IoT Governance, Standards Said Fuzzy, But Governments’ Role Clearer
The definition of Internet of Things governance is a murky concept that’s hard to pin down, several speakers told us ahead of a March 3-4 IoT Europe summit in Brussels. In addition, opinions differ on whether and what standards may be needed for the technology, they said. But there appears to be agreement that governments should guide, but not dictate, the IoT, they said.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
IoT governance “can mean many things to different people depending on their point of view, how they are looking at IoT technology,” said IPSO [IP for Smart Objects] Alliance Vice President Geoff Mulligan, a Presidential Innovation Fellow working with the National Institute of Standards and Technology on the White House cyber-physical systems project. In some cases governance means privacy rights, in others data ownership rights, or in other cases protocols and naming systems, he said in an email. The alliance identifies itself as a global forum that is a resource center and thought leader for the various communities looking to establish the Internet Protocol as the network for connecting smart objects.
IoT is a generic term that covers many technologies and applications, said Henri Barthel, GS1 vice president-system integrity and global partnerships. GS1 designs standards for the global supply chain, including bar codes. “It is illusory to try and define IoT governance in an abstract way,” Barthel said in an email. Governance may have to be addressed in specific domains such as privacy, frequency bands, security, interoperability, standardization and so on, he said. The domains are horizontal, he said, falling under IoT but also going beyond it.
One aspect of IoT governance is whether there’s a need for an object naming service (ONS) akin to the domain name system. GS1 published an ONS standard in 2004, when there were some “expectations that users would need a service enabling them to easily find a [W]eb resource when reading an identifier located on a product,” Barthel said. That “triggered huge political debates on the need for a neutral governance” of the system, he said.
In reality, however, ONS hasn’t found any “killer-application” yet, and the service is poorly used if at all, Barthel said. But in response to the criticism of running a centralized naming resolution system, GS1 came up with a new version of the ONS standard, which is built on a federated model, he said. The new version launched in January 2013. It has been put in place in several countries but its use remains limited, he said. ONS and the later version may be good examples of where IoT governance can be addressed without creating another layer of bureaucracy and complexity, he said.
Because IoT covers many applications and technologies, many standards bodies, such as the ITU-Telecommunication Standardization Sector, Internet Engineering Task Force, World Wide Web Consortium and European Telecommunications Standards Institute, are trying to identify gaps and opportunities for standards, Barthel said. Standards are needed to address the needs of evolving technologies and innovative applications, he said. For example, additional standards are necessary for data capture, data sharing, telecommunication protocols and so on to cope with the dramatic changes in the way information is gathered and shared, he said. “Global standards are totally feasible,” he said. If you want to call those standards the IoT, “that’s fine. One just needs to be aware that IoT is an umbrella name that covers multiple realities."
There may already be too many standards for the IoT, said Mulligan. Many proprietary protocols are claimed to be standards, and there are also many true open standards, he said. “This can and does lead to confusion and problems with interoperability,” and Mulligan believes that more standards are unnecessary, he said. “What is needed is significant experience in real world deployments to see what does and does not work and weeding out protocols that are not needed or don’t work,” he said.
Governments and regulators have a role to play in the IoT because many so-called IoT applications carry significant economic impact, said Barthel. Governments must understand the opportunities, support appropriate research and ensure that laws and regulations take IoT and other developments such as social networks and cloud computing into account, he said.
But administrations and authorities “should try to stay at the high level” and deal with issues such as privacy without getting into choosing specific protocols, said Mulligan. Security is another area where government and regulators can help but they “should guide and not specify,” he said. Other topics at the summit include financing the IoT, and realizing its benefits to smart cities and connected homes; cloud computing, big data and the IoT; and security and identity management.