Background - Privacy & Cybersecurity

Internet of Things (IoT)


"There are projected to be more than 50 billion connected devices in our homes and in our pockets by 2020. Governments around the world are focusing on the safety, security, and privacy challenges and how these devices should be regulated. We’re working with clients in Washington and around the world to create brand-enhancing strategies for today’s legal landscape and for what’s coming next."

Cheryl A. Falvey, Crowell & Moring partner, former general counsel of the Consumer Product Safety Commission and co-chair of ABA’s Internet of Things Committee, SciTech Section

The Internet of things (IoT) is revolutionizing how businesses, consumers, and public infrastructure interact by connecting everyday electronic devices to the Internet and one another. Crowell & Moring helps leading international companies bring new IoT products to market and lead first-of-their-kind litigation challenges and compliance counseling matters that will impact industry for years to come. Our IoT team offers clients:

  • Practice depth: Our practices work together to solve the full range of IoT legal challenges, including product liability and product risk management, corporate transactions, intellectual property, privacy and cybersecurity, and litigation, among other disciplines.
  • Industry knowledge: Our industry teams are powered by lawyers with firsthand experience in dozens of key market sectors, including manufacturing, distribution, retail, consumer products, computer hardware, software and application development, insurance, automotive, natural resources, energy and utilities, and biomedical devices. We also work with local and state governments, as well as government contractors, that are leveraging IoT technology to create smart cities and improve infrastructure.  
  • Regulatory experience: Our regulatory lawyers have served in many of the U.S. agencies tasked with overseeing the products, processes, and services powered by IoT technology—including the Federal Trade Commission, Food & Drug Administration, Consumer Product Safety Commission, Department of Homeland Security, and Department of Health and Human Services. 

Working together, our multi-disciplinary team provides business and legal solutions that are as comprehensive and interconnected as the opportunities and challenges our clients face.

Solutions for Connected Products

"The IoT is opening remarkable doors, but with that new world of possibilities comes legal uncertainty. Leveraging what we already know, what we see in the works, and what we anticipate on the horizon is key to helping our clients continue to focus on what they do best—bring value to their customers."

Kate M. Growley, Crowell & Moring counsel and co-chair of ABA’s SciTech Section's Homeland Security Committee and vice-chair of the Public Contract Law Section’s Cybersecurity, Privacy & Data Protection Committee

Bringing connected products to market with speed requires a legal strategy that understands how to navigate the opportunities and challenges at every stage of the products' life cycles—from transactions to compliance strategies to mitigating risk and litigation that may follow. We advise clients on:

  • Regulatory, Privacy, and Data Security
    As lawmakers work to keep pace with the rapid development of IoT technologies, many businesses are operating in uncharted territory. Our regulatory team helps companies create comprehensive strategies to work with regulators and manage compliance. We help our clients mitigate risks and demonstrate reasonable care in the security and safety of IoT devices. 

    In the United States and in Europe, our team advises clients on cutting-edge issues, including privacy, data security, data transfer, and other cybersecurity requirements. At the forefront of risk mitigation is proactive attention to disclosures on data collection, security, and potential vulnerabilities. We help benchmark data security against regulator guidance and industry best practices to incorporate security, privacy, and safety by design. We also provide clients with data ownership reviews and toolkits, including strategies for data use and safeguarding ownership, privacy-related notices and choice, gap analysis and blueprint mapping, and training and regulatory monitoring.

  • Product Liability and Related Litigation
    Our lawyers have led the first litigation challenges involving interconnected products, including allegations of vulnerability to hacking. Our experience includes having successfully defended several class actions alleging that a product’s vulnerability to hacking constitutes a breach of warranty, product defect, and false advertising. We work with clients to mitigate these challenges and defend against litigation pertaining to safety, security, privacy, and a range of other concerns.

  • Corporate and Transactions
    We advise clients on IoT issues that arise across the full range of corporate activities and at every stage in the business lifecycle, from investment due diligence to contracts with vendors and suppliers, and from privacy disclosures to acquisition of consumer data and to customer agreements.

  • Intellectual Property Prosecution, Licensing, and Enforcement
    Our patent lawyers have deep experience serving businesses that are at the forefront of IoT. We understand the challenges of collaborative research activities and work directly with inventors and R&D departments to help identify patentable technologies, draft strong, defensible patent applications, and provide dispute resolution support in proceedings before the U.S. Patent and Trademark Office and in federal court. We regularly negotiate licensing agreements, technology transfers, information asset acquisitions, marketing and distribution agreements, and other deals that help clients maximize the return on intellectual property investments.

Industry Experience

"The FTC and other regulators are looking closely at how companies are securing the Internet of Things. Security is the critical component to take full advantage of the explosive growth opportunity IoT presents."

Kristin Madigan,
Crowell & Moring counsel and former attorney for FTC’s Division of Privacy and Identity Protection

We recognize that the best legal solutions arise out of an in-depth understanding of our clients’ industries. Our work in the IoT space draws on our experience in sectors that are leading the IoT revolution, including:

  • Automotive and Transportation
    From autonomous vehicles to air traffic control, our bench of experienced transportation attorneys works with leading automotive and Tier 1 equipment manufacturers, service providers, and app developers to address legal challenges arising from connected vehicles. 

  • Industrial and Manufacturing
    We work with a broad range of manufacturers whose connected products range from industrial equipment and parts to consumer electronics, wearables, robots, and home appliances.

  • Health Care and Medical Devices
    Our Digital Health team represents the makers of wearable medical devices, ingestible and embedded sensors, mobile health products, and wireless medical devices. Our team counsels on innovative digital health arrangements, data use, security, and safety of health IoT devices, helping clients achieve their innovation goals while minimizing regulatory and litigation risks. 

  • Connected Cities, Campuses, and Infrastructure
    Smart cities and campuses are routinely integrating information and communication technology to make public spaces safer and more efficient. As stakeholders draw on data to gain a better understanding of how community members live outside of the home, new questions are arising with regard to privacy, data security, compliance, data ownership, and the best ways to merge innovation, resources, and public and private interests. Our team brings deep government, regulatory, and litigation experience to help clients navigate this complex and evolving landscape. And our Government Contracts Practice is ranked “Band 1” in the nation by Chambers USA.       

  • Energy 
    We help energy providers and users address, develop, and deploy IoT products, particularly in the areas of distributed generation, microgrid technologies, advanced net metering, and blockchain-powered products, many of which utilize software controlled, networked, or otherwise “smart” devices. 

  • Insurance / Reinsurance
    Just as manufacturers and other entities are working to understand how exposure and liability standards may be changing as a result of the introduction of IoT—and how privacy and data control issues are changing as a result of IoT—insurers and reinsurers need to understand how to cover and mitigate risk for these kinds of exposures. Insurers also need to know how to integrate IoT data into their business operations. Our nationally esteemed Insurance / Reinsurance Group brings deep industry knowledge to help insurers navigate the new challenges posed by IoT in changing business models, policy wordings, and coverage litigation.