The existing fragmented security regulations are a major roadblock for the adoption of Internet of Things (IoT) technology. There are widespread fears around data privacy and the possibility of malicious attacks that can disrupt critical operations of businesses.

Listed below are the key regulatory trends impacting the IoT theme, as identified by GlobalData.

Internet of Things regulation

The rapid growth of the IoT market has raised several security concerns, which typically revolve around the lack of regulation and the lack of common IoT standards. Legislation covering IoT security remains a fragmented patchwork of laws.

Governments have started to focus on this issue as IoT deployments grow, with new governance measures gaining traction. In May 2020, the US’s National Institute of Standards and Technology (NIST) released the Foundational Cybersecurity Activities for IoT Device Manufacturers guidelines. Similarly, the European Telecommunications Standards Institute (ETSI) has released a technical specification guide on Cyber Security for the Consumer IoT segment, which outlines leading security practices for consumer IoT devices.

One of the most critical government initiatives was the US IoT Cybersecurity Improvement Act, signed in December 2020. Until regulators coordinate efforts to agree on international IoT security standards, IoT ecosystems will continue to expose many enterprises to unacceptable levels of security risk.

Data privacy

IoT ecosystems raise data privacy concerns for both consumers and employees in addition to cybersecurity risk. A case in point was the data leak suffered by Ring in 2019, where hackers breached Ring home security cameras to digitally intrude into family homes, harass children, and even demand ransoms.

A 2020 survey by the World Economic Forum identified safety, privacy, and trust as the biggest risks for consumers using IoT devices. The survey also highlighted consumers’ lack of awareness about the data collected by IoT devices, a problem that persists across the IoT value chain. Regulators will have to address the data privacy concerns that are widespread within the consumer IoT domain in addition to the development of common IoT security standards.

This is an edited extract from the Internet of Things – Thematic Research report produced by GlobalData Thematic Research.