The U.S. Consumer Product Safety Commission (CPSC) announced on March 27 its plan to hold a public hearing on May 16 “to receive information from all interested parties about the potential safety issues and hazards associated with internet-connected consumer products,” commonly known as the Internet of Things (IoT). Continue Reading CPSC Takes a Dip in the IoT Regulatory Pool
Michael O’Brien is a member of the firm’s Executive Committee and co-chair of the firm’s Product Liability and Class Action Defense practices. With more than 30 years of experience in product liability defense, Michael focuses on representing U.S.and Asia-based manufacturers and distributors as national counsel in litigation, pre-suit investigations and class actions. He also advises clients on reporting obligations to the U.S. Consumer Product Safety Commission (CPSC) and counsels them on voluntary recall issues.
In my September 2016 blog post, The Impact of the Smart Home Revolution on Product Liability and Fire Cause Determinations, I forecast that “dumb products made smart by connecting to the internet will present a new layer of complexity when a failure occurs.” When a product fails and causes property damage or bodily injury, experts are frequently tasked with assessing the root cause for the failure, which can lead to a claim or litigation against a potentially responsible third party. In the age of the Internet of Things (IoT) will experts who have knowledge, skill and training sufficient to address potential root cause failures with a “dumb” version of a product have the requisite expertise to address the root cause failure with a “smart” version of the product − and withstand the challenge to their qualifications and methodology in court? The courts are beginning to grapple with this.
Continue Reading Expert Opinions in the Age of the Internet of Things: “You’re Gonna Need a Bigger Boat”
The recent WannaCry ransomware cyberattack provided another chilling reminder of the potential disruptive power behind the Internet of Things. Even before the WannaCry attack in May 2017, a distributed-denial-of-service (DDoS) attack on a domain name server provider, Dyn, Inc., took place in October 2016, pushing many popular internet services offline for hours. The Dyn attack, which utilized the malware Mari as the supporting agent, was a sea-change event carried out by hundreds of thousands of internet-connected devices, such as routers, security cameras and DVRs, that rely on default factory user names and passwords coupled with weak or nonexistent security protections. It illustrated that hackers can now target vulnerable low-hanging fruit and turn it into a super botnet to carry out the DDoS attack. One takeaway from the Dyn attack is that the exponential growth of devices coming online, some 5.5 million per day according to Gartner, creates an unparalleled ecosystem for malevolent actors to find and weaponize the Internet of Things (IoT).
Continue Reading The Internet of Things: A Trifecta of Cyber and Physical Threat Risks
When the failure of a smart product leads to a fire, the challenge of how smart home applications should be evaluated and examined as a potential cause becomes a more complex undertaking than the failure of a similar but dumb product.
Continue Reading The Impact of the Smart Home Revolution on Product Liability and Fire Cause Determinations
The phenomenal growth of the Internet of Things (IoT), widely hailed in 2015, has been greater than originally forecast. Gartner, Inc. estimates a 30 percent increase in IoT devices connected to the Internet in 2016, which equates to 6.4 billion devices, and forecasts that more than 20 billion devices will be connected to the Internet before 2020. On average, 5.5 million new devices are connected to the Internet each day. As the IoT becomes part of the everyday lexicon, there remains a need to examine the myriad risks associated with this explosive growth across multiple industry sectors to address the inevitable weaknesses with software and security that will be part of the foreseeable future of the IoT. In turn, these vulnerabilities can and will lead to property damage, bodily injuries and deaths. Internet attacks leading to physical damage date back to the 2010 cyberattack on the Iranian nuclear energy plant in Natanz that destroyed or disabled centrifuges. Later, in 2014, a German steel foundry was the target of a cyberattack leading to the destruction of a blast furnace.
Continue Reading The Internet of Things: The Cyber Vulnerability Landscape Emerges