Internet of Things (IoT)

The Internet of Things (IoT) promises to revolutionize how businesses and consumers interact by connecting everyday electronic devices to the Internet and facilitating communication among those devices. Although IoT technologies are certainly new and require creative approaches, Crowell & Moring has been successfully handling the underlying legal issues the IoT raises – class action litigation risks, product liability risks and litigation, and privacy and cybersecurity compliance – for years. 

Litigation Challenges

Our lawyers have been involved in the first litigation challenges involving interconnected products and allegations of vulnerability to hacking. We successfully defended, and won, a class action alleging that a product’s vulnerability to hacking constitutes a breach of warranty or product defect. In many cases, we obtain favorable rulings for our clients by demonstrating plaintiffs have not suffered any injury. We also leverage our experience advising clients regarding regulatory requirements to meet jurors' expectations on whether the company met the appropriate standard of care which can differ depending on the circumstances. 

Compliance Focus

On the compliance front, we advise our clients on new and complex federal privacy and cybersecurity requirements and voluntary standards to meet government and customer expectations for protecting information systems and networks. We leverage lessons learned through ample products liability jury trial experience to provide compliance counseling that reduces clients' potential exposure to regulatory and litigation liability.  In many cases, we provide technical guidance or partner with technical experts to help clients implement cyber requirements and best practices, such as advising clients with automated factories and refineries on how to develop security vulnerability assessments and implement site security plans. We have also counseled clients on whether products present a safety hazard because of perceived vulnerabilities related to the interconnected technology incorporated into the product.

Our Approach

Tackling IoT is not just about ensuring compliance, mitigating risk, and preparing for challenges. We also understand our clients’ business goals and work closely with their legal, compliance, and business teams to develop strategies to maximize the data available to them through IoT and thus their bottom lines. We take an interdisciplinary approach to IoT that is shaped both by our litigation and regulatory experience and rooted in our knowledge of our clients’ industries, including health care, automotive, consumer products, security systems, telecommunications, aviation, oil and gas, and hospitality. Our IoT lawyers span practice groups such as Advertising & Product Risk Management, Privacy & Cybersecurity, Intellectual Property, and Product Liability & Torts – with many joining us after serving as high ranking federal government officials from agencies such as the Federal Trade Commission and the Food and Drug Administration. Our experience also extends internationally, covering European Union privacy, data protection, data transfer, and cybersecurity requirements. Through this experience, we help companies navigate the IoT challenges by providing services including:

  • Proactive counseling around technological capabilities and strategies for data use.
  • Conducting risk assessments designed to help companies identify and manage legal risk. 
  • Benchmarking data security against regulator guidance and industry best practices.
  • Helping companies meet regulator expectations to incorporate security by design and privacy by design into IoT product development.
  • Developing appropriate packaging, warnings, and disclaimers.
  • Tackling the challenges of privacy-related notice and choice, including privacy statements.
  • Preparing for an incident by developing incident response plans and toolkits, training employees, and conducting tabletop exercises.
  • Protecting intellectual property rights and enforcing those rights against infringers.
  • Negotiating licensing deals and obtaining the necessary intellectual property and technology rights.
  • Defending clients in investigations by government agencies such as the Federal Trade Commission (FTC).
  • Defending against class actions and product liability claims.