In September 2018, California passed SB-327, the first Internet of Things (IoT) security law addressing growing concerns over cybersecurity for the burgeoning market of consumer IoT devices.
Michael O’Brien is a member of the firm’s Executive Committee and co-chair of the firm’s Product Liability and Class Action Defense practices. With more than 30 years of experience in product liability defense, Michael focuses on representing U.S.and Asia-based manufacturers and distributors as national counsel in litigation, pre-suit investigations and class actions. He also advises clients on reporting obligations to the U.S. Consumer Product Safety Commission (CPSC) and counsels them on voluntary recall issues.
The U.S. Consumer Product Safety Commission (CPSC) announced on March 27 its plan to hold a public hearing on May 16 “to receive information from all interested parties about the potential safety issues and hazards associated with internet-connected consumer products,” commonly known as the Internet of Things (IoT). Continue Reading CPSC Takes a Dip in the IoT Regulatory Pool
In my September 2016 blog post, The Impact of the Smart Home Revolution on Product Liability and Fire Cause Determinations, I forecast that “dumb products made smart by connecting to the internet will present a new layer of complexity when a failure occurs.” When a product fails and causes property damage or bodily injury, experts are frequently tasked with assessing the root cause for the failure, which can lead to a claim or litigation against a potentially responsible third party. In the age of the Internet of Things (IoT) will experts who have knowledge, skill and training sufficient to address potential root cause failures with a “dumb” version of a product have the requisite expertise to address the root cause failure with a “smart” version of the product − and withstand the challenge to their qualifications and methodology in court? The courts are beginning to grapple with this.
Continue Reading Expert Opinions in the Age of the Internet of Things: “You’re Gonna Need a Bigger Boat”
The recent WannaCry ransomware cyberattack provided another chilling reminder of the potential disruptive power behind the Internet of Things. Even before the WannaCry attack in May 2017, a distributed-denial-of-service (DDoS) attack on a domain name server provider, Dyn, Inc., took place in October 2016, pushing many popular internet services offline for hours. The Dyn attack, which utilized the malware Mari as the supporting agent, was a sea-change event carried out by hundreds of thousands of internet-connected devices, such as routers, security cameras and DVRs, that rely on default factory user names and passwords coupled with weak or nonexistent security protections. It illustrated that hackers can now target vulnerable low-hanging fruit and turn it into a super botnet to carry out the DDoS attack. One takeaway from the Dyn attack is that the exponential growth of devices coming online, some 5.5 million per day according to Gartner, creates an unparalleled ecosystem for malevolent actors to find and weaponize the Internet of Things (IoT).
Continue Reading The Internet of Things: A Trifecta of Cyber and Physical Threat Risks
When the failure of a smart product leads to a fire, the challenge of how smart home applications should be evaluated and examined as a potential cause becomes a more complex undertaking than the failure of a similar but dumb product.
Continue Reading The Impact of the Smart Home Revolution on Product Liability and Fire Cause Determinations