Recap: Governing the Internet of Things

On Friday, March 30, 2018, The Internet Governance Lab and the Washington, DC Chapter of the Internet Society (ISOC-DC) co-hosted a symposium on "Governing the Internet of Things" (#IoTgov). Bringing together stakeholders from industry, design communities, civil society, and academia, the full-day event addressed, among other things, the transformation of Internet governance in the age of cyber-physical systems. 

Video of the event is available here.

The symposium kicked off with Internet Governance Lab post-doctoral fellow Andrew Rens, who framed the conversation and moderated the event. As Rens explained, the Internet of Things presents a range of governance challenges, including the transition from what was largely a communication network to network embedded into the material world, creating a host of new concerns such as potential harm to people and disruption of physical infrastructure. 

These changes raise several questions, including to what extent the architectural principles underlying the design and governance of the Internet need to change? What are the prospects for security and privacy in the context of pervasive cyber-physical systems that range from cars to medical devices to home control systems? And what are emerging forms of inequality and discrimination in this environment? 

With these questions framing the conversation, the opening panel featured Dr. Rens moderating a conversation with Internet Governance Lab co-director Dr. Laura DeNardis and Kogod School of Business professor and Internet Governance Lab Faculty Fellow Dr. Gwanhoo Lee, who together traced the Internet's transition from primarily a communication network to, as Dr. DeNardis explained, a "control system in which more things than people are connected and in which infrastructure is a proxy for political power." In this context, Dr. DeNardis described cybersecurity as "the human rights issue of our time." 

Alexandra Deschamps-Sonsino, a coordinator at Open Internet of Things Certification Mark and founder of Design Swarm, illuminated the design considerations involved in governance of IoT. Commenting on recently proposed IoT legislation in the U.S., Ms. Deschamps-Sonsino warned of the excessive fees charged by organizations tasked with certifying that products meet certain technical standards. 

The second panel of the day, moderated by Dr. Aram Sinnreich, featured two renowned technology policy scholars who advocated competing visions of IoT governance. Adam Thierer, a Senior Research Fellow in the Technology Policy Program at the Mercatus Center at George Mason University delivered a defense of permissionless innovation, channeling Churchill to argue that "soft law is the worst form of Internet governance, except all the other forms." Challenging this hands-off approach, Gilad Rosner, Founder of the Internet of Things Privacy Forum, sketched out the dialectics of the precautionary principle versus permissionless innovation, suggesting that advocates of the soft law approach create a false choice in which freedom is set against a heavy-handed "mother may I?" regulatory logic. Highlighting the difficulties involved in cyberpolicy, Rosner explained, "it's about values," adding that the precautionary principle allows society to decide what it values most (e.g. democracy, free speech, safety, innovation, etc.). 

The third and final panel of the day, moderated by Internet Governance Lab co-director Dr. Derrick Cogburn, featured Cory Doctorow, author, activist, and fellow at the Electronic Frontier Foundation; Paul Ohm, Professor at Georgetown University Law School; and Dr. Tatevik Sargsyan, Senior Research Fellow with the Ranking Digital Rights Project at the New America Foundation and an alumnus of AU SOC's Communication Studies doctoral program. 

Participating remotely, Mr. Doctorow began by explaining how DRM and the proliferation of proprietary design inhibit the ability of technologists to secure the IoT. "We know how to make computers that will run every program but not computers that will run every program except the one the manufacturers want you to run," explained Doctorow, adding, "answers to IoT should include the ability of technologists to write code that lets people control the technology they use."

Dr. Sargsyan then described her work with the Ranking Digital Rights Project and how the design and policy decisions of Internet platforms will impact the scope of IoT governance going forward. Additionally, she described some of the challenges involved in analyzing and tracking the policies of an IoT space that is distributed across a wider swath of industries and markets compared to incumbent Internet companies. 

Finally, Professor Ohm drew similarities between his prior work on the underwhelming benefits of big data to challenge the value of IoT in the context of balancing the substantial risks involved the IoT versus what he views as relatively marginal benefits.