election legal and regulatory landscapes applicable to the telecom, media, and technology industries.

Andrew will discuss various consequences of the election results on US Congress, federal courts, the Federal Communications Commission (FCC), the US Department of Justice, and other government agencies. He will also specifically cover the FCC’s policies on competition and antitrust, net neutrality, spectrum ownership, broadband deployment and adoption, consumer privacy, and data security.

The webinar will be held October 13, 2016 from 2:00-3:00 pm eastern. To learn more and to sign up, please visit the webinar’s event page.

As of September 30, Russian state authorities now reject tender submissions for supply of certain foreign electronic equipment if there are two concurrent submissions for supply of locally produced equipment. The ban applies to 113 types of equipment, including personal computers, printers, memory cards, mobile and landline phones, TV sets, cameras, microphones, and cash and ATM machines.

Electronic equipment may qualify as local if it is produced under a special investment contract between an investor and federal or regional government or if it is fully manufactured or significantly reprocessed in Russia. Some additional localization criteria specific for certain equipment also applies.

As part of our Sourcing and Technology Lunchtime Series, partners Michael Pillion and Peter Watt-Morse recently spoke during their webinar “The Next Frontier: How Robots and Automation are Changing Outsourcing and Technology Agreements.”

The webinar highlighted the emerging market for robotic process automation and artificial intelligence software and the adjustments to services, pricing models, and contractual provisions that arise from adopting this technology.

Listen to the webinar and review the PowerPoint presentation >>

According to a recent global study, integrating Internet of Things (IoT) technologies into core business processes is surging, and 76% of organizations surveyed say IoT will be “critical” to future success. According to the study, IoT adopters are integrating the technology into a broad spectrum of technologies and business processes, many of which intersect with commonly outsourced business functions, such as IT support, facilities management, and enterprise resource planning (ERP).

The Federal Trade Commission (FTC) recently warned that Internet of Things (IoT) products and services that are no longer operational, updated, or supported present significant issues related to consumer expectations, security, and privacy. Although the FTC noted the industry’s bright future within a product sunset context, the implied “parade of horribles” could have been framed in the grim style of poet Archibald MacLeish as an “ever climbing shadow.”

Internet-connected devices that cease functioning properly, or as expected, could lead to problems on several levels. For example, some IoT devices and services will be serving safety and other important roles, and malfunctions could lead to injury, property damage, and theft, especially if consumers are unaware of product limitations. Second, out-of-date IoT products are more likely to be vulnerable to hackers and bugs. Finally, because IoT products will be tangled in a web of connections, security failures in one device could spill over to other devices and “put consumers’ sensitive data at risk.”

Senator Mark Warner of Virginia recently sent a letter to the Federal Trade Commission (FTC) expressing concern over the potential explosion of collection, storage, and usage of children’s personal information in connection with the Internet of Things (IoT), including mobile apps and so-called “smart toys.”

In the letter, Senator Warner noted that the scope and duration of data collection is expanding rapidly, enabled by the falling cost of digital storage and internet connectivity, and “more and more Internet-connected devices are making their way into children’s hands.” Thus, seemingly simple everyday purchases—such as toys—could raise complex privacy and safety issues that consumers may struggle with or not fully comprehend.

Mark Rosekind, chief of the National Highway Traffic Safety Administration (NHTSA), recently announced that the NHTSA will release documents to serve as a framework for national regulations concerning automated and autonomous vehicles. The documents, which are scheduled for release in July, will allow states to institute additional rules or regulations regarding self-driving vehicles.

In another appearance last week, Mr. Rosekind further explained that the NHTSA has been working on a model state policy for automated vehicles to help states develop policies consistent with other states’ and federal policies and in turn promote “a uniform nationwide framework to help enable innovation.” Mr. Rosekind also noted that the NHTSA is mindful that any regulations in this industry must evolve with the industry rather than remain static for long periods of time.

Although this model policy framework will be a resource available to states, as Mr. Rosekind put it, “What the states actually implement is their call.” With these remarks, he clarified that the NHTSA has no current intention to promote binding federal regulations as a means of achieving a consistent approach to self-driving vehicle restrictions nationwide. This is undoubtedly a disappointment to the many companies in the industry that have pushed for federal regulations to promote uniformity and avoid the substantial efforts necessary to sift through the potentially conflicting state rules.

On April 27, the US Senate Commerce Committee approved the Developing Innovation and Growing the Internet of Things Act (DIGIT Act) with the intent to help the United States capitalize on potential economic opportunities and benefits that growing the Internet of Things (IoT) can offer.

The DIGIT Act would require the US Secretary of Commerce (Secretary) to convene a working group comprising governmental stakeholders and discretionary nongovernmental representatives to provide recommendations to the US Congress on how to appropriately plan for and encourage the proliferation of the IoT in the United States. The working group would, among other things, assess the legal and regulatory landscape that could inhibit the IoT and consider policies and programs that encourage coordination among federal agencies that have jurisdiction over the IoT.

In making its recommendations, the working group would also be required to consult with nongovernmental stakeholders, including information and communications technology business leaders, as well as experts in industrial sectors such as agriculture and healthcare. The DIGIT Act would also establish a steering committee appointed by the Secretary to advise the working group.