About this time last year, Wintergreen Research estimated there were 9 billion devices (consumer and enterprise) connected to the Internet. Depending on the source, that number will be anywhere between 26 billion and 100 billion by 2020. Using either statistic, it is clear that the Internet of Things (IoT) is growing at a tremendous pace, making it an exciting new frontier for technology vendors but a source of considerable concern for many in the legal community.
As the IoT explodes, so will the amount of data subject to potential federal oversight, e-discovery, and data breaches, pointed out Erik Post, CEO of the litigation support company OmniVere, in a recent Law Technology News article. The situation is further complicated, the article says, by the likelihood that “most IoT devices won’t have adequate data storage capacity, making e-discovery of the devices especially time sensitive.”
“The universe of potentially relevant information will increase geometrically, complicating an already messy collection and review process,” predicted Post. “As plaintiffs’ attorneys (and government agencies) become educated on the discovery potential for the IoT, organizations will need to proactively plan for a more demanding, invasive EDD environment.”
From the information governance perspective, the challenges posed by the IoT begin long before litigation is a threat. In addition to the data storage capacity issue, organizations will have issues with determining:
- How best to capture and use this information for business purposes
- How to properly secure the information and prevent unauthorized access
- What the retention value of the information is
- How to properly dispose of information at the end of its required retention
Without these decisions and governance structures in place, it will be nearly impossible to provide an adequate e-discovery response when litigation hits.
Mobile Communications and Records and Information Management (ARMA TR 20-2012), available through the ARMA International online bookstore, will help organizations think through the critical issues. This technical report provides advice for using mobile communications technologies, such as smartphones and tablets, focusing at the implementation level. It includes such topics as policy design, collaborating with information technology professionals, security, and training.
While this book does not reference IoT specifically, many of the issues it address are similar. The solutions may look a little different, but just as for mobile devices, there is a need for developing policies, working with IT, ensuring security, and training employees on their information governance responsibilities.
Read more about information security issues inherent with the current state of IoT, in the Jan. 6, 2015, Wired article “The Internet of Things Is Wildly Insecure – And Often Unpatchable.”