Rethinking Data Ownership in the Age of the IoT

Paul Gillin

FacebookTwitterLinkedIn

By now, everyone has probably seen solar panels sprouting up on rooftops across America. What you haven’t seen, or really thought about, is the data ownership issues that come along with the panels.

That’s because there are a lot of people who have a stake in knowing what those panels are doing. Homeowners want to see how much power their panels are generating so they can get the proper credits and incentives on their electric bills. Power companies want that same data, as well as aggregated statistics across their entire customer base, that can help them fine-tune operations and reduce costs. Utility regulators have a stake in ensuring that power companies are meeting their obligations. Even the maker of the solar panels wants a piece of the action in order to track how its products are faring in the field.

With all of these different stakeholders, who technically owns the data?

In this scenario, it could be the homeowner, the maker of the solar panels, the bank that financed their purchase, or even the electric utility company. The answer isn’t clear, but you can bet the question will come up again and again over the next few years as the internet of things (IoT) brings billions of data-gathering devices online.

Sweeping Scope

The question of who owns and controls the data created by smart devices will touch nearly every industry, and the details will be battled out in court and debated in standards bodies for years to come. Regardless of how the legal issues are resolved, it’s clear that new mechanisms will be needed to facilitate the secure management and exchange of data among a complex web of stakeholders as smart devices throw off unprecedented amounts of information.

Data is rapidly becoming as valuable a commodity as money or fuel. Companies like Netflix, Uber, Airbnb, Priceline, eBay and most of their born-on-the-internet counterparts have few tangible assets. Their value is based upon their skill at gathering, interpreting and acting upon data.

Data ownership debates will encompass far more than just cloud-native businesses, however. Any company can benefit from having access to detailed data about their customers and markets. Organizations will need the means to buy and sell data in the same way they do goods and services today. New mechanisms must ensure that those transactions are tracked, documented and audited in the same way that cash transactions are tracked by a bank.

More than Money

Managing data as an asset is much more complex than managing cash. Different stakeholders will have different needs for the way data is collected, packaged and delivered. In the case of driverless cars, for example, stakeholders might include auto companies, device makers, law enforcement agencies, municipalities, regulators, insurance companies, fleet owners and individual drivers. Some will need data in real time, others in aggregate. Some will need raw data while others will demand summaries. Data will need to be exposed automatically, securely and with full accountability so that all stakeholders get what they need when they need it – and are billed accordingly.

Central to all of these relationships is data integrity, security and accountability. Few organizations have the skills or desire to build the sophisticated mechanisms to handle these demands. Most will use trusted third parties.

We are in the very earliest stages of understanding how these relationships will work, but we can expect that many organizations will need trusted agents to collect and validate data to protect it against misuse or exploitation. Parties in a data exchange will want verification of authenticity and proof of ownership. Complex contractual relationships will emerge as organizations buy and sell data based upon such factors as volume, level of detail and timeliness. Mediators will be needed to resolve intellectual property disputes. New standards will evolve to establish intellectual property rights.

Most organizations don’t need these kinds of services today, but they will in the near future. It isn’t too early to start thinking about how you will need to protect the IoT data you collect and who you can trust to advise you through those decisions.

FacebookTwitterLinkedIn

More in IG, Regulations & Compliance

Comments

SHARE YOUR COMMENTS HERE